bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
143.204.55.25200 OK 6.0 kB URL HTTP/1.1 bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
IP 143.204.55.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4144)
Hash aaa5917e799564fdaee29a11a7692c6f
cc09fc2de4377ea29acdf817d14ae05da7945960
37e0f936162d3197722d2970413bd0957c4c10d33e3b9b457d0c67cdd8420225
GET /gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:26 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 18 Sep 2022 04:06:45 GMT
ETag: W/"39b59ee28efa2ab8a6d188995c073a77"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qA8RGJD2fLM5mLP8JRDj20S3ORaKQLrLoZQjWEm6CTzF_MlcLIiyUg==
Age: 63140
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 21:12:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: enonLzMfQEBGlulRzokxFRPQdmfXCO1H_mUqaTraKaD3Z4gZY5WuTA==
Age: 1602
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R7-zG2B65RFcbb0Vr3lLArhgSm1k-EYWVBQ67Bc6ijKs34iCn5j82Q==
age: 61433
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8677
Expires: Mon, 19 Sep 2022 00:03:43 GMT
Date: Sun, 18 Sep 2022 21:39:06 GMT
Connection: keep-alive
bigwinstoday.com/gr/var+1/text.js
143.204.55.25200 OK 1.8 kB URL HTTP/1.1 bigwinstoday.com/gr/var+1/text.js
IP 143.204.55.25:0
Hash 9cd006d432fe70d153d9b316ea154c70
27218599de9cdfd8511c91e577803dfd405decfc
cd5948abd11d656786443bf4a2a0cc501832e3a7b4bdf206cca7392156798632
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/text.js HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 18 Sep 2022 20:05:14 GMT
ETag: W/"21519ccfca831cce560682d30dc5ba8b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CNC42VGZ5Pd8AWvP1FA9L7q7bF0BjuasaVTSlZI8y2MMV8SrflKXPQ==
Age: 5633
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 21:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
172.217.21.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (32025)
Hash 83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bigwinstoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 06:17:19 GMT
expires: Fri, 15 Sep 2023 06:17:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 314507
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bigwinstoday.com/gr/var+1/o.webp
143.204.55.25200 OK 1.6 kB URL HTTP/1.1 bigwinstoday.com/gr/var+1/o.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5f7381699cf34937a17c16b5690e8445
0ec381d7c61633f0bb98407df9d0f75fb8a5ab60
5c661eb9d790fbd723af0aabb594c66734fade23b05846873f27b2010134d0b9
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/o.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 1580
Connection: keep-alive
Date: Sun, 18 Sep 2022 13:31:17 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:28 GMT
ETag: "5f7381699cf34937a17c16b5690e8445"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 48-YPzhP_qHW0NTcCcxii-fuKXDj354TfaHYbdN5Luz7lbNC61enKA==
Age: 29269
bigwinstoday.com/gr/var+1/m_w2.png
143.204.55.25200 OK 1.5 kB URL HTTP/1.1 bigwinstoday.com/gr/var+1/m_w2.png
IP 143.204.55.25:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a705261115767aae48b96c475ceace7
91aa07b9ebd43b73cf3f3bf4bb27ea5308fbc86d
375d806aedce5a2d9b42dbe160c8fba001ca0c252213c0ad85578fc72e3740f8
GET /gr/var+1/m_w2.png HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1521
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:14 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:27 GMT
ETag: "0a705261115767aae48b96c475ceace7"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1jZAcjcX21FXqNluss7I8GsX0Hoj50pUIGwzDGXQJ6OC6TQJpwM-1Q==
Age: 5633
bigwinstoday.com/gr/var+1/3.webp
143.204.55.25200 OK 932 B URL HTTP/1.1 bigwinstoday.com/gr/var+1/3.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4ebb2d8f64f64cbf3ee41f711123002d
e157b1d7099d4ff95ecdbedfeab1af4cc56ca36c
c431df3801ff85ff8be8430e9f1e16003105c477de3133022a42bbbff2c043ec
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/3.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 932
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:21 GMT
ETag: "4ebb2d8f64f64cbf3ee41f711123002d"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t00J9axkZfpUE7r-0sD0Bc22V629HCs-rMOHN9eQoTesBzbFru6CTw==
Age: 5632
bigwinstoday.com/gr/var+1/a.webp
143.204.55.25200 OK 2.1 kB URL HTTP/1.1 bigwinstoday.com/gr/var+1/a.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c4d2ff794ed3cfd59568cad45a4bb515
d1bfc806dae7fab7a7f5b61c62afeb59b2d545c5
72840fba154dbf033594e5ee42856a1685af8bb5944e048fa0bbca55afdba63b
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/a.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 2068
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:23 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 07:47:19 GMT
ETag: "c4d2ff794ed3cfd59568cad45a4bb515"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: c2YRjm9ZHR79WHZEM4Wv4LKt_CLEGb6w5L10w3yXm-nyo7ImX-q3oA==
Age: 49908
bigwinstoday.com/gr/var+1/gift.webp
143.204.55.25200 OK 3.4 kB URL HTTP/1.1 bigwinstoday.com/gr/var+1/gift.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ae0a8274dc8c79b867b79e5e5569b1b5
c09f57fce5bb4f3991710cf289d06b8f5e5fdc47
784a61f7e1d774f10b357ffdeb16422b8a78609a70099e8c311a7efc3f1850b9
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/gift.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 3442
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:25 GMT
ETag: "ae0a8274dc8c79b867b79e5e5569b1b5"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V580AjGgSWmh-x0XA4W5WtSsZKobVQ5BkcIUloxpdGxfCNhArgZn9w==
Age: 5632
bigwinstoday.com/gr/var+1/6.webp
143.204.55.25200 OK 796 B URL HTTP/1.1 bigwinstoday.com/gr/var+1/6.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 48x48, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 903bf48585500c51c2b82c20da24430b
603d5c9789f7c0dd1eb3a912776a62a4aa6d21f8
ade868cdcabc65b088057f53af1cf69b8dd607d6d0b8838d98ec10a2d57b924e
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/6.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 796
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:22 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 16:50:48 GMT
ETag: "903bf48585500c51c2b82c20da24430b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WGA62qzUwA1-KPd7pztErz1vW5iGBAS_wLDYBVmyl8FfFAcc99hwlA==
Age: 17299
bigwinstoday.com/gr/var+1/5.webp
143.204.55.25200 OK 684 B URL HTTP/1.1 bigwinstoday.com/gr/var+1/5.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e134e565b6a34fde4180a41680c6585a
07adc849191a579b948ff122405f95ae1e13de90
cf19dbad01984892f4098fdd53b03af50162b65cbd20deb10dab322ed2da8a26
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/5.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 684
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:22 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 16:50:48 GMT
ETag: "e134e565b6a34fde4180a41680c6585a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VdXKckax2ilUAg5hKX0AdckKkILUxyr4rexPji7Wic67pq1is1S0lw==
Age: 17299
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 21:39:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bigwinstoday.com/gr/var+1/s.webp
143.204.55.25200 OK 2.7 kB URL HTTP/1.1 bigwinstoday.com/gr/var+1/s.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash dea3172fcefb788703d3ca0b84293c1e
08521b87f362d2fabac5fdf7eed97c7006c75d61
0378211ae11fb01dca7e61e46074e304464875f3de6572bbdb7552e48e17b433
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/s.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 2700
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 10:40:28 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 07:47:19 GMT
ETag: "dea3172fcefb788703d3ca0b84293c1e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Nr7AW-SCZ9-PaQIErgEcgKHS3wseuPjNWNvQKiNwQVPRlFK6Vm5yUQ==
Age: 49908
bigwinstoday.com/gr/var+1/i11-g.webp
143.204.55.25200 OK 3.0 kB URL HTTP/1.1 bigwinstoday.com/gr/var+1/i11-g.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7f697c0cfde57272e25e758f739287f7
5b23fdcd080ca4f9d307d1f7371397501aa96734
8ffde5b57c0e34a8747346c5479f1d60950396ac0a4a5e3215798c4b7d4ac358
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/i11-g.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 3034
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:25 GMT
ETag: "7f697c0cfde57272e25e758f739287f7"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PzPuDesiuhcaAYiPt_QjHxZUYmy-_qrF4HxgfhSGkIiQD7R0qX3_kQ==
Age: 5632
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 21:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bigwinstoday.com/gr/var+1/l.webp
143.204.55.25200 OK 220 B URL HTTP/1.1 bigwinstoday.com/gr/var+1/l.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ff5420b10e9b686c09db260712fa38b4
61d0def700599369c6faa1165e131001f4a39edb
0f81bf2fa614e54c4bef64e9d8e0a977250f8081ecf606cf6ef3337313061598
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/l.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 220
Connection: keep-alive
Date: Sun, 18 Sep 2022 13:31:19 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:27 GMT
ETag: "ff5420b10e9b686c09db260712fa38b4"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gzmN7x0m9Jh5rGRxB6nt4FFfnv5BLHvS9Uayf_5UoGp4mxLxs9jooQ==
Age: 29268
bigwinstoday.com/gr/var+1/1.webp
143.204.55.25200 OK 858 B URL HTTP/1.1 bigwinstoday.com/gr/var+1/1.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 31d2adce7415c824253d7dc526e0153a
0e2fe6c1866d1640fa10cca471359d73eb6a8b39
dfdaf0a49238d075aac91c23a61d290d0a322faa414def665ffb0e50763467c9
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/1.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 858
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:20 GMT
ETag: "31d2adce7415c824253d7dc526e0153a"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WmuMxVwwEg-V6Iw5pGIPTMEf_EC1bxUqJ8eGed-t5qe4xJTv1L1Jpw==
Age: 5632
bigwinstoday.com/gr/var+1/2.webp
143.204.55.25200 OK 1.2 kB URL HTTP/1.1 bigwinstoday.com/gr/var+1/2.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0b3be27b05c1af6ed53fa6a3575aaa10
66289a955c3b6bf9d6817c0689f1fa2fbae38d97
5fdde319b91904d1a582de39e1c709842e0030611d8b9026c3aecd47c575c9b1
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/2.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 1212
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:20 GMT
ETag: "0b3be27b05c1af6ed53fa6a3575aaa10"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fDLsG2EjdF2tgExf7A2Q7mPoFyYEIcrnPWWOKznNJV3WIli2MzG6Tg==
Age: 5632
bigwinstoday.com/gr/var+1/4.webp
143.204.55.25200 OK 990 B URL HTTP/1.1 bigwinstoday.com/gr/var+1/4.webp
IP 143.204.55.25:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7859efc0c347cd1f47f60fb0ed121b3b
dcee214de2519cd1e41c2c19a388adcda99b9ef8
8d021bc1fc1d6af3957cd52690f2bcfdac82145df0239cdfa0445f40b6c3d937
Analyzer Verdict Alert fortinet Phishing
GET /gr/var+1/4.webp HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 990
Connection: keep-alive
Date: Sun, 18 Sep 2022 20:05:15 GMT
Last-Modified: Fri, 02 Sep 2022 10:40:21 GMT
ETag: "7859efc0c347cd1f47f60fb0ed121b3b"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GEQZ530U-jFeh2i-I1JYzLIx4f5jBPxtgG9UdqtTBKxGQ2CIIlncMw==
Age: 5632
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 21:03:22 GMT
Expires: Sun, 18 Sep 2022 21:08:41 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7sy1by3G3zEuHDmKuwyiP6MNIiEnlpZUsVrpUMydCA_F2e5N1RArbQ==
Age: 2144
bigwinstoday.com/gr/var+1/2.jpg
143.204.55.25403 Forbidden 243 B URL HTTP/1.1 bigwinstoday.com/gr/var+1/2.jpg
IP 143.204.55.25:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 20d16a98ea321bc3bb291eceb69494c5
0cfc19e87278161204eebce6d1d5645a3a17b42a
a906cf26016b6b58c86d98eedc9432d127bfa4a12f9b670fd2f2cfa3fc09cf9a
GET /gr/var+1/2.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 18 Sep 2022 21:39:06 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rjYlNqZoHmJsWn8qTp7U3-YNx6Um6Qvg1tXtY1G88dbYN8dS4Bm34Q==
bigwinstoday.com/gr/var+1/1.jpg
143.204.55.25403 Forbidden 243 B URL HTTP/1.1 bigwinstoday.com/gr/var+1/1.jpg
IP 143.204.55.25:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 7dc59c08bb69e00f9a9b5a43562cd236
4907c521d370dcf722ac1f13594168d0f2f40cfc
5c72711294a427e50a1c2a19547d11c735ec3af53d1add169622ef79a5fb2298
GET /gr/var+1/1.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 18 Sep 2022 21:39:06 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3AefhouBRPxI01JuQEPym83GdulqcIcnSF9gCF_73NSThPp7Ms7kuQ==
bigwinstoday.com/gr/var+1/4.jpg
143.204.55.25403 Forbidden 243 B URL HTTP/1.1 bigwinstoday.com/gr/var+1/4.jpg
IP 143.204.55.25:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 715c45d380e5b55e5a179d4594980df0
3030447da7b77b8589fb3835da5988d0d7e1a1b4
a97f922a73a47d21e5a0255514a9111b0abb785526d52ead3ca6cf9ae22b4307
GET /gr/var+1/4.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/gr/var+1/index.html?cep=rRpuo5cVRSqzUYtScllaIndYWmq8L2z9hHC_Xdmbxrftv1R6ThYe7dU-e7m89La6MYpBCtWo0A05KvgYFfSWO9uQx41h4zNWkvkmDZbTB3aS-EbShhAmXj1aNtnTe2C5DzDuw5bZs5vbSb3qgN_48JLZ171nxUlzHIJCZshCflKrpG0PQZQ2vEoXXnpWrFyzhxClAVhUU4jOS98Av6tTRp6szVlV9jXu4iU58q3Y0Wu0H_v7UMqHrFMuZVggGs3IrIZzVmrrirMroS8toTP9pwFfcr7DlslGb8MNb_Jbm59bnDLWoVFcyIydBJED3MXV0YE4LnhYOvncK5RInD7HSMakQrSm0_J0b6zHp4Ues1rdUJLmoidnB-A7vJwEJWTi&lptoken=167063c051f155b6369a
HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 18 Sep 2022 21:39:06 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YC167W3xokwmj-LI2abn9FDoPwnmXQ6FPDbuoeiociqiWNHEKzDVGg==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1905
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 21:39:07 GMT
Last-Modified: Sun, 18 Sep 2022 21:07:22 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xiIP9tEzm/r/io8DE/tvCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bx/9RzlOcv9a5WTGP3iigW/OVU4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6362
Expires: Sun, 18 Sep 2022 23:25:10 GMT
Date: Sun, 18 Sep 2022 21:39:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6362
Expires: Sun, 18 Sep 2022 23:25:10 GMT
Date: Sun, 18 Sep 2022 21:39:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6362
Expires: Sun, 18 Sep 2022 23:25:10 GMT
Date: Sun, 18 Sep 2022 21:39:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6362
Expires: Sun, 18 Sep 2022 23:25:10 GMT
Date: Sun, 18 Sep 2022 21:39:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51d067e534c477ce996b3e806f6a132e
451c1f67948e45909e636828e3d2a3099de922f0
e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6869
x-amzn-requestid: 8d5cf972-bd9a-42b8-ba33-5dd05191e9f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6u1GspIAMF9vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e5e-12430c8c7122a3594aba8949;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: leqr7rYJyeBFlYuFM2D-wGJfb7_w-5HbW2Y1aHwjTzZ9_4MTFybNaA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:08:03 GMT
age: 84665
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e47c10c-5801-4548-a632-1dcfbd043a60.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e47c10c-5801-4548-a632-1dcfbd043a60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 354c71e744d302c316f492a8fb7642dc
cdf6caf4cd953e7b58bbb5f9a1512a4e3e06b792
f084331bd667f56556170c595391d888391284dbb7c18794d5033d5db1f07715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e47c10c-5801-4548-a632-1dcfbd043a60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7401
x-amzn-requestid: c59249dd-f9cb-4750-8287-65789c57fd77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6J-FaAoAMFZQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d72-6a68d771099a6006717a547f;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rt_KX4vcDiqF34OZdIeOfgEo5KmOxzuj9yCP2PMVJLYHT6a6kZ5-MQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:54 GMT
etag: "cdf6caf4cd953e7b58bbb5f9a1512a4e3e06b792"
content-type: image/jpeg
age: 85754
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q6pjncaouCXUu0Pz7v6xF_8ClxxVypUSeggW23Z-UTsPamKCTgwjmA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:00:17 GMT
age: 85131
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wxZ383nT9n_SBMH4D_k--23G7tb-2pQV0yDcUMvD17woMHbc2rx-NQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:53:55 GMT
age: 81913
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: 9f179e66-3c6f-4e53-94f2-989bf32a6b90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7gyHvboAMFSzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632572d1-799e74a63288269b79170d58;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9firpBGLDHkjq_CJX01tbyPPS9OXPsTfzC0dLioWt1Axg7Vw5LQ0xg==
via: 1.1 497370ec058751eb0d9251f66d50af5e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:15:02 GMT
age: 51846
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56ade9172e883c777dd974ca879bceba
b2aaf019e083443a6404c262206ee2e981d3165c
c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3tByM8rVW_WxdiBUCfXzxZWjMvH2PB2VQ290D-DLITqly6QQQKBNSw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:13:29 GMT
age: 51939
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2