winbigsurvey.com/ID-iPhone-SpinFlag/index?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
308 Permanent Redirect 0 B URL User Request GET HTTP/2 winbigsurvey.com/ID-iPhone-SpinFlag/index?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
IP
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ID-iPhone-SpinFlag/index?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568 HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 308 Permanent Redirect
date: Mon, 29 May 2023 17:21:54 GMT
content-length: 0
location: /ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qN8uXAT%2B2lB0%2FcTXsIgOA3umxluXbgK%2FLnySiliu%2BeH%2F%2BCJOuIRPiGHhFdErbBzOK8WS%2F7LNRvXPKPTFqO1Gj6CRKyfa2PIebA2%2B6G305EUuXlWLCmWmFLh%2BECuu7BeqfZjn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cf06a9af934b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
winbigsurvey.com/ID-iPhone-SpinFlag/flag.png
200 OK 396 B URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/flag.png
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type PNG image data, 35 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 4946ce8ece16515620550ffaa4794454
a2ce2cc55eb329be83209b35501cf23f0f8a0891
8d39313e9143edeee5d38c05fce025fa4edffd461b46ddd6bcc9a7eddcc50e0f
GET /ID-iPhone-SpinFlag/flag.png HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/png
content-length: 396
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "c6d668a33eb97f55f7efe14138a920fb"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2F3rIE8rOd70RxBWQPDBomF7KMZ2c1HZ6%2FEp0wws50zPtanVX8PPPolDAQZzO1SVboFDVj9YzEQo%2FwjeFeFYmCOa9eeKrCrq8Ae9BUIWKfrU1DPyHQU%2FxyjmhWA2vHFJc1h9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c7bb51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/i14wheel.jpg
200 OK 42 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/i14wheel.jpg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 501x501, components 3\012- data
Hash 96609fbcc5f804cbe893946051325dbe
3f5a28fd0d29224836399ab8f4955c66046cd7bc
cb4e4f2e6895ba24c0ee34b0404cab1de81dfa3440b54e85a3f92e072da27b8a
GET /ID-iPhone-SpinFlag/i14wheel.jpg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/jpeg
content-length: 42443
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "5daed953a628014e2bdf1a464a91d5d4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOytgOf0LD1yYh5rMqzL2Fss0wqQadHpJXzH21Flh4%2BOWRiE2ryoznTWRvD3zwD6yjaCRK1tZg1w0lBd5UzkUb7OwGFE5laZbMiidDiHOu5%2Bt78E9gNOwIMMm3XrLEiQICB0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c7cb51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/14.jpg
200 OK 6.3 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/14.jpg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 165x212, components 3\012- data
Hash 83dea2fa1f2cff1c3c228260b4bbef9f
069c3bb290335ec373202bd52e9b064a372acf5d
64b10a435c7d01c123b1ad3c5b6c2a3a66b95e0dd5601d6c6b5bcb786881beca
GET /ID-iPhone-SpinFlag/14.jpg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/jpeg
content-length: 6271
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "c48844c16886c0e986bc6c9d4361a081"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmJlkU4gt8nynXBCFu0XwXZVCkJMCtaibt%2F9xPUmWpKdYAXvOF9t98G2WNMSYjkpNFdibsrg2xJukEE4oN4rMWOZ8LQw2rDJX8B755zojTUAmS0O3FxHjuVF5dob5JnIvubj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c84b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/4.jpeg
200 OK 1.1 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/4.jpeg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 6f44457c62359dac93d8092d7af63672
97020a1c8bd06962b1181385963f6b72dea2c902
b5958fd2d9043b4544b807259e74bba084a26acae998d2bd522d4acc62e9f4e5
Analyzer Verdict Alert fortinet Phishing
GET /ID-iPhone-SpinFlag/4.jpeg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/jpeg
content-length: 1068
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "38cd8155788f35a87a49c7bc081bec01"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFI1haE4VxAH5lQwbd%2F4B58ycr77ISC2Dg6EREqhX%2FgwxszmRCsSbXzxTGxGUILCs4uwJntAcYVoWfOsrRXbpYIUcFvtkbs85MZcbMfrDPO21IWHONtXlF6aZnUeG1UniC4E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c94b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/7.jpeg
200 OK 1.1 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/7.jpeg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 546e8c9e22c52b3e47dd2fe58f139fc9
204463ece3f1e0e497463d0b30cd3c988dcd0a17
9c2388e5c4d51f01e19af1c46805ca29ce7a558aad05e3eb9e565a7dc5a1127d
Analyzer Verdict Alert fortinet Phishing
GET /ID-iPhone-SpinFlag/7.jpeg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/jpeg
content-length: 1138
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "7e2f08fe998deb0793e12420a3c36e93"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fePI1GB6jGj8qzoPIg4n6nByaoFhiAACMCSQ%2BgjaKChtILwO1VKI8IIKp1mRv3gcCpu2dgtIrQz3zOiV%2FBSDscEASyCiPt871vVtn3ZtAzRVLfy6OwVOb7EG4BmgTH3asl9z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c8cb51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/like_user_1.jpeg
200 OK 1.3 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/like_user_1.jpeg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 2aa0d43e70d60d76ac4bdff139f8c7cb
d7e3433297ad90f5d99249aee29b645265c9f3eb
e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
Analyzer Verdict Alert fortinet Phishing
GET /ID-iPhone-SpinFlag/like_user_1.jpeg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/jpeg
content-length: 1293
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "9b2e5b29944560c02996cd0975502b7a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nk3%2B8%2Bu800R%2FEcCChF%2FnOTZ6ativhoQdZxxgb9ImDwcQTrZetU%2FNli8MuipIxZmQvovV4IZGlGHKIroh0GzmmbFq6tA72hezBl8RmVBWEmxSTTIQhL%2BZQfwdqczZECYACGNo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c86b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/footer_right.png
200 OK 4.9 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/footer_right.png
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type PNG image data, 168 x 66, 8-bit colormap, non-interlaced\012- data
Hash 0e786b7344ac0b63609290a3a415fc4f
c2e77827e895aaa13522f1c5c0ef79d4caef0bb2
f044237e4439b415a4947127f26fb14b4d32cf1d32ff51fd8f0ff4d21d2692e5
GET /ID-iPhone-SpinFlag/footer_right.png HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/png
content-length: 4919
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "3b6543f8aff814ffed2e98bb3f6ddce3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N19KYg4qG9NCwZxuyTh4%2Fl%2BvmD4nJt27IghgLoUqpr7aiFyve9IHa01FC8oId2CvA8btWSq8wcKH%2Fd4exnOyrqi0GE17v2Vf2hqZkzkwzpi2M6WwwPx5Vnix58X7TGa5QuB%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e7ca3b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/index.jpg
200 OK 5.8 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/index.jpg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 203x249, components 3\012- data
Hash 038a492cc0a3488f0547dafc24c15838
e49b0adb8e08131c54b71c3325b8e9cb9ce716f9
e25ba7e0c1b7e4bb61773bd32df4cf010a0d6c65e773fcc2bdc3454edf3401c0
GET /ID-iPhone-SpinFlag/index.jpg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/jpeg
content-length: 5846
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "23c0ea5465877e24a9c39af66ebef756"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKMGJRy82i213ZqZ0wkflHDfH6ZS0kUNUVo4kVz7pUUcZTJFcbavLWkerGCmr5Z4%2FMRsAduiBCilefV5TNmgcJZs7WSB%2BRel4GLZXhDqAGTpUeyR6NuWCvkEgaBb7YKh95XA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c80b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/like_user_2.jpeg
200 OK 1.2 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/like_user_2.jpeg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash f9299c2023539a8f27a6e1b12ed260e5
046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2
ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
Analyzer Verdict Alert fortinet Phishing
GET /ID-iPhone-SpinFlag/like_user_2.jpeg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/jpeg
content-length: 1216
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "cd7d77fc4dab25f900f23ab8780822c9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYbhhOe4Mpj2pSqmCu7z1FFGUtb8Cv7WmD1rhaLvXTzli2p6iL2GM8v%2FkeKe3A%2FRfbLtPHLGiv%2BsfuqsJWvNKuME1BDtrlfDUMr033p37Le%2FtKtajj9%2BZhScr2BWSkCJY60l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c8ab51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/8.jpeg
200 OK 1.2 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/8.jpeg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash b7f49f9e865aed63fc64a6d4c784df9e
b20038adf8b3312fae9f5f72a057d98c4f119ed8
54dc1727eabc97535b59704be621ca245f36376ee32acab675a40ff5ab1a389c
Analyzer Verdict Alert fortinet Phishing
GET /ID-iPhone-SpinFlag/8.jpeg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/jpeg
content-length: 1203
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "71970b9b9d26d1f567191eba02aa7536"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvEIeZivJcBShfa4iwenA4usYJTVNjqi0V1R8s7TK2SBAaJq6yEZHGn8oF6DATjGmhZTG199MNkZPxrYht1c82RfTevudH0gbfB6FtJK7ir1Q60Lc6PPwO4oB5wx45SeY4i6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e7c9cb51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/6.jpeg
200 OK 1.1 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/6.jpeg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash e957fbde5c4146a2740a772ce622c1f0
f8fc768f34f4be98f8dc098b42e8559d38523b3b
337434d918a2662370261fec6d9ec095ceaa27aa3249ef323be97f8183528eef
Analyzer Verdict Alert fortinet Phishing
GET /ID-iPhone-SpinFlag/6.jpeg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/jpeg
content-length: 1092
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "048eb09c3bf696b178688e3edfe260dd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPT9bBEFQz8Wgdg2d2rF8zVWc8I%2BTULH725DEjYw64tH9OQVMiQamSsn3GuwxocSliJ89xw7S3TayN93gC88qruh%2FPlPAnLY0ImMmY1vnzuuz0mMtBP7aVjKhxxgQdeER4Fv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c98b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/3.jpeg
200 OK 1.2 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/3.jpeg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3\012- data
Hash d10dfa46723e01a51116353ee511f4db
04dc2eb7734da000af852dd34d8e061055d61566
1e2f3f221d8d89df1d4ca3973eb346cd4b83ebb13df118f7278bb7a6ad35d924
Analyzer Verdict Alert fortinet Phishing
GET /ID-iPhone-SpinFlag/3.jpeg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/jpeg
content-length: 1183
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "687734afccf18bca9955ea44543a8dbe"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xG9HauYkZnF2hH8xjCpcS2Lusi5xxFMCCQvMmuNmH7dl52LTN05hnDwhWe0RirjMe5%2B%2FVpeI4j0%2FVlAWWv5jcYQOz9PFqr1bXRhDVXnLbGT0QiRh4zXcI7uO6DxKfj1Mmhe5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c95b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/ixo.png
200 OK 562 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/ixo.png
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type PNG image data, 423 x 880, 8-bit/color RGBA, non-interlaced\012- data
Size 562 kB (561946 bytes)
Hash 3db6e9a86a250c13268be4a224a40333
63fdc9bdf962bd044cc99800e68a7c945298e05b
0f3a2e2e7f8ab18b9513fd334f82e227911e2f0f378ddc63b8b34347f12534c6
GET /ID-iPhone-SpinFlag/ixo.png HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/png
content-length: 561946
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "0051a33ce0432471cb95c31a2e154e53"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F4BeHnVDtJhlBqlVLB1eWKi3bCM0iORkt0BSMWdg%2BF%2FVL77Gr6W4Xdr3ED%2BzrhwQJECOyV5LmJd1NPhSkmXEyX6QoiTdg%2BvC8mM5VdPM5xGHH02hOui4jazF6KS1aFUCL1%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c83b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/2.jpeg
200 OK 1.3 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/2.jpeg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3\012- data
Hash 9daf82b76b8477fa503d862af8cb74b1
541edfdc63ace3ab12f9b0cd3d79c862b1f548dc
f45eaab6cc5fad19d6aafef5daa7cf935f9139b3bcb2190eec5e1fd26a68c58d
Analyzer Verdict Alert fortinet Phishing
GET /ID-iPhone-SpinFlag/2.jpeg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:55 GMT
content-type: image/jpeg
content-length: 1254
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "da7a04bb388f062efbaef384b07b0b17"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myBEZPPuWprtrnQLhODvTRUjU%2BAjeWfsBuen53DVs8nXJMzsNEUFmL625ptDQMQ6eGJZNnM%2BlLmDOHmJdSR0uOocFDfHS2P6b1qGcW9TbUx8%2BNTp6LwcWD9wjM9bXWF%2BipFP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c91b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/1.jpeg
200 OK 1.3 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/1.jpeg
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash e28a5798007788d032feee066fa01efc
af4c6ee2a4688f615cc3c2ca3bb1937c759e99d5
722d0fbdeea1aa70ebe7b7e4a731a7b778e35d0bab46ad45c711ace64166fdaa
Analyzer Verdict Alert fortinet Phishing
GET /ID-iPhone-SpinFlag/1.jpeg HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:55 GMT
content-type: image/jpeg
content-length: 1258
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "00703d65a52cc8e49cb5b40e8061efdf"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8VRBurcyM9d5fKc9V%2BwQnVVduAs1a6sdRhlU8ml3HxypsP5zPGcbE4qOwl7nWY4lxkc9aKen8WRSBqZlTVEoun8DUhMy3ctpPXUZdQOXyZuACYtJxLP7QsggFeKNAIdDPdj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e6c9ab51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/clip_footer_3.png
200 OK 2.5 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/clip_footer_3.png
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type PNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data
Hash e1b626392882cc25b4d891afaa68afd4
454d7abdbc2548d04feb95436ea0ab4126b4f00b
ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
GET /ID-iPhone-SpinFlag/clip_footer_3.png HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: image/png
content-length: 2460
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "706c35ac9626fe7cad6cad2e3ed78cf3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFRz4uRSTTkDOG5PPsH8YIkkh4Ed5axBoiuVUWcHYMvRWTBrIuGbX66t6u8Bi6KYd3Nw9P%2FSN6TvGrcAwiIc%2FjGZJz3vgnhRSqo3PxKyWhVdaQQ1B525YL4XrBXGpHdJVUok"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9e7ca0b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/comment_action_2x.png
200 OK 641 B URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/comment_action_2x.png
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data
Hash e9b3872b3e63e19728176d45f0aa6986
b638f89d5d80c4cd65327da973c52f778e30bd55
a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
GET /ID-iPhone-SpinFlag/comment_action_2x.png HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:55 GMT
content-type: image/png
content-length: 641
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "9051b501a938dc2d8883f5fab13c401c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4ImsqTXsJ%2FNg7Fv0jHt86h3in%2BkbnP9mBuMs1CBtI4t3T099WEVSmDwYsb4FBeuFtpIUdmLdPzaypRgf8zc9QSiDtF%2FmjMs5szZBSYy1eh1p6mWmFyjNIqhE09oidFkyzvP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9f5e60b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/notify_2x.png
200 OK 229 B URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/notify_2x.png
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type PNG image data, 36 x 32, 8-bit gray+alpha, non-interlaced\012- data
Hash 988234626ae7a880ed9c6a92f6336c0f
173967c2b59baed4a06997d874aba32ab65da201
4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314
GET /ID-iPhone-SpinFlag/notify_2x.png HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:55 GMT
content-type: image/png
content-length: 229
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "6b45dc6a31d3d4062c29615fe0b98a64"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qd%2BwSR9IiGsUA%2BAQF0lb5Og2%2BBcY4t7h2mB107CsgQ3VafxUtwdfITDsKr1SqTYaVZj%2F01TIX%2FIhOeUc%2BTB32CGQ5%2BlvF%2FHXWw6duOUUHwVKQP8ic3kkUyd%2FKqmpERy%2B50ol"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9f5e50b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/action_icons_20px_2x.png
200 OK 1.7 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/action_icons_20px_2x.png
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Hash b699975b5fe73b087e711a33ff24ee1e
0e33cc5c32a5e7d18440751e3946076664caaf53
4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /ID-iPhone-SpinFlag/action_icons_20px_2x.png HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:55 GMT
content-type: image/png
content-length: 1726
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "2987e834107b7e35c3c404b4ddd14296"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DltubPxtekkGCMHbgwyaRX4pCY6dtBQnN%2FAqdlgRlE5H1fHfi3Gz0pz30UlKn1Vsia%2BGEJIlJCDUuiAHoeI4a9JCr3dPAu6dQridealMoC6BhOEuQzwuOjh%2BPPCLQ8hZ7raZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9f5e5bb51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/style.css
200 OK 6.1 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/style.css
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
Hash 8c24a5cb4c55b9d6cd3029f5fd2c6fe7
e7371a614b9902e7a1256ab05cfb58d2a332c3e8
ac21c169cac551dc3ce8ee3c85f35d8c16fc76c3006618f39f428798904656f6
GET /ID-iPhone-SpinFlag/style.css HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"ffd7f948346ce664bf75cb6ac5a4442b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G6GvFGXKpCBd1fp1iXXao5Po9%2F8SjHwttdgFQ6WvWji1O7vpXTWSKjgbHO%2B1pPKAU%2B1fQAuH72mmf6%2B36RwgQ4U3OzavRLSHgG90B71R5tymcQApyraHo7k51WdFQT4muD7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7cf06a9e6c75b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/menu_2x.png
200 OK 124 B URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/menu_2x.png
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type PNG image data, 40 x 36, 8-bit gray+alpha, non-interlaced\012- data
Hash 8f68efd9388ccd80b43759b2ed542305
9f2cf96efe3bdec2ab64bc51856619cc02958fe6
455b82fa1e54fc88fe0699eabecb02155f1d6228e0ae3d7f72e1abe92dae8f3c
GET /ID-iPhone-SpinFlag/menu_2x.png HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:55 GMT
content-type: image/png
content-length: 124
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "a55d3d499644740fc2ad414a4e2132c8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0Dtwjg0JlLDRBIafrPqPvp%2ByX%2ByUwfWfXxASbh4LWOWIhtVatAlSI7jXJYCbWB2%2FZMd3M37iTF6EnAKKS03ewAKjmf95CsG%2Fu3rXtK5OBoim9WIU%2FOFlJ9No0o5gmsqAdAG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9f5e4fb51b-OSL
alt-svc: h3=":443"; ma=86400
hop.greenbluefrog.click/js/pub.min.js
200 OK 1.5 kB URL GET HTTP/2 hop.greenbluefrog.click/js/pub.min.js
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjecthop.greenbluefrog.click
FingerprintCE:A2:6C:BC:81:F9:3B:C1:3B:FB:26:60:24:8C:E2:8B:9C:79:65:C9
ValidityFri, 07 Apr 2023 03:14:42 GMT - Thu, 06 Jul 2023 03:14:41 GMT
File type ASCII text, with very long lines (2752)
Hash 842d4889c73f6664245d70112389026a
3f5d934289e1acfebce633760640881a81ac8299
99f43e50f4179af4ebf4c93668866d5a5607914fa0a5daa087354c3159d3fa03
GET /js/pub.min.js HTTP/1.1
Host: hop.greenbluefrog.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 17:21:55 GMT
content-type: application/javascript
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Tue, 30 May 2023 17:21:55 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
X-Firefox-Spdy: h2
winbigsurvey.com/favicon.ico
200 OK 3.0 kB URL GET HTTP/3 winbigsurvey.com/favicon.ico
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3124), with no line terminators
Hash b4b645417322a39b864e6769e991f494
c05f6f6c1d4303713acdf9d836bf5b55e07a97be
f79c9213bb54321682e050418fc25dceb9855dd8ff33d2106c3237ed213fa752
GET /favicon.ico HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow4GUGHeoUcfW%2FfAy0GVLWb8NjQuYJVgVe%2FRzDoebkfOq0JgAn3%2B2N5bcVvvNaWWUvIrwM6Ji4uxDc1GkmYj9wOQs8UMYh3d8BYd%2B8bd6lLDmO%2BIwGRwQg1Pl0JfkiL0%2F6D0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7cf06aa0f953b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/spin_prize2.png
200 OK 2.8 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/spin_prize2.png
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type PNG image data, 142 x 173, 8-bit colormap, non-interlaced\012- data
Hash f278c8d30fc51b72e0774b9ecb49214c
03b574db82b31ee5758eb5093fda8ea25d1b00d8
43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c
GET /ID-iPhone-SpinFlag/spin_prize2.png HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:55 GMT
content-type: image/png
content-length: 2814
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "974e1465fe4d9ef295b8e49f5cdfc392"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9nWJC%2FS20JWRdtN2bCpwevapq3XmFtwnCQQHL8a3hlrYMhq8PCeDkxuglkbyUIWkot28M2IRe2Jq%2Ftte%2Bw4LPw8ulaK1Oe%2B%2B0XCcEJTO4JHEQ0Y1ps7VxKRcUx22e78mHeb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7cf06a9f5e52b51b-OSL
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/main_script.js
200 OK 2.9 kB URL GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/main_script.js
IP
Requested by https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
File type ASCII text, with very long lines (3045), with no line terminators
Hash dee36c0431f2ed8108d312bc6b98e284
441ce96e3ac19e0e3f31db988cba22cad145e6d3
fb7c436692a3e1a4ce32cb7dbd0b5f4297c62745d0c7085ada99e8f8cb30b088
Analyzer Verdict Alert fortinet Phishing
GET /ID-iPhone-SpinFlag/main_script.js HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"a5c4f18c627e48e33db195ed879464f4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KZlJNt8ZVYC9E6wT08XTJSxQ%2B01oRMgfsAOpzQ58QWj32T%2BL2QwwyhtRjYGoL3V0jrJNMHZ7v7DQ1vD9u7X%2F5txlHarXjmoM02NIqgnuOwlIl7%2BwrJiURjYX810pkLuQVuH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7cf06a9e7ca8b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
200 OK 15 kB URL User Request GET HTTP/3 winbigsurvey.com/ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568
IP
Certificate IssuerLet's Encrypt
Subjectwinbigsurvey.com
Fingerprint36:E1:35:65:EB:A1:A6:6D:26:6F:D8:F5:34:6D:81:D1:E9:73:B3:69
ValidityThu, 11 May 2023 06:57:49 GMT - Wed, 09 Aug 2023 06:57:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ID-iPhone-SpinFlag/?cep=qPrQCmq8ZmAbrxPhbjhF2EGtZFZCAslh4qqk5N7V3XAWwVZNjFPzElKrDVYTVity3Y910QR2eSEXjOJBSaGRFGf8iRZlmrWU9vNvPz3ZQS6QQcY5g_l4nDJf9LHF7-zoDv27gRMhGpXF2e_AGzsv7xuhhGzo7yK9WS2yfRoXp19pR6VJeTM_Z1__z84hA4yD_Ye5TY78wiEeqjHY7dX1BJFzJZpV_wMeLIB9sDfIJDJVFYdH8Mhhugb7u6Tt7saMbOXknEe97SMmiHGVbiukzOwcrsubEFoKHdPJbXkgEgip9Pk_sfRMxzJpuCCFc61t8GiSMa9ynCRt3cKF5CHYIqM4oa9Htlw-tD3W5v41g_KT-7YQtmBQIRya_yGgSNpgjwx0Ay_Hdp6Q2RMMQ4t2TwrT5XBqVE8YY2wnyl6VHFc&lptoken=16af8509383927a30568 HTTP/1.1
Host: winbigsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 29 May 2023 17:21:54 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpTY12arbX1h7jSSPNqIS473ZdPIjTH7TBEwt7vCWBI%2BVGyi%2BJKjFvTPnmpPr1G8RCXW1ZfrzVrjtZeJAiYI4ll2N5c257q%2BR1lJgRKuiAAnN%2FfgQitkALU9EfAyV6BwyMbi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cf06a9befcdb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
104.21.37.177
108.178.23.115