urlquery - report: 0my.lotstolink.com/t/b11e64453ea7/2dda3b1e-71ca-11ed-9826-a7c13e531127/2dddfe48-71ca-11ed-9ec5-f9f689f6e36e

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (8)	344	No data	No data	23.36.76.226
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-12-01 17:14:08 UTC	34.102.187.140
0my.lotstolink.com (7)	0	2022-09-16 01:30:58 UTC	2022-12-01 13:56:39 UTC	66.195.197.18	Unknown ranking
ocsp.pki.goog (5)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.131
fonts.gstatic.com (3)	0	2014-09-09 00:40:21 UTC	2022-12-01 22:08:56 UTC	142.250.74.35	Domain (gstatic.com) ranked at: 540
unpkg.com (2)	11693	2016-01-07 23:26:01 UTC	2022-12-01 18:41:54 UTC	104.16.124.175
pushrev.neptuneadspush.com (2)	160570	2019-02-14 11:19:32 UTC	2022-12-01 20:42:27 UTC	172.64.129.25
ocsp.digicert.com (5)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-01 17:12:49 UTC	34.117.237.239
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-12-01 17:28:41 UTC	142.250.74.106
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	34.214.236.46
img-getpocket.cdn.mozilla.net (5)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76

Scan Date	Severity	Indicator	Comment
2022-12-01	2	0my.lotstolink.com/t/b11e64453ea7/2dda3b1e-71ca-11ed-9826-a7c13e531127/2ddd (...)	Phishing
2022-12-01	2	0my.lotstolink.com/t/b11e64453ea7/2dda3b1e-71ca-11ed-9826-a7c13e531127/2ddd (...)	Phishing
2022-12-01	2	0my.lotstolink.com/o/2XXQ6DLP/2dda3b1e-71ca-11ed-9826-a7c13e531127/?push=true	Phishing
2022-12-01	2	0my.lotstolink.com/_common/js/service-workers/neptuneads/service-worker.js	Phishing

Date	UQ / IDS / BL	URL	IP
2023-01-27 07:40:43 +0000	0 - 0 - 6	zd7bc.toconnectoffer.com/t/a4c85d49aa63/d7216 (...)	66.195.197.18
2023-01-26 21:11:43 +0000	0 - 0 - 6	zd7bc.toconnectoffer.com/t/a4c85d49aa63/f7e2b (...)	66.195.197.18
2022-12-20 12:52:02 +0000	0 - 0 - 2	twpj.propositionlinks.com/?kw=&s1=wd5c37aoq9r (...)	66.195.197.18
2022-12-18 08:52:45 +0000	0 - 0 - 2	23n.4qdx69gg2d.com/t/2e9423a84ad4/449b7360-7e (...)	66.195.197.18
2022-12-08 13:40:49 +0000	0 - 0 - 4	0my.lotstolink.com/t/fe312738ec36/da7ae386-76 (...)	66.195.197.18

Date	UQ / IDS / BL	URL	IP
2023-01-27 07:40:43 +0000	0 - 0 - 6	zd7bc.toconnectoffer.com/t/a4c85d49aa63/d7216 (...)	66.195.197.18
2023-01-26 21:11:43 +0000	0 - 0 - 6	zd7bc.toconnectoffer.com/t/a4c85d49aa63/f7e2b (...)	66.195.197.18
2023-01-21 14:03:49 +0000	0 - 0 - 3	usbfundapplication.com/index.php/jpZwiestowie (...)	209.136.203.47
2022-12-20 15:15:00 +0000	0 - 0 - 1	accesstractorsa.com/index.php/jpZwiestowiesto (...)	66.195.199.114
2022-12-20 12:52:02 +0000	0 - 0 - 2	twpj.propositionlinks.com/?kw=&s1=wd5c37aoq9r (...)	66.195.197.18

Date	UQ / IDS / BL	URL	IP
2023-01-26 18:00:02 +0000	0 - 0 - 5	0my.lotstolink.com/t/a4c85d49aa63/33368284-9d (...)	206.119.70.124
2023-01-25 07:05:59 +0000	0 - 0 - 8	0my.lotstolink.com/t/1ffa43c873ec/a2c7b2ba-9c (...)	206.119.70.124
2023-01-25 06:34:09 +0000	0 - 0 - 4	0my.lotstolink.com/t/9aa1b3eb815f/35771e5c-9c (...)	206.119.70.124
2023-01-25 05:29:14 +0000	0 - 0 - 5	0my.lotstolink.com/t/a4c85d49aa63/1efe351a-9c (...)	206.119.70.124
2023-01-25 04:55:41 +0000	0 - 0 - 8	0my.lotstolink.com/t/1ffa43c873ec/73b219fa-9c (...)	206.119.70.124

Date	UQ / IDS / BL	URL	IP
2022-12-03 22:20:49 +0000	0 - 0 - 4	0my.lotstolink.com/t/b11e64453ea7/ad4d122e-73 (...)	66.195.197.18
2022-12-03 03:52:38 +0000	0 - 0 - 4	0my.lotstolink.com/t/b11e64453ea7/e1497bd0-72 (...)	66.195.197.18
2022-12-02 00:11:36 +0000	0 - 0 - 4	0my.lotstolink.com/t/b11e64453ea7/cc0f28ac-71 (...)	66.195.197.18
2022-11-30 10:10:10 +0000	0 - 0 - 3	0my.lotstolink.com/t/b11e64453ea7/1d9f868e-70 (...)	66.195.197.18
2022-11-30 03:55:19 +0000	0 - 0 - 4	0my.surveyrewards.fun/t/b11e64453ea7/bfc72596 (...)	179.61.143.208

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7671 Expires: Fri, 02 Dec 2022 00:55:49 GMT Date: Thu, 01 Dec 2022 22:47:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bbb845b153026fc5332dd4506585b57 Sha1: 3cad200fac28fd00f34ce6ef79373e661e188743 Sha256: 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1018 Cache-Control: max-age=129612 Date: Thu, 01 Dec 2022 22:47:58 GMT Etag: "63888270-1d7" Expires: Sat, 03 Dec 2022 10:48:10 GMT Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 0c748388899e8a8d3680355da2ea5020 Sha1: 903c620cd137613daafb0da0508c37b2f4a67212 Sha256: 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 01 Dec 2022 22:18:09 GMT cache-control: public,max-age=3600 age: 1789 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2468 Expires: Thu, 01 Dec 2022 23:29:06 GMT Date: Thu, 01 Dec 2022 22:47:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 55b4c61a1e99001307750e3647fe1102 Sha1: 7559f9f6770b7d3f45b723167062096312641e08 Sha256: 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 1Cd1qUSfp6zQLX8F5nQozJoDcapubJSLYBIeW63/+jcTM9dEdAhahQyzSQH0/Uph7NoQ60CX2R8= x-amz-request-id: 52CPJD7CZ0Q1NNJ7 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 01 Dec 2022 22:45:50 GMT age: 128 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /t/b11e64453ea7/2dda3b1e-71ca-11ed-9826-a7c13e531127/2dddfe48-71ca-11ed-9ec5-f9f689f6e36e HTTP/1.1 Host: 0my.lotstolink.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 0my.lotstolink.com/t/b11e64453ea7/2dda3b1e-71ca-11ed-98 (...) FQDN: 0my.lotstolink.com IP: 66.195.197.18 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 66.195.197.18 HTTP/1.1 301 Moved Permanently content-length: 0 location: https://0my.lotstolink.com/t/b11e64453ea7/2dda3b1e-71ca-11ed-9826-a7c13e531127/2dddfe48-71ca-11ed-9ec5-f9f689f6e36e --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 01 Dec 2022 22:47:58 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 01 Dec 2022 22:11:15 GMT cache-control: public,max-age=3600 age: 2203 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8f6cb26db7df4121451ec8787f0498aa44f2a01bdf07bea1b7bb6e27f3883811 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8F6CB26DB7DF4121451EC8787F0498AA44F2A01BDF07BEA1B7BB6E27F3883811" Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21572 Expires: Fri, 02 Dec 2022 04:47:31 GMT Date: Thu, 01 Dec 2022 22:47:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7cb3dd7173a9b59849e4d424ef439500 Sha1: 7967decbf4095769080638d103bef6e4efde3b2b Sha256: 8f6cb26db7df4121451ec8787f0498aa44f2a01bdf07bea1b7bb6e27f3883811
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 959 Cache-Control: max-age=124489 Date: Thu, 01 Dec 2022 22:47:59 GMT Etag: "63886ea9-1d7" Expires: Sat, 03 Dec 2022 09:22:48 GMT Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 1f88399f3fdd89dbb9ca1229cb67143a Sha1: 325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3 Sha256: 831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
GET /t/b11e64453ea7/2dda3b1e-71ca-11ed-9826-a7c13e531127/2dddfe48-71ca-11ed-9ec5-f9f689f6e36e HTTP/1.1 Host: 0my.lotstolink.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: 0my.lotstolink.com/t/b11e64453ea7/2dda3b1e-71ca-11ed-98 (...) FQDN: 0my.lotstolink.com IP: 66.195.197.18 HASH: 3b20decc7537f225c25dd03f918ae0f73d378c930212c8e1b9964817b895aaa6 66.195.197.18 HTTP/1.1 200 OK content-type: text/html; charset=UTF-8 date: Thu, 01 Dec 2022 22:47:59 GMT transfer-encoding: chunked service-worker-allowed: / cache-control: no-cache, private x-redir: true set-cookie: XSRF-TOKEN=eyJpdiI6IkJOcmhiQlVuOU1RY2tzUFR6RXdwckE9PSIsInZhbHVlIjoibGtCWnpkT2xTbHZ1ZFRVUDc0YzlXaE1yUklpRXV2RGNRa28xNEd4Z1JSczBSRDRuL09EcjhjUlhmeDM1Q3hPREtTTTlUWktxTmZITXh2ZmJqWlNEcGNRYU1tQ294MEgxTmJ3WktSTGZmREorUHVaanVuWU56QjJhYXRWK1A5am0iLCJtYWMiOiI5MzJlN2ZmMTkxZjRjODcyZDFiZWZhY2MyNWNlZTM2YmJhOThmOWRlYjk2OGY0YjlkNWE4Mjg5ZDk2NWNhMzExIiwidGFnIjoiIn0%3D; expires=Fri, 02 Dec 2022 00:47:59 GMT; Max-Age=7200; path=/; samesite=lax yredir_session=eyJpdiI6Ii92QkE1QWxQWDQ1UTRJT1lTT0tBSVE9PSIsInZhbHVlIjoiZzlnNFBIbmMxRTRJTUR5YzhKZVN1S0pBM2FVanVNQ2drTm9rczVFQU5rcGhwd29OYk5jUTdrVm9YYkoxM01nOEU5VWxMWUlWS21KSnl3RnpGckJ4Yi9meEVkZWhxajRBMTE5MGgxb3MrRmFLZ2dRZnhKQ2VUaCtqdkZNeHljeFMiLCJtYWMiOiJmZTY0NTM2ODgxZDgzOTNkNzE2YmE4OTVlZGUxM2I1ZjgxM2Y1ODZhYTE1Y2RiMzI2OTU2ZGZhNjBhNDAxNTQwIiwidGFnIjoiIn0%3D; expires=Fri, 02 Dec 2022 00:47:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax content-encoding: gzip strict-transport-security: max-age=15768000 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 1283 Md5: 4595a66dd92bf148b0043f23e08e4589 Sha1: d8b41a240c87d6089d21130b2592f06ddb491e82 Sha256: 3b20decc7537f225c25dd03f918ae0f73d378c930212c8e1b9964817b895aaa6 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 884ffbd3c4b70a88cd6b7fb2602b6693e8c1657c8a52a424d46db9e0c671251a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 922 Cache-Control: max-age=145349 Date: Thu, 01 Dec 2022 22:47:59 GMT Etag: "6388c04a-118" Expires: Sat, 03 Dec 2022 15:10:28 GMT Last-Modified: Thu, 01 Dec 2022 14:55:06 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 06fc2114946e9805db925bf54fbb908b Sha1: 2214214619ca63b6cdfad39a231a4aaba6c682c4 Sha256: 884ffbd3c4b70a88cd6b7fb2602b6693e8c1657c8a52a424d46db9e0c671251a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 22:47:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 05917f7542a781275c12d43562be1507 Sha1: 1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3 Sha256: 2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
GET /templates/templates/prelander_survey/css/style.css HTTP/1.1 Host: 0my.lotstolink.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6IkJOcmhiQlVuOU1RY2tzUFR6RXdwckE9PSIsInZhbHVlIjoibGtCWnpkT2xTbHZ1ZFRVUDc0YzlXaE1yUklpRXV2RGNRa28xNEd4Z1JSczBSRDRuL09EcjhjUlhmeDM1Q3hPREtTTTlUWktxTmZITXh2ZmJqWlNEcGNRYU1tQ294MEgxTmJ3WktSTGZmREorUHVaanVuWU56QjJhYXRWK1A5am0iLCJtYWMiOiI5MzJlN2ZmMTkxZjRjODcyZDFiZWZhY2MyNWNlZTM2YmJhOThmOWRlYjk2OGY0YjlkNWE4Mjg5ZDk2NWNhMzExIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Ii92QkE1QWxQWDQ1UTRJT1lTT0tBSVE9PSIsInZhbHVlIjoiZzlnNFBIbmMxRTRJTUR5YzhKZVN1S0pBM2FVanVNQ2drTm9rczVFQU5rcGhwd29OYk5jUTdrVm9YYkoxM01nOEU5VWxMWUlWS21KSnl3RnpGckJ4Yi9meEVkZWhxajRBMTE5MGgxb3MrRmFLZ2dRZnhKQ2VUaCtqdkZNeHljeFMiLCJtYWMiOiJmZTY0NTM2ODgxZDgzOTNkNzE2YmE4OTVlZGUxM2I1ZjgxM2Y1ODZhYTE1Y2RiMzI2OTU2ZGZhNjBhNDAxNTQwIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 0my.lotstolink.com/templates/templates/prelander_survey (...) FQDN: 0my.lotstolink.com IP: 66.195.197.18 HASH: b072454520047fe586018cfba4eaca1034cd723f512c9014902844b546328dbd 66.195.197.18 HTTP/1.1 403 Forbidden content-type: application/xml date: Wed, 30 Nov 2022 21:14:14 GMT x-varnish: 18908792 16681696 age: 92024 via: 1.1 varnish (Varnish/7.0) content-length: 243 strict-transport-security: max-age=15768000 --- Additional Info --- Magic: XML 1.0 document text\012- XML document, ASCII text Size: 243 Md5: bc95c9128f7deeb0fdb297d35e857364 Sha1: 58fa48d5aff57e311a985128d0183a4e1999fcb3 Sha256: b072454520047fe586018cfba4eaca1034cd723f512c9014902844b546328dbd
GET /css2?family=Roboto:wght@300;400;500;700;900&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css2?family=Roboto:wght@300;400;50 (...) FQDN: fonts.googleapis.com IP: 142.250.74.106 HASH: 168237cb16dc337adc57983e7b25fc63e0a812e7b22bd868100190368a845ddc 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 01 Dec 2022 22:47:59 GMT date: Thu, 01 Dec 2022 22:47:59 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1222 Md5: 6d2c4ac5781483ccff76da7d1198b1f1 Sha1: ce0eb6450244e13bf34a9b70fce722b5fa702d52 Sha256: 168237cb16dc337adc57983e7b25fc63e0a812e7b22bd868100190368a845ddc
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Rp4q0hr5m1YfU0us0IdHQw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 34.214.236.46 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.214.236.46 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: o5RkuVSxcOgj0zCHqgIH52XeBxA= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /o/2XXQ6DLP/2dda3b1e-71ca-11ed-9826-a7c13e531127/?push=true HTTP/1.1 Host: 0my.lotstolink.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6IkJOcmhiQlVuOU1RY2tzUFR6RXdwckE9PSIsInZhbHVlIjoibGtCWnpkT2xTbHZ1ZFRVUDc0YzlXaE1yUklpRXV2RGNRa28xNEd4Z1JSczBSRDRuL09EcjhjUlhmeDM1Q3hPREtTTTlUWktxTmZITXh2ZmJqWlNEcGNRYU1tQ294MEgxTmJ3WktSTGZmREorUHVaanVuWU56QjJhYXRWK1A5am0iLCJtYWMiOiI5MzJlN2ZmMTkxZjRjODcyZDFiZWZhY2MyNWNlZTM2YmJhOThmOWRlYjk2OGY0YjlkNWE4Mjg5ZDk2NWNhMzExIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Ii92QkE1QWxQWDQ1UTRJT1lTT0tBSVE9PSIsInZhbHVlIjoiZzlnNFBIbmMxRTRJTUR5YzhKZVN1S0pBM2FVanVNQ2drTm9rczVFQU5rcGhwd29OYk5jUTdrVm9YYkoxM01nOEU5VWxMWUlWS21KSnl3RnpGckJ4Yi9meEVkZWhxajRBMTE5MGgxb3MrRmFLZ2dRZnhKQ2VUaCtqdkZNeHljeFMiLCJtYWMiOiJmZTY0NTM2ODgxZDgzOTNkNzE2YmE4OTVlZGUxM2I1ZjgxM2Y1ODZhYTE1Y2RiMzI2OTU2ZGZhNjBhNDAxNTQwIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 0my.lotstolink.com/o/2XXQ6DLP/2dda3b1e-71ca-11ed-9826-a (...) FQDN: 0my.lotstolink.com IP: 66.195.197.18 HASH: e54288df09ef49fc1e1eb9b05342969f745ddac40fe9d549924944cf4e809d24 66.195.197.18 HTTP/1.1 302 Found content-type: text/html; charset=UTF-8 date: Thu, 01 Dec 2022 22:47:59 GMT transfer-encoding: chunked cache-control: no-cache, private location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=346f56d0-71ca-11ed-93bb-9badb67853bf&&push=true x-redir: true set-cookie: XSRF-TOKEN=eyJpdiI6Ii85cHBVN1FHZEVVZG1KRjBhRlRQZlE9PSIsInZhbHVlIjoidHlXeTFEa3I4V24xaVhjSDB4UmgvWE14eFZKR1oxQm0wQldhTUxUWGZjZzk5cXN5YXJKWC9mSUpRTmRxVmxTaVNWaEFFUVBFVjVtemlpR3duRERFajlMSlpDV3hMRGhLVVVwSUxDaVJ0bjRXRFB4THU3Ni9PYU5lcXpTSWFNSVMiLCJtYWMiOiJmNTAwY2NmNWFiOTU5NjI2OTdlNzVmZGIzYmM1ODI2Y2M4MmUxOTdmNjllNGEwZDAxY2VlYjVhMjFjZDkzZTc3IiwidGFnIjoiIn0%3D; expires=Fri, 02 Dec 2022 00:47:59 GMT; Max-Age=7200; path=/; samesite=lax yredir_session=eyJpdiI6Ik5FaHRXNmh2dUY1NG5CRFZ0cDNiV3c9PSIsInZhbHVlIjoiZWRDLzd0UmEvaWx1Y0p3NjVYUkVnaVdCY0ZoZW4zTTdpamNRckE0YnduOUhYRkx0VWR5dVRJLzVrZXZ5aFdzdjZhOW5XMkFyYjFreHRSVXB5VHkwK1UvYkkwdTArVWlsSlBBb2F0TEc2cmE2YmxST2h0N1Z5TFZ3WUhmdXpubjYiLCJtYWMiOiJhZTBlZWZkMzIwY2NkZGIyOTQ4MTMzNjFjNmVjM2I2ZDNhYzU3MWRlNDMxODFiMjIwNmRiZTdlZWQ1NTQ1ZTg3IiwidGFnIjoiIn0%3D; expires=Fri, 02 Dec 2022 00:47:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax strict-transport-security: max-age=15768000 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325) Size: 818 Md5: 025308163e51ae67361e536d0e91ebc2 Sha1: a7af2b914283b8a30a909741730accb6dc9eedbb Sha256: e54288df09ef49fc1e1eb9b05342969f745ddac40fe9d549924944cf4e809d24 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 19c564a4a5584444d4068dfc739cccdb62a5414d3de8554e12ff6aaa2c411b24 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=88270 Date: Thu, 01 Dec 2022 22:47:59 GMT Etag: "6387e4ed-116" Expires: Fri, 02 Dec 2022 23:19:09 GMT Last-Modified: Wed, 30 Nov 2022 23:19:09 GMT Server: nginx Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 01e6a87f170f3de2418c327beff944be Sha1: d572c86fb23db2b744d162af6ebe86beec67d051 Sha256: 19c564a4a5584444d4068dfc739cccdb62a5414d3de8554e12ff6aaa2c411b24
GET /templates/templates/prelander_survey/assets/giftcards.png HTTP/1.1 Host: 0my.lotstolink.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6IkJOcmhiQlVuOU1RY2tzUFR6RXdwckE9PSIsInZhbHVlIjoibGtCWnpkT2xTbHZ1ZFRVUDc0YzlXaE1yUklpRXV2RGNRa28xNEd4Z1JSczBSRDRuL09EcjhjUlhmeDM1Q3hPREtTTTlUWktxTmZITXh2ZmJqWlNEcGNRYU1tQ294MEgxTmJ3WktSTGZmREorUHVaanVuWU56QjJhYXRWK1A5am0iLCJtYWMiOiI5MzJlN2ZmMTkxZjRjODcyZDFiZWZhY2MyNWNlZTM2YmJhOThmOWRlYjk2OGY0YjlkNWE4Mjg5ZDk2NWNhMzExIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Ii92QkE1QWxQWDQ1UTRJT1lTT0tBSVE9PSIsInZhbHVlIjoiZzlnNFBIbmMxRTRJTUR5YzhKZVN1S0pBM2FVanVNQ2drTm9rczVFQU5rcGhwd29OYk5jUTdrVm9YYkoxM01nOEU5VWxMWUlWS21KSnl3RnpGckJ4Yi9meEVkZWhxajRBMTE5MGgxb3MrRmFLZ2dRZnhKQ2VUaCtqdkZNeHljeFMiLCJtYWMiOiJmZTY0NTM2ODgxZDgzOTNkNzE2YmE4OTVlZGUxM2I1ZjgxM2Y1ODZhYTE1Y2RiMzI2OTU2ZGZhNjBhNDAxNTQwIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 0my.lotstolink.com/templates/templates/prelander_survey (...) FQDN: 0my.lotstolink.com IP: 66.195.197.18 HASH: 32abd755f6d7952add226904ba7a8db18c520bd99152e455d0aabe2005253cbf 66.195.197.18 HTTP/1.1 200 OK content-type: image/png date: Wed, 30 Nov 2022 21:14:15 GMT last-modified: Fri, 11 Nov 2022 17:13:57 GMT etag: "49425ba5ce0567bbe0dcd246c1460e3c" content-length: 147142 x-varnish: 18941771 16681698 age: 92025 via: 1.1 varnish (Varnish/7.0) accept-ranges: bytes strict-transport-security: max-age=15768000 --- Additional Info --- Magic: PNG image data, 1065 x 336, 8-bit/color RGBA, non-interlaced\012- data Size: 147142 Md5: 49425ba5ce0567bbe0dcd246c1460e3c Sha1: f287d8ec9f72d536929bda03227f7b0cfe12208c Sha256: 32abd755f6d7952add226904ba7a8db18c520bd99152e455d0aabe2005253cbf
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 19c564a4a5584444d4068dfc739cccdb62a5414d3de8554e12ff6aaa2c411b24 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1 Cache-Control: max-age=88270 Date: Thu, 01 Dec 2022 22:48:00 GMT Etag: "6387e4ed-116" Expires: Fri, 02 Dec 2022 23:19:10 GMT Last-Modified: Wed, 30 Nov 2022 23:19:09 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 01e6a87f170f3de2418c327beff944be Sha1: d572c86fb23db2b744d162af6ebe86beec67d051 Sha256: 19c564a4a5584444d4068dfc739cccdb62a5414d3de8554e12ff6aaa2c411b24
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 22:48:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 980f31229421fd11df958496bea34502 Sha1: 648e03f048e6741beb1d4e10099b1429b79e4f00 Sha256: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 22:48:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 980f31229421fd11df958496bea34502 Sha1: 648e03f048e6741beb1d4e10099b1429b79e4f00 Sha256: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://0my.lotstolink.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4 (...) FQDN: fonts.gstatic.com IP: 142.250.74.35 HASH: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:34:15 GMT expires: Thu, 30 Nov 2023 19:34:15 GMT cache-control: public, max-age=31536000 age: 98025 last-modified: Wed, 11 May 2022 19:24:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size: 15860 Md5: e9f5aaf547f165386cd313b995dddd8e Sha1: acdef5603c2387b0e5bffd744b679a24a8bc1968 Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 22:48:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 27002fde234e78c7bde340bc621e933f Sha1: 1bdbe4f1861601b9300101a1e6b3c143ce077e03 Sha256: 48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://0my.lotstolink.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4 (...) FQDN: fonts.gstatic.com IP: 142.250.74.35 HASH: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e 142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15920 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:33:56 GMT expires: Thu, 30 Nov 2023 19:33:56 GMT cache-control: public, max-age=31536000 age: 98044 last-modified: Wed, 11 May 2022 19:24:45 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data Size: 15920 Md5: 3a44e06eb954b96aa043227f3534189d Sha1: 23cef6993ddb2b2979e8e7647fc3763694e2ba7d Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://0my.lotstolink.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 FQDN: fonts.gstatic.com IP: 142.250.74.35 HASH: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:33:54 GMT expires: Thu, 30 Nov 2023 19:33:54 GMT cache-control: public, max-age=31536000 age: 98046 last-modified: Wed, 11 May 2022 19:24:48 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 22:48:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 980f31229421fd11df958496bea34502 Sha1: 648e03f048e6741beb1d4e10099b1429b79e4f00 Sha256: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1 Host: 0my.lotstolink.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6Ii85cHBVN1FHZEVVZG1KRjBhRlRQZlE9PSIsInZhbHVlIjoidHlXeTFEa3I4V24xaVhjSDB4UmgvWE14eFZKR1oxQm0wQldhTUxUWGZjZzk5cXN5YXJKWC9mSUpRTmRxVmxTaVNWaEFFUVBFVjVtemlpR3duRERFajlMSlpDV3hMRGhLVVVwSUxDaVJ0bjRXRFB4THU3Ni9PYU5lcXpTSWFNSVMiLCJtYWMiOiJmNTAwY2NmNWFiOTU5NjI2OTdlNzVmZGIzYmM1ODI2Y2M4MmUxOTdmNjllNGEwZDAxY2VlYjVhMjFjZDkzZTc3IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Ik5FaHRXNmh2dUY1NG5CRFZ0cDNiV3c9PSIsInZhbHVlIjoiZWRDLzd0UmEvaWx1Y0p3NjVYUkVnaVdCY0ZoZW4zTTdpamNRckE0YnduOUhYRkx0VWR5dVRJLzVrZXZ5aFdzdjZhOW5XMkFyYjFreHRSVXB5VHkwK1UvYkkwdTArVWlsSlBBb2F0TEc2cmE2YmxST2h0N1Z5TFZ3WUhmdXpubjYiLCJtYWMiOiJhZTBlZWZkMzIwY2NkZGIyOTQ4MTMzNjFjNmVjM2I2ZDNhYzU3MWRlNDMxODFiMjIwNmRiZTdlZWQ1NTQ1ZTg3IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=125062a6-ffa1-029d-59a8-a683718d8714 Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	URL: 0my.lotstolink.com/_common/js/service-workers/neptunead (...) FQDN: 0my.lotstolink.com IP: 66.195.197.18 HASH: d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123 66.195.197.18 HTTP/1.1 200 OK content-type: application/javascript date: Wed, 30 Nov 2022 21:11:15 GMT last-modified: Fri, 20 May 2022 14:50:35 GMT etag: "1060884cf64d39c3fb28309d83ead97c" content-length: 90 service-worker-allowed: / x-varnish: 18511576 16557135 age: 92205 via: 1.1 varnish (Varnish/7.0) accept-ranges: bytes strict-transport-security: max-age=15768000 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 90 Md5: 1060884cf64d39c3fb28309d83ead97c Sha1: 6c370dffa201da316e7dc11ff7ac7fec556a1273 Sha256: d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123 Alerts: Blocklists: - fortinet: Phishing
GET /favicon.ico HTTP/1.1 Host: 0my.lotstolink.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6Ii85cHBVN1FHZEVVZG1KRjBhRlRQZlE9PSIsInZhbHVlIjoidHlXeTFEa3I4V24xaVhjSDB4UmgvWE14eFZKR1oxQm0wQldhTUxUWGZjZzk5cXN5YXJKWC9mSUpRTmRxVmxTaVNWaEFFUVBFVjVtemlpR3duRERFajlMSlpDV3hMRGhLVVVwSUxDaVJ0bjRXRFB4THU3Ni9PYU5lcXpTSWFNSVMiLCJtYWMiOiJmNTAwY2NmNWFiOTU5NjI2OTdlNzVmZGIzYmM1ODI2Y2M4MmUxOTdmNjllNGEwZDAxY2VlYjVhMjFjZDkzZTc3IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Ik5FaHRXNmh2dUY1NG5CRFZ0cDNiV3c9PSIsInZhbHVlIjoiZWRDLzd0UmEvaWx1Y0p3NjVYUkVnaVdCY0ZoZW4zTTdpamNRckE0YnduOUhYRkx0VWR5dVRJLzVrZXZ5aFdzdjZhOW5XMkFyYjFreHRSVXB5VHkwK1UvYkkwdTArVWlsSlBBb2F0TEc2cmE2YmxST2h0N1Z5TFZ3WUhmdXpubjYiLCJtYWMiOiJhZTBlZWZkMzIwY2NkZGIyOTQ4MTMzNjFjNmVjM2I2ZDNhYzU3MWRlNDMxODFiMjIwNmRiZTdlZWQ1NTQ1ZTg3IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=125062a6-ffa1-029d-59a8-a683718d8714 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 0my.lotstolink.com/favicon.ico FQDN: 0my.lotstolink.com IP: 66.195.197.18 HASH: 52aab5b4d884bd4c9d25335af7c0f074280177aa7feb1882536eca2f5fdf9dfc 66.195.197.18 HTTP/1.1 403 Forbidden content-type: application/xml date: Mon, 28 Nov 2022 15:54:14 GMT x-varnish: 18570034 10462126 age: 284025 via: 1.1 varnish (Varnish/7.0) content-length: 243 strict-transport-security: max-age=15768000 --- Additional Info --- Magic: XML 1.0 document text\012- XML document, ASCII text Size: 243 Md5: bec56048616f6f4df945c65bd80709d8 Sha1: 9557bec2f07eac8aacdcf935a52e61b0b456f5af Sha256: 52aab5b4d884bd4c9d25335af7c0f074280177aa7feb1882536eca2f5fdf9dfc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6451 Expires: Fri, 02 Dec 2022 00:35:31 GMT Date: Thu, 01 Dec 2022 22:48:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6451 Expires: Fri, 02 Dec 2022 00:35:31 GMT Date: Thu, 01 Dec 2022 22:48:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6451 Expires: Fri, 02 Dec 2022 00:35:31 GMT Date: Thu, 01 Dec 2022 22:48:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6451 Expires: Fri, 02 Dec 2022 00:35:31 GMT Date: Thu, 01 Dec 2022 22:48:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6451 Expires: Fri, 02 Dec 2022 00:35:31 GMT Date: Thu, 01 Dec 2022 22:48:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7591 x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGgMFRZIAMFl7g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 22:08:56 GMT etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf" age: 2344 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7591 Md5: d147ccb10bda82b153a596c3c967cd6a Sha1: ffd0763f997e71a8c1458523fc17cafe8849dfdf Sha256: 1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0842726-801f-4648-a54d-c0cb2cf5348a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9bc1f83d570d70b7e17e5de7a1546885851431ea989d915852ae7130387c422f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5675 x-amzn-requestid: a47e049a-6f76-4af4-8064-fd7722bcfb17 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGepGYEIAMFeQw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891df7-09e13afe27c4dc5b44e828be;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: U_3ah2pFrsQl9IVVqm9EVI99FnF79b9zOUFVBGX966JAjkDg6UF--A== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:47:56 GMT age: 3604 etag: "898d50ac6e372609656fccee27de3d036bc0281c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5675 Md5: 89502a302863c914b4de5e8c6a7f6846 Sha1: 898d50ac6e372609656fccee27de3d036bc0281c Sha256: 9bc1f83d570d70b7e17e5de7a1546885851431ea989d915852ae7130387c422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10270 x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfG1nEvYoAMFliA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: NQ21d2_5JO2Ym-LEnDecub9bK6wUyvM2zUf_XpfMGag83fVWlMjT8w== via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:50:09 GMT age: 3471 etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10270 Md5: 4c7113338bc3310b13d23ca415c177e2 Sha1: 2cb4edc6b161c6d2d5b47aa498ae54e677966466 Sha256: 3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11402 x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGzJHu-IAMFbYA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:51:33 GMT etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3" age: 3387 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11402 Md5: 1c80b8025242ddfcc816ec612456b99e Sha1: aa944d10fe4a44b790b01ef62edc0f85a6d558e3 Sha256: a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 2942 x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGeoGFYoAMFWgA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:34:47 GMT age: 4393 etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 2942 Md5: b47431190f34eccf0a6efb98e2a32b7d Sha1: 9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704 Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /tailwindcss@2.2.19/dist/tailwind.min.css HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: unpkg.com/tailwindcss@2.2.19/dist/tailwind.min.css FQDN: unpkg.com IP: 104.16.124.175 HASH: 4be5e501166020f83edf8f6412c1dd119060b6d06fd80a24f1c0395dce74de7b 104.16.124.175 HTTP/2 200 OK content-type: text/css; charset=utf-8 date: Thu, 01 Dec 2022 22:47:59 GMT access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 26 Oct 1985 08:15:00 GMT etag: W/"2cc503-cyTPK4s7rX9aC3Y3NNaHIxjV1fQ" via: 1.1 fly.io fly-request-id: 01G754V0K1N87VXS3DFFDMSPS9-fra cf-cache-status: HIT age: 12978256 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 772f5e240b58b511-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 283589 Md5: c409b5d05fe13242bbceae2140431636 Sha1: 891deb73071842ecf9f807cf62cc60d056b1973b Sha256: 4be5e501166020f83edf8f6412c1dd119060b6d06fd80a24f1c0395dce74de7b
GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=346f56d0-71ca-11ed-93bb-9badb67853bf&&push=true HTTP/1.1 Host: pushrev.neptuneadspush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1 (...) FQDN: pushrev.neptuneadspush.com IP: 172.64.129.25 172.64.129.25 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 22:48:00 GMT access-control-allow-origin: * vary: Accept-Encoding cache-control: max-age=2678400 cf-cache-status: MISS last-modified: Thu, 01 Dec 2022 22:48:00 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7nSxXcrpFTOfIwI7Gc2yewTEiPHWt6RSsJW6y2bG91nHDbZmJ4QNJGnbzop5RIisDlGUbinfy6mNclZ6XuwU9opyzZUFKv60fhx4q9yYRaaoJRlzr8hLB%2FfzztC2tTe1q0PuHjoaJFft0pPbg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 772f5e278e5076f9-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /javascripts/trackpush-v2-vapid.js?v=1&custom=true HTTP/1.1 Host: pushrev.neptuneadspush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: pushrev.neptuneadspush.com/javascripts/trackpush-v2-vap (...) FQDN: pushrev.neptuneadspush.com IP: 172.64.129.25 172.64.129.25 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 22:48:00 GMT access-control-allow-origin: * vary: Accept-Encoding cache-control: max-age=2678400 cf-cache-status: HIT age: 6039 last-modified: Thu, 01 Dec 2022 21:07:21 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSGeMrwLIaiVBLTlm5PG6wTUAmUn4iphpSjCTYOjmCdVbEDLLgcQum9Wvpr%2FHH%2BgnY4tnLLgNJgeIy7XNeKwX6cqRKdEUE0njvyGNYd4njJH9RXVnGVWmP0Egr1mcBOg6x2N5ecJVpnO9nBO6w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 772f5e29797d76f9-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /tailwindcss@%5E2/dist/tailwind.min.css HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: unpkg.com/tailwindcss@%5E2/dist/tailwind.min.css FQDN: unpkg.com IP: 104.16.124.175 104.16.124.175 HTTP/2 302 Found content-type: text/plain; charset=utf-8 date: Thu, 01 Dec 2022 22:47:59 GMT access-control-allow-origin: * cache-control: public, s-maxage=600, max-age=60 location: /tailwindcss@2.2.19/dist/tailwind.min.css vary: Accept, Accept-Encoding via: 1.1 fly.io fly-request-id: 01GK7XS9ZTR27QW887P5P1ZBT7-ams cf-cache-status: HIT age: 224 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 772f5e23eb4ab511-OSL X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=7671 

                                        
                                            
Expires: Fri, 02 Dec 2022 00:55:49 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 22:47:58 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    3bbb845b153026fc5332dd4506585b57

                                                Sha1:   3cad200fac28fd00f34ce6ef79373e661e188743

                                                Sha256: 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 22:18:09 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 1789 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    30db107dcf4380cef05efea409c2e6a3

                                                Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9

                                                Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: 1Cd1qUSfp6zQLX8F5nQozJoDcapubJSLYBIeW63/+jcTM9dEdAhahQyzSQH0/Uph7NoQ60CX2R8= 

                                        
                                            
x-amz-request-id: 52CPJD7CZ0Q1NNJ7 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 22:45:50 GMT 

                                        
                                            
age: 128 

                                        
                                            
last-modified: Thu, 10 Nov 2022 09:21:27 GMT 

                                        
                                            
etag: "9ebddc2b260d081ebbefee47c037cb28" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    9ebddc2b260d081ebbefee47c037cb28

                                                Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39

                                                Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 22:47:58 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "8F6CB26DB7DF4121451EC8787F0498AA44F2A01BDF07BEA1B7BB6E27F3883811" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=21572 

                                        
                                            
Expires: Fri, 02 Dec 2022 04:47:31 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 22:47:59 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7cb3dd7173a9b59849e4d424ef439500

                                                Sha1:   7967decbf4095769080638d103bef6e4efde3b2b

                                                Sha256: 8f6cb26db7df4121451ec8787f0498aa44f2a01bdf07bea1b7bb6e27f3883811

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 22:47:59 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    05917f7542a781275c12d43562be1507

                                                Sha1:   1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3

                                                Sha256: 2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e

                                        
                                            GET /css2?family=Roboto:wght@300;400;500;700;900&display=swap HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.106

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Thu, 01 Dec 2022 22:47:59 GMT 

                                        
                                            
date: Thu, 01 Dec 2022 22:47:59 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1222

                                                Md5:    6d2c4ac5781483ccff76da7d1198b1f1

                                                Sha1:   ce0eb6450244e13bf34a9b70fce722b5fa702d52

                                                Sha256: 168237cb16dc337adc57983e7b25fc63e0a812e7b22bd868100190368a845ddc

                                        
                                            GET /templates/templates/prelander_survey/assets/giftcards.png HTTP/1.1 

                                        
                                            
Host: 0my.lotstolink.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: XSRF-TOKEN=eyJpdiI6IkJOcmhiQlVuOU1RY2tzUFR6RXdwckE9PSIsInZhbHVlIjoibGtCWnpkT2xTbHZ1ZFRVUDc0YzlXaE1yUklpRXV2RGNRa28xNEd4Z1JSczBSRDRuL09EcjhjUlhmeDM1Q3hPREtTTTlUWktxTmZITXh2ZmJqWlNEcGNRYU1tQ294MEgxTmJ3WktSTGZmREorUHVaanVuWU56QjJhYXRWK1A5am0iLCJtYWMiOiI5MzJlN2ZmMTkxZjRjODcyZDFiZWZhY2MyNWNlZTM2YmJhOThmOWRlYjk2OGY0YjlkNWE4Mjg5ZDk2NWNhMzExIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Ii92QkE1QWxQWDQ1UTRJT1lTT0tBSVE9PSIsInZhbHVlIjoiZzlnNFBIbmMxRTRJTUR5YzhKZVN1S0pBM2FVanVNQ2drTm9rczVFQU5rcGhwd29OYk5jUTdrVm9YYkoxM01nOEU5VWxMWUlWS21KSnl3RnpGckJ4Yi9meEVkZWhxajRBMTE5MGgxb3MrRmFLZ2dRZnhKQ2VUaCtqdkZNeHljeFMiLCJtYWMiOiJmZTY0NTM2ODgxZDgzOTNkNzE2YmE4OTVlZGUxM2I1ZjgxM2Y1ODZhYTE1Y2RiMzI2OTU2ZGZhNjBhNDAxNTQwIiwidGFnIjoiIn0%3D 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         66.195.197.18

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Wed, 30 Nov 2022 21:14:15 GMT 

                                        
                                            
last-modified: Fri, 11 Nov 2022 17:13:57 GMT 

                                        
                                            
etag: "49425ba5ce0567bbe0dcd246c1460e3c" 

                                        
                                            
content-length: 147142 

                                        
                                            
x-varnish: 18941771 16681698 

                                        
                                            
age: 92025 

                                        
                                            
via: 1.1 varnish (Varnish/7.0) 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
strict-transport-security: max-age=15768000 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 1065 x 336, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   147142

                                                Md5:    49425ba5ce0567bbe0dcd246c1460e3c

                                                Sha1:   f287d8ec9f72d536929bda03227f7b0cfe12208c

                                                Sha256: 32abd755f6d7952add226904ba7a8db18c520bd99152e455d0aabe2005253cbf

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 22:48:00 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    980f31229421fd11df958496bea34502

                                                Sha1:   648e03f048e6741beb1d4e10099b1429b79e4f00

                                                Sha256: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://0my.lotstolink.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15860 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 30 Nov 2022 19:34:15 GMT 

                                        
                                            
expires: Thu, 30 Nov 2023 19:34:15 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 98025 

                                        
                                            
last-modified: Wed, 11 May 2022 19:24:42 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data

                                                Size:   15860

                                                Md5:    e9f5aaf547f165386cd313b995dddd8e

                                                Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968

                                                Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://0my.lotstolink.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15920 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 30 Nov 2022 19:33:56 GMT 

                                        
                                            
expires: Thu, 30 Nov 2023 19:33:56 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 98044 

                                        
                                            
last-modified: Wed, 11 May 2022 19:24:45 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data

                                                Size:   15920

                                                Md5:    3a44e06eb954b96aa043227f3534189d

                                                Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d

                                                Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 22:48:00 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    980f31229421fd11df958496bea34502

                                                Sha1:   648e03f048e6741beb1d4e10099b1429b79e4f00

                                                Sha256: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: 0my.lotstolink.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: XSRF-TOKEN=eyJpdiI6Ii85cHBVN1FHZEVVZG1KRjBhRlRQZlE9PSIsInZhbHVlIjoidHlXeTFEa3I4V24xaVhjSDB4UmgvWE14eFZKR1oxQm0wQldhTUxUWGZjZzk5cXN5YXJKWC9mSUpRTmRxVmxTaVNWaEFFUVBFVjVtemlpR3duRERFajlMSlpDV3hMRGhLVVVwSUxDaVJ0bjRXRFB4THU3Ni9PYU5lcXpTSWFNSVMiLCJtYWMiOiJmNTAwY2NmNWFiOTU5NjI2OTdlNzVmZGIzYmM1ODI2Y2M4MmUxOTdmNjllNGEwZDAxY2VlYjVhMjFjZDkzZTc3IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Ik5FaHRXNmh2dUY1NG5CRFZ0cDNiV3c9PSIsInZhbHVlIjoiZWRDLzd0UmEvaWx1Y0p3NjVYUkVnaVdCY0ZoZW4zTTdpamNRckE0YnduOUhYRkx0VWR5dVRJLzVrZXZ5aFdzdjZhOW5XMkFyYjFreHRSVXB5VHkwK1UvYkkwdTArVWlsSlBBb2F0TEc2cmE2YmxST2h0N1Z5TFZ3WUhmdXpubjYiLCJtYWMiOiJhZTBlZWZkMzIwY2NkZGIyOTQ4MTMzNjFjNmVjM2I2ZDNhYzU3MWRlNDMxODFiMjIwNmRiZTdlZWQ1NTQ1ZTg3IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=125062a6-ffa1-029d-59a8-a683718d8714 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         66.195.197.18

                                        
                                            HTTP/1.1 403 Forbidden 

                                        
                                            
content-type: application/xml

                                        

                                        
                                            
date: Mon, 28 Nov 2022 15:54:14 GMT 

                                        
                                            
x-varnish: 18570034 10462126 

                                        
                                            
age: 284025 

                                        
                                            
via: 1.1 varnish (Varnish/7.0) 

                                        
                                            
content-length: 243 

                                        
                                            
strict-transport-security: max-age=15768000 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  XML 1.0 document text\012- XML document, ASCII text

                                                Size:   243

                                                Md5:    bec56048616f6f4df945c65bd80709d8

                                                Sha1:   9557bec2f07eac8aacdcf935a52e61b0b456f5af

                                                Sha256: 52aab5b4d884bd4c9d25335af7c0f074280177aa7feb1882536eca2f5fdf9dfc

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6451 

                                        
                                            
Expires: Fri, 02 Dec 2022 00:35:31 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 22:48:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ecab83d593cc540b02689be5be7abc8a

                                                Sha1:   81cda579b7b9b22332b85266b0126585f3d3f73f

                                                Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6451 

                                        
                                            
Expires: Fri, 02 Dec 2022 00:35:31 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 22:48:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ecab83d593cc540b02689be5be7abc8a

                                                Sha1:   81cda579b7b9b22332b85266b0126585f3d3f73f

                                                Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7591 

                                        
                                            
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cfGgMFRZIAMFl7g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA== 

                                        
                                            
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 22:08:56 GMT 

                                        
                                            
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf" 

                                        
                                            
age: 2344 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7591

                                                Md5:    d147ccb10bda82b153a596c3c967cd6a

                                                Sha1:   ffd0763f997e71a8c1458523fc17cafe8849dfdf

                                                Sha256: 1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10270 

                                        
                                            
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cfG1nEvYoAMFliA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: NQ21d2_5JO2Ym-LEnDecub9bK6wUyvM2zUf_XpfMGag83fVWlMjT8w== 

                                        
                                            
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 21:50:09 GMT 

                                        
                                            
age: 3471 

                                        
                                            
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10270

                                                Md5:    4c7113338bc3310b13d23ca415c177e2

                                                Sha1:   2cb4edc6b161c6d2d5b47aa498ae54e677966466

                                                Sha256: 3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 2942 

                                        
                                            
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cfGeoGFYoAMFWgA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g== 

                                        
                                            
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 21:34:47 GMT 

                                        
                                            
age: 4393 

                                        
                                            
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   2942

                                                Md5:    b47431190f34eccf0a6efb98e2a32b7d

                                                Sha1:   9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704

                                                Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

                                        
                                            GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=346f56d0-71ca-11ed-93bb-9badb67853bf&&push=true HTTP/1.1 

                                        
                                            
Host: pushrev.neptuneadspush.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.64.129.25

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
date: Thu, 01 Dec 2022 22:48:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cache-control: max-age=2678400 

                                        
                                            
cf-cache-status: MISS 

                                        
                                            
last-modified: Thu, 01 Dec 2022 22:48:00 GMT 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7nSxXcrpFTOfIwI7Gc2yewTEiPHWt6RSsJW6y2bG91nHDbZmJ4QNJGnbzop5RIisDlGUbinfy6mNclZ6XuwU9opyzZUFKv60fhx4q9yYRaaoJRlzr8hLB%2FfzztC2tTe1q0PuHjoaJFft0pPbg%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772f5e278e5076f9-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /tailwindcss@%5E2/dist/tailwind.min.css HTTP/1.1 

                                        
                                            
Host: unpkg.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.16.124.175

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/plain; charset=utf-8

                                        

                                        
                                            
date: Thu, 01 Dec 2022 22:47:59 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, s-maxage=600, max-age=60 

                                        
                                            
location: /tailwindcss@2.2.19/dist/tailwind.min.css 

                                        
                                            
vary: Accept, Accept-Encoding 

                                        
                                            
via: 1.1 fly.io 

                                        
                                            
fly-request-id: 01GK7XS9ZTR27QW887P5P1ZBT7-ams 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 224 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772f5e23eb4ab511-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	0my.lotstolink.com/t/b11e64453ea7/2dda3b1e-71ca-11ed-9826-a7c13e531127/2dddfe48-71ca-11ed-9ec5-f9f689f6e36e
IP	66.195.197.18 (United States)
ASN	#11402 CCCAS-1
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-01 22:48:09 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	4
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (13)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 66.195.197.18

Last 5 reports on ASN: CCCAS-1

Last 5 reports on domain: lotstolink.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (2)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (43)

Overview

Domain Summary (13)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 66.195.197.18

Last 5 reports on ASN: CCCAS-1

Last 5 reports on domain: lotstolink.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (2)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (43)

Network Intrusion Detection Systems