Report - bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

Report Overview

Submitted URL
bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
IP
143.204.55.4
ASN
#16509 AMAZON-02
Submitted
2022-09-18 21:39:16
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	31 kB	172.217.21.170
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.190.4
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76
bigwinstoday.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	37 kB	143.204.55.25
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-18	medium	bigwinstoday.com/gr/var+1/text.js	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/o.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/3.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/a.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/gift.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/6.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/5.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/s.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/i11-g.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/l.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/1.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/2.webp	Phishing
2022-09-18	medium	bigwinstoday.com/gr/var+1/4.webp	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a	24 B	2023-03-07	2023-04-01
Pretty URL bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:14:25 Last Seen2023-04-01 11:18:32 Times Seen6 Hash b5bb5ba6ea3510967353846c113dac62 bf5b76c826effd873b0cad7ac9c339ed97be7a8a 5515267dd80bfe0e39a4452acea730c2f1d47d4712fa89ca1300e005ad905747 Loading...

	bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a	160 B	2023-03-07	2024-01-09
Pretty URL bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-01-09 18:54:44 Times Seen336 Hash 61ac36b6347c5cdd25dbacfa88de225f fe13720f4cb290124828a85348eff8a7130a9829 ca6b98daa8d6c0a9bf6f520d05ae95ff5a9ca6f292f5424c3a1a45a1b3d1b580 Loading...

	bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a	16 B	2023-03-07	2024-03-04
Pretty URL bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:44 Last Seen2024-03-04 04:42:06 Times Seen388 Hash c0187d2ab7c5c935ac9762d673545c36 ffd883ebf6f75274601214cf573efa3b6719f79c 09394cfc524d95090a4e1b045de9dc94bb29023fd1d9aa368f50a72b3dafa143 Loading...

	bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a	110 B	2023-03-07	2023-03-29
Pretty URL bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:14:25 Last Seen2023-03-29 21:49:22 Times Seen5 Hash 3bfb6bfc8547769a52704fa65ed4953a bba170cbc34425fadc6c42ebb2cd22c61646fd64 1ce9dd1aa074eace8897335154400a9ca5c6ee7ad5c8ed8259dcfbf79bf2feea Loading...

	bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a	7.0 kB	2023-03-07	2023-03-29
Pretty URL bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:14:25 Last Seen2023-03-29 21:49:22 Times Seen5 Hash d6c18ae94feda344418d26a01f201b6f ad5ab8df6be855b1f984da36b48a3448fff3506a 5f03d06daae17797357ffff6eb84296e3500d1fab41101446dfb5b16ffedaea9 Loading...

	bigwinstoday.com/gr/var+1/text.js	5.0 kB	2023-03-07	2023-03-29
Pretty URL bigwinstoday.com/gr/var+1/text.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:14:25 Last Seen2023-03-29 21:49:22 Times Seen5 Hash 21519ccfca831cce560682d30dc5ba8b 7223676122ea0f83809152eaac132a9ccd7ec194 2248d18b75dbf56f47d7c1a111802aac1fc704478d43c526c50715b92b91b3f7 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js	84 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 10:30:11 Times Seen15675 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

HTTP Transactions (38)

URL IP Response Size

bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

143.204.55.25

200 OK

6.0 kB

URL HTTP/1.1
bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4144)
Size
6.0 kB (6010 bytes)
Hash
aaa5917e799564fdaee29a11a7692c6f
cc09fc2de4377ea29acdf817d14ae05da7945960
37e0f936162d3197722d2970413bd0957c4c10d33e3b9b457d0c67cdd8420225

HTTP Headers

GET /gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:26 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 18 Sep 2022 04:06:45 GMT
ETag: W/"39b59ee28efa2ab8a6d188995c073a77"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qA8RGJD2fLM5mLP8JRDj20S3ORaKQLrLoZQjWEm6CTzF_MlcLIiyUg==
Age: 63140

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 21:12:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: enonLzMfQEBGlulRzokxFRPQdmfXCO1H_mUqaTraKaD3Z4gZY5WuTA==
Age: 1602

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R7-zG2B65RFcbb0Vr3lLArhgSm1k-EYWVBQ67Bc6ijKs34iCn5j82Q==
age: 61433
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8677
Expires: Mon, 19 Sep 2022 00:03:43 GMT
Date: Sun, 18 Sep 2022 21:39:06 GMT
Connection: keep-alive

bigwinstoday.com/gr/var+1/text.js

143.204.55.25

200 OK

1.8 kB

URL HTTP/1.1
bigwinstoday.com/gr/var+1/text.js
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text
Size
1.8 kB (1775 bytes)
Hash
9cd006d432fe70d153d9b316ea154c70
27218599de9cdfd8511c91e577803dfd405decfc
cd5948abd11d656786443bf4a2a0cc501832e3a7b4bdf206cca7392156798632

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/text.js HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 18 Sep 2022 20:05:14 GMT
ETag: W/"21519ccfca831cce560682d30dc5ba8b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CNC42VGZ5Pd8AWvP1FA9L7q7bF0BjuasaVTSlZI8y2MMV8SrflKXPQ==
Age: 5633

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 21:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

172.217.21.170

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32025)
Size
30 kB (29725 bytes)
Hash
83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421

HTTP Headers

GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bigwinstoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 06:17:19 GMT
expires: Fri, 15 Sep 2023 06:17:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 314507
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bigwinstoday.com/gr/var+1/o.webp

143.204.55.25

200 OK

1.6 kB

URL HTTP/1.1
bigwinstoday.com/gr/var+1/o.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.6 kB (1580 bytes)
Hash
5f7381699cf34937a17c16b5690e8445
0ec381d7c61633f0bb98407df9d0f75fb8a5ab60
5c661eb9d790fbd723af0aabb594c66734fade23b05846873f27b2010134d0b9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/o.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 1580
Connection: keep-alive
Date: Sun, 18 Sep 2022 13:31:17 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:28 GMT
ETag: "5f7381699cf34937a17c16b5690e8445"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 48-YPzhP_qHW0NTcCcxii-fuKXDj354TfaHYbdN5Luz7lbNC61enKA==
Age: 29269

bigwinstoday.com/gr/var+1/m_w2.png

143.204.55.25

200 OK

1.5 kB

URL HTTP/1.1
bigwinstoday.com/gr/var+1/m_w2.png
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1521 bytes)
Hash
0a705261115767aae48b96c475ceace7
91aa07b9ebd43b73cf3f3bf4bb27ea5308fbc86d
375d806aedce5a2d9b42dbe160c8fba001ca0c252213c0ad85578fc72e3740f8

HTTP Headers

GET /gr/var+1/m_w2.png HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1521
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:14 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:27 GMT
ETag: "0a705261115767aae48b96c475ceace7"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1jZAcjcX21FXqNluss7I8GsX0Hoj50pUIGwzDGXQJ6OC6TQJpwM-1Q==
Age: 5633

bigwinstoday.com/gr/var+1/3.webp

143.204.55.25

200 OK

932 B

URL HTTP/1.1
bigwinstoday.com/gr/var+1/3.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
932 B (932 bytes)
Hash
4ebb2d8f64f64cbf3ee41f711123002d
e157b1d7099d4ff95ecdbedfeab1af4cc56ca36c
c431df3801ff85ff8be8430e9f1e16003105c477de3133022a42bbbff2c043ec

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/3.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 932
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:21 GMT
ETag: "4ebb2d8f64f64cbf3ee41f711123002d"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t00J9axkZfpUE7r-0sD0Bc22V629HCs-rMOHN9eQoTesBzbFru6CTw==
Age: 5632

bigwinstoday.com/gr/var+1/a.webp

143.204.55.25

200 OK

2.1 kB

URL HTTP/1.1
bigwinstoday.com/gr/var+1/a.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.1 kB (2068 bytes)
Hash
c4d2ff794ed3cfd59568cad45a4bb515
d1bfc806dae7fab7a7f5b61c62afeb59b2d545c5
72840fba154dbf033594e5ee42856a1685af8bb5944e048fa0bbca55afdba63b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/a.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 2068
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:23 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 07:47:19 GMT
ETag: "c4d2ff794ed3cfd59568cad45a4bb515"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: c2YRjm9ZHR79WHZEM4Wv4LKt_CLEGb6w5L10w3yXm-nyo7ImX-q3oA==
Age: 49908

bigwinstoday.com/gr/var+1/gift.webp

143.204.55.25

200 OK

3.4 kB

URL HTTP/1.1
bigwinstoday.com/gr/var+1/gift.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.4 kB (3442 bytes)
Hash
ae0a8274dc8c79b867b79e5e5569b1b5
c09f57fce5bb4f3991710cf289d06b8f5e5fdc47
784a61f7e1d774f10b357ffdeb16422b8a78609a70099e8c311a7efc3f1850b9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/gift.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 3442
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:25 GMT
ETag: "ae0a8274dc8c79b867b79e5e5569b1b5"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V580AjGgSWmh-x0XA4W5WtSsZKobVQ5BkcIUloxpdGxfCNhArgZn9w==
Age: 5632

bigwinstoday.com/gr/var+1/6.webp

143.204.55.25

200 OK

796 B

URL HTTP/1.1
bigwinstoday.com/gr/var+1/6.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 48x48, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
796 B (796 bytes)
Hash
903bf48585500c51c2b82c20da24430b
603d5c9789f7c0dd1eb3a912776a62a4aa6d21f8
ade868cdcabc65b088057f53af1cf69b8dd607d6d0b8838d98ec10a2d57b924e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/6.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 796
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:22 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 16:50:48 GMT
ETag: "903bf48585500c51c2b82c20da24430b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WGA62qzUwA1-KPd7pztErz1vW5iGBAS_wLDYBVmyl8FfFAcc99hwlA==
Age: 17299

bigwinstoday.com/gr/var+1/5.webp

143.204.55.25

200 OK

684 B

URL HTTP/1.1
bigwinstoday.com/gr/var+1/5.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
684 B (684 bytes)
Hash
e134e565b6a34fde4180a41680c6585a
07adc849191a579b948ff122405f95ae1e13de90
cf19dbad01984892f4098fdd53b03af50162b65cbd20deb10dab322ed2da8a26

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/5.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 684
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:22 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 16:50:48 GMT
ETag: "e134e565b6a34fde4180a41680c6585a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VdXKckax2ilUAg5hKX0AdckKkILUxyr4rexPji7Wic67pq1is1S0lw==
Age: 17299

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 21:39:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

bigwinstoday.com/gr/var+1/s.webp

143.204.55.25

200 OK

2.7 kB

URL HTTP/1.1
bigwinstoday.com/gr/var+1/s.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.7 kB (2700 bytes)
Hash
dea3172fcefb788703d3ca0b84293c1e
08521b87f362d2fabac5fdf7eed97c7006c75d61
0378211ae11fb01dca7e61e46074e304464875f3de6572bbdb7552e48e17b433

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/s.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 2700
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:28 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 07:47:19 GMT
ETag: "dea3172fcefb788703d3ca0b84293c1e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Nr7AW-SCZ9-PaQIErgEcgKHS3wseuPjNWNvQKiNwQVPRlFK6Vm5yUQ==
Age: 49908

bigwinstoday.com/gr/var+1/i11-g.webp

143.204.55.25

200 OK

3.0 kB

URL HTTP/1.1
bigwinstoday.com/gr/var+1/i11-g.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.0 kB (3034 bytes)
Hash
7f697c0cfde57272e25e758f739287f7
5b23fdcd080ca4f9d307d1f7371397501aa96734
8ffde5b57c0e34a8747346c5479f1d60950396ac0a4a5e3215798c4b7d4ac358

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/i11-g.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 3034
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:25 GMT
ETag: "7f697c0cfde57272e25e758f739287f7"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PzPuDesiuhcaAYiPt_QjHxZUYmy-_qrF4HxgfhSGkIiQD7R0qX3_kQ==
Age: 5632

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 21:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bigwinstoday.com/gr/var+1/l.webp

143.204.55.25

200 OK

220 B

URL HTTP/1.1
bigwinstoday.com/gr/var+1/l.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
220 B (220 bytes)
Hash
ff5420b10e9b686c09db260712fa38b4
61d0def700599369c6faa1165e131001f4a39edb
0f81bf2fa614e54c4bef64e9d8e0a977250f8081ecf606cf6ef3337313061598

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/l.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 220
Connection: keep-alive
Date: Sun, 18 Sep 2022 13:31:19 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:27 GMT
ETag: "ff5420b10e9b686c09db260712fa38b4"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gzmN7x0m9Jh5rGRxB6nt4FFfnv5BLHvS9Uayf_5UoGp4mxLxs9jooQ==
Age: 29268

bigwinstoday.com/gr/var+1/1.webp

143.204.55.25

200 OK

858 B

URL HTTP/1.1
bigwinstoday.com/gr/var+1/1.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
858 B (858 bytes)
Hash
31d2adce7415c824253d7dc526e0153a
0e2fe6c1866d1640fa10cca471359d73eb6a8b39
dfdaf0a49238d075aac91c23a61d290d0a322faa414def665ffb0e50763467c9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/1.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 858
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:20 GMT
ETag: "31d2adce7415c824253d7dc526e0153a"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WmuMxVwwEg-V6Iw5pGIPTMEf_EC1bxUqJ8eGed-t5qe4xJTv1L1Jpw==
Age: 5632

bigwinstoday.com/gr/var+1/2.webp

143.204.55.25

200 OK

1.2 kB

URL HTTP/1.1
bigwinstoday.com/gr/var+1/2.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.2 kB (1212 bytes)
Hash
0b3be27b05c1af6ed53fa6a3575aaa10
66289a955c3b6bf9d6817c0689f1fa2fbae38d97
5fdde319b91904d1a582de39e1c709842e0030611d8b9026c3aecd47c575c9b1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/2.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 1212
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:20 GMT
ETag: "0b3be27b05c1af6ed53fa6a3575aaa10"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fDLsG2EjdF2tgExf7A2Q7mPoFyYEIcrnPWWOKznNJV3WIli2MzG6Tg==
Age: 5632

bigwinstoday.com/gr/var+1/4.webp

143.204.55.25

200 OK

990 B

URL HTTP/1.1
bigwinstoday.com/gr/var+1/4.webp
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
990 B (990 bytes)
Hash
7859efc0c347cd1f47f60fb0ed121b3b
dcee214de2519cd1e41c2c19a388adcda99b9ef8
8d021bc1fc1d6af3957cd52690f2bcfdac82145df0239cdfa0445f40b6c3d937

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gr/var+1/4.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 990
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:21 GMT
ETag: "7859efc0c347cd1f47f60fb0ed121b3b"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GEQZ530U-jFeh2i-I1JYzLIx4f5jBPxtgG9UdqtTBKxGQ2CIIlncMw==
Age: 5632

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 21:03:22 GMT
Expires: Sun, 18 Sep 2022 21:08:41 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7sy1by3G3zEuHDmKuwyiP6MNIiEnlpZUsVrpUMydCA_F2e5N1RArbQ==
Age: 2144

bigwinstoday.com/gr/var+1/2.jpg

143.204.55.25

403 Forbidden

243 B

URL HTTP/1.1
bigwinstoday.com/gr/var+1/2.jpg
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
XML 1.0 document text\012- XML document, ASCII text
Size
243 B (243 bytes)
Hash
20d16a98ea321bc3bb291eceb69494c5
0cfc19e87278161204eebce6d1d5645a3a17b42a
a906cf26016b6b58c86d98eedc9432d127bfa4a12f9b670fd2f2cfa3fc09cf9a

HTTP Headers

GET /gr/var+1/2.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 18 Sep 2022 21:39:06 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rjYlNqZoHmJsWn8qTp7U3-YNx6Um6Qvg1tXtY1G88dbYN8dS4Bm34Q==

bigwinstoday.com/gr/var+1/1.jpg

143.204.55.25

403 Forbidden

243 B

URL HTTP/1.1
bigwinstoday.com/gr/var+1/1.jpg
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
XML 1.0 document text\012- XML document, ASCII text
Size
243 B (243 bytes)
Hash
7dc59c08bb69e00f9a9b5a43562cd236
4907c521d370dcf722ac1f13594168d0f2f40cfc
5c72711294a427e50a1c2a19547d11c735ec3af53d1add169622ef79a5fb2298

HTTP Headers

GET /gr/var+1/1.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 18 Sep 2022 21:39:06 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3AefhouBRPxI01JuQEPym83GdulqcIcnSF9gCF_73NSThPp7Ms7kuQ==

bigwinstoday.com/gr/var+1/4.jpg

143.204.55.25

403 Forbidden

243 B

URL HTTP/1.1
bigwinstoday.com/gr/var+1/4.jpg
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
XML 1.0 document text\012- XML document, ASCII text
Size
243 B (243 bytes)
Hash
715c45d380e5b55e5a179d4594980df0
3030447da7b77b8589fb3835da5988d0d7e1a1b4
a97f922a73a47d21e5a0255514a9111b0abb785526d52ead3ca6cf9ae22b4307

HTTP Headers

GET /gr/var+1/4.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a

HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 18 Sep 2022 21:39:06 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YC167W3xokwmj-LI2abn9FDoPwnmXQ6FPDbuoeiociqiWNHEKzDVGg==

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1905
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 21:39:07 GMT
Last-Modified: Sun, 18 Sep 2022 21:07:22 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.190.4

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.190.4:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xiIP9tEzm/r/io8DE/tvCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bx/9RzlOcv9a5WTGP3iigW/OVU4=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6362
Expires: Sun, 18 Sep 2022 23:25:10 GMT
Date: Sun, 18 Sep 2022 21:39:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6362
Expires: Sun, 18 Sep 2022 23:25:10 GMT
Date: Sun, 18 Sep 2022 21:39:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6362
Expires: Sun, 18 Sep 2022 23:25:10 GMT
Date: Sun, 18 Sep 2022 21:39:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6362
Expires: Sun, 18 Sep 2022 23:25:10 GMT
Date: Sun, 18 Sep 2022 21:39:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6869 bytes)
Hash
51d067e534c477ce996b3e806f6a132e
451c1f67948e45909e636828e3d2a3099de922f0
e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6869
x-amzn-requestid: 8d5cf972-bd9a-42b8-ba33-5dd05191e9f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6u1GspIAMF9vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e5e-12430c8c7122a3594aba8949;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: leqr7rYJyeBFlYuFM2D-wGJfb7_w-5HbW2Y1aHwjTzZ9_4MTFybNaA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:08:03 GMT
age: 84665
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e47c10c-5801-4548-a632-1dcfbd043a60.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7401 bytes)
Hash
354c71e744d302c316f492a8fb7642dc
cdf6caf4cd953e7b58bbb5f9a1512a4e3e06b792
f084331bd667f56556170c595391d888391284dbb7c18794d5033d5db1f07715

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e47c10c-5801-4548-a632-1dcfbd043a60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7401
x-amzn-requestid: c59249dd-f9cb-4750-8287-65789c57fd77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6J-FaAoAMFZQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d72-6a68d771099a6006717a547f;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rt_KX4vcDiqF34OZdIeOfgEo5KmOxzuj9yCP2PMVJLYHT6a6kZ5-MQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:54 GMT
etag: "cdf6caf4cd953e7b58bbb5f9a1512a4e3e06b792"
content-type: image/jpeg
age: 85754
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11919 bytes)
Hash
f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q6pjncaouCXUu0Pz7v6xF_8ClxxVypUSeggW23Z-UTsPamKCTgwjmA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:00:17 GMT
age: 85131
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7788 bytes)
Hash
7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wxZ383nT9n_SBMH4D_k--23G7tb-2pQV0yDcUMvD17woMHbc2rx-NQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:53:55 GMT
age: 81913
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5827 bytes)
Hash
29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: 9f179e66-3c6f-4e53-94f2-989bf32a6b90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7gyHvboAMFSzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632572d1-799e74a63288269b79170d58;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9firpBGLDHkjq_CJX01tbyPPS9OXPsTfzC0dLioWt1Axg7Vw5LQ0xg==
via: 1.1 497370ec058751eb0d9251f66d50af5e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:15:02 GMT
age: 51846
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5133 bytes)
Hash
56ade9172e883c777dd974ca879bceba
b2aaf019e083443a6404c262206ee2e981d3165c
c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3tByM8rVW_WxdiBUCfXzxZWjMvH2PB2VQ290D-DLITqly6QQQKBNSw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:13:29 GMT
age: 51939
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (38)

URL HTTP/1.1

IP

ASN

File type

Size