Report - www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260

Report Overview

Submitted URL
www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260
IP
94.237.84.54
ASN
#202053 UpCloud Ltd
Submitted
2023-01-31 05:58:06
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.naughtylotto.net	unknown	2023-01-20T12:22:33Z	2023-03-08T06:06:56Z	14 kB	173 kB	94.237.93.242
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.7 kB	9.7 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
s3ntry.net	310352	2021-10-26T17:41:29Z	2023-03-13T08:01:50Z	522 B	295 B	162.55.168.249
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.161.147.150
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	70 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	www.naughtylotto.net/css/offers/win_gold/app.css?id=0f2956d0ef062520859405222ba34af3	Phishing
2023-01-31	medium	www.naughtylotto.net/js/offers/win_gold/app.js?id=5f9f9f5212a357678427913043aa4675	Phishing
2023-01-31	medium	www.naughtylotto.net/js/app.js?id=18297209384c9f760d879f87ce6da599	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260	553 B	2023-03-13	2023-03-13
Pretty URL www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260 IP 94.237.93.242 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:03:35 Last Seen2023-03-13 13:03:35 Times Seen1 Hash 0dc59bb1a4537fe17fd6e3ca06c28558 e1787799316f85888396648ad50ab0fb0437c98c 3f3b34d9dd046981c8115bed5f7699c48a4488b8c37ea3b05cc47abb23b99193 Loading...

	www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260	652 B	2023-03-13	2023-03-13
Pretty URL www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260 IP 94.237.93.242 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:03:35 Last Seen2023-03-13 13:03:35 Times Seen1 Hash 277889b5d902bec3229ec0c427dc95b8 824eb65a27037d5a7f6ee4f36ad1667b45579aa1 f484171cbfc9ae77a91a66ae8e11f97b47e3d9ee3dcc7ee1b682c80bcacf4aed Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 05:41:19 Times Seen36952564 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.naughtylotto.net/js/app.js?id=18297209384c9f760d879f87ce6da599	190 kB	2023-03-13	2023-03-13
Pretty URL www.naughtylotto.net/js/app.js?id=18297209384c9f760d879f87ce6da599 IP 94.237.93.242 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:42:31 Last Seen2023-03-13 13:03:35 Times Seen1 Hash 18297209384c9f760d879f87ce6da599 60b216a1cd909c81162bd0da2707bbf95503e310 c33cd4d680ce696002f7859f146ddf1d6d20ab7470f08821cb90835445ab9e47 Loading...

HTTP Transactions (30)

URL IP Response Size

www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260

94.237.93.242

200 OK

3.9 kB

URL HTTP/1.1
www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260
IP
94.237.93.242:0
ASN
#202053 UpCloud Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5882)
Size
3.9 kB (3907 bytes)
Hash
576737858139bef596b4fb3f5e26e28c
7e43e8dd0004fccead264a9cb6f093c207088445
5d4e797d336f75354b9e8a19b3f7c74f77debab32a9e6144f30150959bc02763

HTTP Headers

GET /win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260 HTTP/1.1
Host: www.naughtylotto.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Tue, 31 Jan 2023 05:57:55 GMT
Log-Id: 12f2d1f4-f74d-4f9f-b6a7-52d5f98fa3dd
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ik1VWU5ZSGo2NWR6dVoyV2hFNS9Dbnc9PSIsInZhbHVlIjoicitGamtsUkdmVmdlS3lMSlNtVEQrOG0zWTRIN0oyZlZtRmRHVlVIYnU0TUxDSTU0SDd4cHJabGkzRU1MdXo1YStFRzlXNFZSSExkQWE2WjdMNUUyQ2kwZ09tNWNNNEU0SzZRRGk3RlI3OXBHYmxLMitvR1dWaUFLVEs0WmFUZzMiLCJtYWMiOiI0ODk4N2M3MzM1YWQ5YjNhNjkwYmMxMTE0MDg1MDMxZDhhZmZkZjRhZWQ2MzkwMWE5NWYxY2UyMTVkNWE5NTY4IiwidGFnIjoiIn0%3D; expires=Tue, 31-Jan-2023 07:57:55 GMT; Max-Age=7200; path=/
ivr_offers_session=eyJpdiI6IlVYWVAvOFZCWERGbDA0M3B5a0FzWFE9PSIsInZhbHVlIjoicnRmd2JocDJWNmFaUjlOb2RyMnZ3RjVpTWxocHBubnlPU0FDdGozYm9zSXNwaWhqeUxkMzIwM3J3V2xUditjd2FPSTdCalRxNDM1UFJKaFJKeTFYMXV5YTk3bU9HNVFabzhHMGFUa0lELzBzU2NwNy9NdEE0U1lRc1dhYWxzM28iLCJtYWMiOiI1NTExNDljNTcwYjI5YjE4MGI3MjMwNGUwNjQ4MzNhNGNjY2U0ZTg0MGJkYzNkMzQwMmYzNWEyZTkyOTFjYjQzIiwidGFnIjoiIn0%3D; expires=Tue, 31-Jan-2023 07:57:55 GMT; Max-Age=7200; path=/; httponly
SESS_TRAF=eyJpdiI6ImhsVlVKQ0xqZGlhYXJLZStTQkNzZ0E9PSIsInZhbHVlIjoiTHNMOHdCZk5OYStQVXgxYnFkck9MNURpK2FSYnRxYjhJTUNYejBQdWJjU0liRGRCMEZXZHVkempNUWRRSks2RDhOUHpISUxQOG03d3VQYkZJL0sxMk5zeWFNVm9oaS9xcmFwTzQ3dm90WVpZNzU4M3VkY0R2YnRVUWh2OFZ6UndnaG5VT2F5czdtdkVXQ2JlanhENklzRGthUlhQampQYTdRZXV0cnNuRGdnPSIsIm1hYyI6ImU5MjI4YzVlZGUxOTdhOTA4MDZiMjQ3N2IyNmNkYTA3MzE2YzE5OTczOWRmNjBkYzBiNjRhMGQ2NjhiM2I5YWQiLCJ0YWciOiIifQ%3D%3D; path=/; httponly
visit=eyJpdiI6IjlnbzJjNnVRK2hVVHhPYTEwZnozZkE9PSIsInZhbHVlIjoiVUI1anFjSkZPalVINUs3VklTdnZGajFOdHJsaHFpQ00rK2pZOGxOZVgwemp2eHFZOVpPVFFQTmN2cUV1RExtQSIsIm1hYyI6ImJhZmMzOGFiNWQzMDg4MDNhNmRlMzgzZGRhYTU5MmMxMGM0ZWUwM2Y0NzQwNDhlY2QxYzYwNzkyNmE0NjQwZDEiLCJ0YWciOiIifQ%3D%3D; expires=Wed, 01-Feb-2023 05:57:55 GMT; Max-Age=86400; path=/; httponly
YZ8qv0FgyDI4mAIX7Nc1dakJOK5foRAbnIQReW8F=eyJpdiI6IkN5QkhQdndJbUdUN21tS2lIMnZoamc9PSIsInZhbHVlIjoielVjVzRoY1dPczlxRjJpeUxRa1R5K2VGTERKT2RkcUpaN2FpQW1LTko5YjJ6UG1vR2JrUE9OeFY1dHhQTlpGTDhqV1ppOEZ0TzUwMnk1MWFzYm56ZVExbWRqR3M4bitLZWV4ditqaTdOUDNNS0p2WlBTYXdaMkZoYVllK0cwaHF6Vm1hb0E2ZGExUkNwek0xVnpZWlc5aWFucUJEYlI1TUpML0ZQVjRIOVBMeU5pUk0yWG1aSU1kSTFPUjhuOGRBdUt2MVhINFpYZERPTW4vbXNkWlU4SGZ5bWFlQ1ZhSkdOd29ucVBLRjEreEcwWWZhcTNDRUhhVGJKWis3Z1ZTRFVVU09xZFB6L09qUm1zMFBhNUhHb2ZTcUduUjRQUHVtcldNV1FhdW1FZ2kyMFpjQ0xlSzc0NFRYOTRib0MvK2NhMG5GZWc5WFhlQUxScndiZ0I3UW5WMkZQTm0xRm83eFJicXVhbE1yNWpRQXZvbmhia1hKTGNROHoxajhxV09yYWtPUzh0S2UvM0ZRQ0VYL09rckdiWHk2ZFVoalJoYjRGc3VKbFVUYjZBRWpqMGRTSjFDeE15c0xDdE9UTEFxTTUyLzY3RVZ6ZzFURGRZQjdUS1pGRWg2QjlCNWNVd1FUR0RqRzlsaFpDTUk9IiwibWFjIjoiZDQ3Njc2OWY2NTQ2Mzk0MDY2YTk4NmI0NDk1NzQ0NWM5MTcwMDVmMWJhOTllYzg5YjM1MDgwZmMwMWEzNDMzZCIsInRhZyI6IiJ9; expires=Tue, 31-Jan-2023 07:57:55 GMT; Max-Age=7200; path=/; httponly
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2215
Expires: Tue, 31 Jan 2023 06:34:50 GMT
Date: Tue, 31 Jan 2023 05:57:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5155
Expires: Tue, 31 Jan 2023 07:23:50 GMT
Date: Tue, 31 Jan 2023 05:57:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10920
Expires: Tue, 31 Jan 2023 08:59:55 GMT
Date: Tue, 31 Jan 2023 05:57:55 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 05:35:52 GMT
content-type: application/json
age: 1323
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: wqlKiSztcU6b25nHqkj82NzfNfwAYz177REE3WZlseNmwaiDsqLTNFVGDXl4ygAYTcBayxd5a04=
x-amz-request-id: E0FH0XK2GHC63ARG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 05:22:05 GMT
age: 2150
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:57:55 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.naughtylotto.net/css/offers/win_gold/app.css?id=0f2956d0ef062520859405222ba34af3

94.237.93.242

200 OK

1.3 kB

URL HTTP/1.1
www.naughtylotto.net/css/offers/win_gold/app.css?id=0f2956d0ef062520859405222ba34af3
IP
94.237.93.242:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (3635)
Size
1.3 kB (1269 bytes)
Hash
24609a1b99374998d289e6654f863424
34e2944ea8d964025903cbedb74b5e50a96fa94c
37006a54b92b9d3da289f5b18c52422f562f78da7c0e3f26924584d0538be545

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /css/offers/win_gold/app.css?id=0f2956d0ef062520859405222ba34af3 HTTP/1.1
Host: www.naughtylotto.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260
Cookie: XSRF-TOKEN=eyJpdiI6Ik1VWU5ZSGo2NWR6dVoyV2hFNS9Dbnc9PSIsInZhbHVlIjoicitGamtsUkdmVmdlS3lMSlNtVEQrOG0zWTRIN0oyZlZtRmRHVlVIYnU0TUxDSTU0SDd4cHJabGkzRU1MdXo1YStFRzlXNFZSSExkQWE2WjdMNUUyQ2kwZ09tNWNNNEU0SzZRRGk3RlI3OXBHYmxLMitvR1dWaUFLVEs0WmFUZzMiLCJtYWMiOiI0ODk4N2M3MzM1YWQ5YjNhNjkwYmMxMTE0MDg1MDMxZDhhZmZkZjRhZWQ2MzkwMWE5NWYxY2UyMTVkNWE5NTY4IiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6IlVYWVAvOFZCWERGbDA0M3B5a0FzWFE9PSIsInZhbHVlIjoicnRmd2JocDJWNmFaUjlOb2RyMnZ3RjVpTWxocHBubnlPU0FDdGozYm9zSXNwaWhqeUxkMzIwM3J3V2xUditjd2FPSTdCalRxNDM1UFJKaFJKeTFYMXV5YTk3bU9HNVFabzhHMGFUa0lELzBzU2NwNy9NdEE0U1lRc1dhYWxzM28iLCJtYWMiOiI1NTExNDljNTcwYjI5YjE4MGI3MjMwNGUwNjQ4MzNhNGNjY2U0ZTg0MGJkYzNkMzQwMmYzNWEyZTkyOTFjYjQzIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6ImhsVlVKQ0xqZGlhYXJLZStTQkNzZ0E9PSIsInZhbHVlIjoiTHNMOHdCZk5OYStQVXgxYnFkck9MNURpK2FSYnRxYjhJTUNYejBQdWJjU0liRGRCMEZXZHVkempNUWRRSks2RDhOUHpISUxQOG03d3VQYkZJL0sxMk5zeWFNVm9oaS9xcmFwTzQ3dm90WVpZNzU4M3VkY0R2YnRVUWh2OFZ6UndnaG5VT2F5czdtdkVXQ2JlanhENklzRGthUlhQampQYTdRZXV0cnNuRGdnPSIsIm1hYyI6ImU5MjI4YzVlZGUxOTdhOTA4MDZiMjQ3N2IyNmNkYTA3MzE2YzE5OTczOWRmNjBkYzBiNjRhMGQ2NjhiM2I5YWQiLCJ0YWciOiIifQ%3D%3D; visit=eyJpdiI6IjlnbzJjNnVRK2hVVHhPYTEwZnozZkE9PSIsInZhbHVlIjoiVUI1anFjSkZPalVINUs3VklTdnZGajFOdHJsaHFpQ00rK2pZOGxOZVgwemp2eHFZOVpPVFFQTmN2cUV1RExtQSIsIm1hYyI6ImJhZmMzOGFiNWQzMDg4MDNhNmRlMzgzZGRhYTU5MmMxMGM0ZWUwM2Y0NzQwNDhlY2QxYzYwNzkyNmE0NjQwZDEiLCJ0YWciOiIifQ%3D%3D; YZ8qv0FgyDI4mAIX7Nc1dakJOK5foRAbnIQReW8F=eyJpdiI6IkN5QkhQdndJbUdUN21tS2lIMnZoamc9PSIsInZhbHVlIjoielVjVzRoY1dPczlxRjJpeUxRa1R5K2VGTERKT2RkcUpaN2FpQW1LTko5YjJ6UG1vR2JrUE9OeFY1dHhQTlpGTDhqV1ppOEZ0TzUwMnk1MWFzYm56ZVExbWRqR3M4bitLZWV4ditqaTdOUDNNS0p2WlBTYXdaMkZoYVllK0cwaHF6Vm1hb0E2ZGExUkNwek0xVnpZWlc5aWFucUJEYlI1TUpML0ZQVjRIOVBMeU5pUk0yWG1aSU1kSTFPUjhuOGRBdUt2MVhINFpYZERPTW4vbXNkWlU4SGZ5bWFlQ1ZhSkdOd29ucVBLRjEreEcwWWZhcTNDRUhhVGJKWis3Z1ZTRFVVU09xZFB6L09qUm1zMFBhNUhHb2ZTcUduUjRQUHVtcldNV1FhdW1FZ2kyMFpjQ0xlSzc0NFRYOTRib0MvK2NhMG5GZWc5WFhlQUxScndiZ0I3UW5WMkZQTm0xRm83eFJicXVhbE1yNWpRQXZvbmhia1hKTGNROHoxajhxV09yYWtPUzh0S2UvM0ZRQ0VYL09rckdiWHk2ZFVoalJoYjRGc3VKbFVUYjZBRWpqMGRTSjFDeE15c0xDdE9UTEFxTTUyLzY3RVZ6ZzFURGRZQjdUS1pGRWg2QjlCNWNVd1FUR0RqRzlsaFpDTUk9IiwibWFjIjoiZDQ3Njc2OWY2NTQ2Mzk0MDY2YTk4NmI0NDk1NzQ0NWM5MTcwMDVmMWJhOTllYzg5YjM1MDgwZmMwMWEzNDMzZCIsInRhZyI6IiJ9

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 05:57:55 GMT
Content-Type: text/css
Last-Modified: Mon, 30 Jan 2023 16:06:57 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"63d7eb21-e57"
Expires: Wed, 31 Jan 2024 05:57:55 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip

www.naughtylotto.net/js/offers/win_gold/app.js?id=5f9f9f5212a357678427913043aa4675

94.237.93.242

200 OK

77 kB

URL HTTP/1.1
www.naughtylotto.net/js/offers/win_gold/app.js?id=5f9f9f5212a357678427913043aa4675
IP
94.237.93.242:0
ASN
#202053 UpCloud Ltd

File type
Unicode text, UTF-8 text, with very long lines (65443)
Size
77 kB (77369 bytes)
Hash
5ac6e208dacd31977a0d414bf5572e0f
3f115ddd03126166af806275c35d7ba96ce39b32
e4c2095690fac1833c4314f6c9c815a72358db697aa40804db863b44e9c2e7b2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/offers/win_gold/app.js?id=5f9f9f5212a357678427913043aa4675 HTTP/1.1
Host: www.naughtylotto.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260
Cookie: XSRF-TOKEN=eyJpdiI6Ik1VWU5ZSGo2NWR6dVoyV2hFNS9Dbnc9PSIsInZhbHVlIjoicitGamtsUkdmVmdlS3lMSlNtVEQrOG0zWTRIN0oyZlZtRmRHVlVIYnU0TUxDSTU0SDd4cHJabGkzRU1MdXo1YStFRzlXNFZSSExkQWE2WjdMNUUyQ2kwZ09tNWNNNEU0SzZRRGk3RlI3OXBHYmxLMitvR1dWaUFLVEs0WmFUZzMiLCJtYWMiOiI0ODk4N2M3MzM1YWQ5YjNhNjkwYmMxMTE0MDg1MDMxZDhhZmZkZjRhZWQ2MzkwMWE5NWYxY2UyMTVkNWE5NTY4IiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6IlVYWVAvOFZCWERGbDA0M3B5a0FzWFE9PSIsInZhbHVlIjoicnRmd2JocDJWNmFaUjlOb2RyMnZ3RjVpTWxocHBubnlPU0FDdGozYm9zSXNwaWhqeUxkMzIwM3J3V2xUditjd2FPSTdCalRxNDM1UFJKaFJKeTFYMXV5YTk3bU9HNVFabzhHMGFUa0lELzBzU2NwNy9NdEE0U1lRc1dhYWxzM28iLCJtYWMiOiI1NTExNDljNTcwYjI5YjE4MGI3MjMwNGUwNjQ4MzNhNGNjY2U0ZTg0MGJkYzNkMzQwMmYzNWEyZTkyOTFjYjQzIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6ImhsVlVKQ0xqZGlhYXJLZStTQkNzZ0E9PSIsInZhbHVlIjoiTHNMOHdCZk5OYStQVXgxYnFkck9MNURpK2FSYnRxYjhJTUNYejBQdWJjU0liRGRCMEZXZHVkempNUWRRSks2RDhOUHpISUxQOG03d3VQYkZJL0sxMk5zeWFNVm9oaS9xcmFwTzQ3dm90WVpZNzU4M3VkY0R2YnRVUWh2OFZ6UndnaG5VT2F5czdtdkVXQ2JlanhENklzRGthUlhQampQYTdRZXV0cnNuRGdnPSIsIm1hYyI6ImU5MjI4YzVlZGUxOTdhOTA4MDZiMjQ3N2IyNmNkYTA3MzE2YzE5OTczOWRmNjBkYzBiNjRhMGQ2NjhiM2I5YWQiLCJ0YWciOiIifQ%3D%3D; visit=eyJpdiI6IjlnbzJjNnVRK2hVVHhPYTEwZnozZkE9PSIsInZhbHVlIjoiVUI1anFjSkZPalVINUs3VklTdnZGajFOdHJsaHFpQ00rK2pZOGxOZVgwemp2eHFZOVpPVFFQTmN2cUV1RExtQSIsIm1hYyI6ImJhZmMzOGFiNWQzMDg4MDNhNmRlMzgzZGRhYTU5MmMxMGM0ZWUwM2Y0NzQwNDhlY2QxYzYwNzkyNmE0NjQwZDEiLCJ0YWciOiIifQ%3D%3D; YZ8qv0FgyDI4mAIX7Nc1dakJOK5foRAbnIQReW8F=eyJpdiI6IkN5QkhQdndJbUdUN21tS2lIMnZoamc9PSIsInZhbHVlIjoielVjVzRoY1dPczlxRjJpeUxRa1R5K2VGTERKT2RkcUpaN2FpQW1LTko5YjJ6UG1vR2JrUE9OeFY1dHhQTlpGTDhqV1ppOEZ0TzUwMnk1MWFzYm56ZVExbWRqR3M4bitLZWV4ditqaTdOUDNNS0p2WlBTYXdaMkZoYVllK0cwaHF6Vm1hb0E2ZGExUkNwek0xVnpZWlc5aWFucUJEYlI1TUpML0ZQVjRIOVBMeU5pUk0yWG1aSU1kSTFPUjhuOGRBdUt2MVhINFpYZERPTW4vbXNkWlU4SGZ5bWFlQ1ZhSkdOd29ucVBLRjEreEcwWWZhcTNDRUhhVGJKWis3Z1ZTRFVVU09xZFB6L09qUm1zMFBhNUhHb2ZTcUduUjRQUHVtcldNV1FhdW1FZ2kyMFpjQ0xlSzc0NFRYOTRib0MvK2NhMG5GZWc5WFhlQUxScndiZ0I3UW5WMkZQTm0xRm83eFJicXVhbE1yNWpRQXZvbmhia1hKTGNROHoxajhxV09yYWtPUzh0S2UvM0ZRQ0VYL09rckdiWHk2ZFVoalJoYjRGc3VKbFVUYjZBRWpqMGRTSjFDeE15c0xDdE9UTEFxTTUyLzY3RVZ6ZzFURGRZQjdUS1pGRWg2QjlCNWNVd1FUR0RqRzlsaFpDTUk9IiwibWFjIjoiZDQ3Njc2OWY2NTQ2Mzk0MDY2YTk4NmI0NDk1NzQ0NWM5MTcwMDVmMWJhOTllYzg5YjM1MDgwZmMwMWEzNDMzZCIsInRhZyI6IiJ9

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 05:57:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 30 Jan 2023 16:06:57 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"63d7eb21-39d13"
Expires: Wed, 31 Jan 2024 05:57:55 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip

www.naughtylotto.net/js/app.js?id=18297209384c9f760d879f87ce6da599

94.237.93.242

200 OK

64 kB

URL HTTP/1.1
www.naughtylotto.net/js/app.js?id=18297209384c9f760d879f87ce6da599
IP
94.237.93.242:0
ASN
#202053 UpCloud Ltd

File type
Unicode text, UTF-8 text, with very long lines (65474)
Size
64 kB (63556 bytes)
Hash
18518fb4afe38f7935e5dca790352487
4a9e607f66bb678ca93f713f26d82f509d83b7fb
213b59973610219f22eed356357c09699ff9473a6cddef7f6128cf84a8aba368

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/app.js?id=18297209384c9f760d879f87ce6da599 HTTP/1.1
Host: www.naughtylotto.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.naughtylotto.net/win_gold?tid=5xrias7j2df4076bijyo8scg0,16517011,5,&ctrack=1675144657.447157260
Cookie: XSRF-TOKEN=eyJpdiI6Ik1VWU5ZSGo2NWR6dVoyV2hFNS9Dbnc9PSIsInZhbHVlIjoicitGamtsUkdmVmdlS3lMSlNtVEQrOG0zWTRIN0oyZlZtRmRHVlVIYnU0TUxDSTU0SDd4cHJabGkzRU1MdXo1YStFRzlXNFZSSExkQWE2WjdMNUUyQ2kwZ09tNWNNNEU0SzZRRGk3RlI3OXBHYmxLMitvR1dWaUFLVEs0WmFUZzMiLCJtYWMiOiI0ODk4N2M3MzM1YWQ5YjNhNjkwYmMxMTE0MDg1MDMxZDhhZmZkZjRhZWQ2MzkwMWE5NWYxY2UyMTVkNWE5NTY4IiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6IlVYWVAvOFZCWERGbDA0M3B5a0FzWFE9PSIsInZhbHVlIjoicnRmd2JocDJWNmFaUjlOb2RyMnZ3RjVpTWxocHBubnlPU0FDdGozYm9zSXNwaWhqeUxkMzIwM3J3V2xUditjd2FPSTdCalRxNDM1UFJKaFJKeTFYMXV5YTk3bU9HNVFabzhHMGFUa0lELzBzU2NwNy9NdEE0U1lRc1dhYWxzM28iLCJtYWMiOiI1NTExNDljNTcwYjI5YjE4MGI3MjMwNGUwNjQ4MzNhNGNjY2U0ZTg0MGJkYzNkMzQwMmYzNWEyZTkyOTFjYjQzIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6ImhsVlVKQ0xqZGlhYXJLZStTQkNzZ0E9PSIsInZhbHVlIjoiTHNMOHdCZk5OYStQVXgxYnFkck9MNURpK2FSYnRxYjhJTUNYejBQdWJjU0liRGRCMEZXZHVkempNUWRRSks2RDhOUHpISUxQOG03d3VQYkZJL0sxMk5zeWFNVm9oaS9xcmFwTzQ3dm90WVpZNzU4M3VkY0R2YnRVUWh2OFZ6UndnaG5VT2F5czdtdkVXQ2JlanhENklzRGthUlhQampQYTdRZXV0cnNuRGdnPSIsIm1hYyI6ImU5MjI4YzVlZGUxOTdhOTA4MDZiMjQ3N2IyNmNkYTA3MzE2YzE5OTczOWRmNjBkYzBiNjRhMGQ2NjhiM2I5YWQiLCJ0YWciOiIifQ%3D%3D; visit=eyJpdiI6IjlnbzJjNnVRK2hVVHhPYTEwZnozZkE9PSIsInZhbHVlIjoiVUI1anFjSkZPalVINUs3VklTdnZGajFOdHJsaHFpQ00rK2pZOGxOZVgwemp2eHFZOVpPVFFQTmN2cUV1RExtQSIsIm1hYyI6ImJhZmMzOGFiNWQzMDg4MDNhNmRlMzgzZGRhYTU5MmMxMGM0ZWUwM2Y0NzQwNDhlY2QxYzYwNzkyNmE0NjQwZDEiLCJ0YWciOiIifQ%3D%3D; YZ8qv0FgyDI4mAIX7Nc1dakJOK5foRAbnIQReW8F=eyJpdiI6IkN5QkhQdndJbUdUN21tS2lIMnZoamc9PSIsInZhbHVlIjoielVjVzRoY1dPczlxRjJpeUxRa1R5K2VGTERKT2RkcUpaN2FpQW1LTko5YjJ6UG1vR2JrUE9OeFY1dHhQTlpGTDhqV1ppOEZ0TzUwMnk1MWFzYm56ZVExbWRqR3M4bitLZWV4ditqaTdOUDNNS0p2WlBTYXdaMkZoYVllK0cwaHF6Vm1hb0E2ZGExUkNwek0xVnpZWlc5aWFucUJEYlI1TUpML0ZQVjRIOVBMeU5pUk0yWG1aSU1kSTFPUjhuOGRBdUt2MVhINFpYZERPTW4vbXNkWlU4SGZ5bWFlQ1ZhSkdOd29ucVBLRjEreEcwWWZhcTNDRUhhVGJKWis3Z1ZTRFVVU09xZFB6L09qUm1zMFBhNUhHb2ZTcUduUjRQUHVtcldNV1FhdW1FZ2kyMFpjQ0xlSzc0NFRYOTRib0MvK2NhMG5GZWc5WFhlQUxScndiZ0I3UW5WMkZQTm0xRm83eFJicXVhbE1yNWpRQXZvbmhia1hKTGNROHoxajhxV09yYWtPUzh0S2UvM0ZRQ0VYL09rckdiWHk2ZFVoalJoYjRGc3VKbFVUYjZBRWpqMGRTSjFDeE15c0xDdE9UTEFxTTUyLzY3RVZ6ZzFURGRZQjdUS1pGRWg2QjlCNWNVd1FUR0RqRzlsaFpDTUk9IiwibWFjIjoiZDQ3Njc2OWY2NTQ2Mzk0MDY2YTk4NmI0NDk1NzQ0NWM5MTcwMDVmMWJhOTllYzg5YjM1MDgwZmMwMWEzNDMzZCIsInRhZyI6IiJ9

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 05:57:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 30 Jan 2023 16:06:57 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"63d7eb21-2e42c"
Expires: Wed, 31 Jan 2024 05:57:55 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3a5027264e8a67df2c9fb73c32f82f64
b59ae61c6eda13a433f111ad42cc2720a33e875c
cee0cc0326f47d00f4eb03389c37e08a452cdd1e3fd24bbfccb521d6140f55a8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEE0CC0326F47D00F4EB03389C37E08A452CDD1E3FD24BBFCCB521D6140F55A8"
Last-Modified: Sat, 28 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1064
Expires: Tue, 31 Jan 2023 06:15:39 GMT
Date: Tue, 31 Jan 2023 05:57:55 GMT
Connection: keep-alive

www.naughtylotto.net/img/prizes/iphone-14/default@0.75x.png

94.237.93.242

200 OK

10 kB

URL HTTP/2
www.naughtylotto.net/img/prizes/iphone-14/default@0.75x.png
IP
94.237.93.242:0
ASN
#202053 UpCloud Ltd

File type
PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Size
10 kB (9956 bytes)
Hash
97dff6b87d492b6da6ec26c866db539f
a6006a3f159b2402cbb73cbde22157476768bef5
eda7d0d12a2dcb4063802985a75a13935a6f4168a92b9c8861ca880801775fde

HTTP Headers

GET /img/prizes/iphone-14/default@0.75x.png HTTP/1.1
Host: www.naughtylotto.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.naughtylotto.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 05:57:55 GMT
content-type: image/png
content-length: 9956
last-modified: Mon, 30 Jan 2023 16:05:24 GMT
etag: "63d7eac4-26e4"
expires: Wed, 31 Jan 2024 05:57:55 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ca34678e36ab80c13de5687246519ff5
e125d4684f3397d5c98cce168d949cb2771282f4
3203be44913f8908d7b178f10c17b3d9b18effa29c00866a34b39bb16c7b5dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3203BE44913F8908D7B178F10C17B3D9B18EFFA29C00866A34B39BB16C7B5DAC"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7839
Expires: Tue, 31 Jan 2023 08:08:34 GMT
Date: Tue, 31 Jan 2023 05:57:55 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 05:49:04 GMT
age: 532
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

s3ntry.net/api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7

162.55.168.249

200 OK

2 B

URL HTTP/1.1
s3ntry.net/api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7
IP
162.55.168.249:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7 HTTP/1.1
Host: s3ntry.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.naughtylotto.net/
Content-Type: text/plain;charset=UTF-8
Origin: http://www.naughtylotto.net
Content-Length: 434
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 05:57:56 GMT
Content-Type: application/json
Content-Length: 2
Connection: close
access-control-allow-origin: http://www.naughtylotto.net
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
vary: Origin

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9155
Expires: Tue, 31 Jan 2023 08:30:31 GMT
Date: Tue, 31 Jan 2023 05:57:56 GMT
Connection: keep-alive

push.services.mozilla.com/

35.161.147.150

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.147.150:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nuXQj7yLr6kMq/p9Y76c6g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Sp29QDUNVr2drEOH7ots7XHo3/0=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3902
Expires: Tue, 31 Jan 2023 07:02:59 GMT
Date: Tue, 31 Jan 2023 05:57:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3902
Expires: Tue, 31 Jan 2023 07:02:59 GMT
Date: Tue, 31 Jan 2023 05:57:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3902
Expires: Tue, 31 Jan 2023 07:02:59 GMT
Date: Tue, 31 Jan 2023 05:57:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3902
Expires: Tue, 31 Jan 2023 07:02:59 GMT
Date: Tue, 31 Jan 2023 05:57:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3902
Expires: Tue, 31 Jan 2023 07:02:59 GMT
Date: Tue, 31 Jan 2023 05:57:57 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11129 bytes)
Hash
2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:40:17 GMT
age: 8260
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8558 bytes)
Hash
e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZP2Mar8l3QoPH733_vv3hUuQjWvaN4_TgfYwme2-6WIxGi55BoSchg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:26:31 GMT
age: 5486
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13639 bytes)
Hash
63486f2a937aa8fd013fc2c2d1b32f2d
e8868de34c2f79348c1edad764259eb70bebd7a6
fa6e5ce374031c0df3b3f2d6de823cf1fe08fdaf9957a0722770867cfdec0ed1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13639
x-amzn-requestid: 8131c878-620a-4972-ba8f-1456859acae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcJSF0SIAMFe1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340a1-18c7280940d508c440c0182c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mXlQ5A2PHadECkKglPquN9x68ubYk8s2to-_JjCgEQe7axfJo6K8Jw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 07:53:36 GMT
age: 79461
etag: "e8868de34c2f79348c1edad764259eb70bebd7a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v9Wphg34UGE5kkZ9RKBcphcpPuCn54oVyepzTW5rZ3J9nkL9J501PA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:03:23 GMT
age: 28474
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10898 bytes)
Hash
4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: djoQmYTv7Rlq9tKKkJ5U1J3YeVSIs5yzSts_xRN3bdi27Ra8UfM6OQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:44:45 GMT
age: 29592
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:58:16 GMT
age: 14381
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.naughtylotto.net/img/offers/win_gold/seal.png

94.237.93.242

200 OK

12 kB

URL HTTP/1.1
www.naughtylotto.net/img/offers/win_gold/seal.png
IP
94.237.93.242:0
ASN
#202053 UpCloud Ltd

File type
PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Size
12 kB (11949 bytes)
Hash
d0648ad4741adf3ff05ca1ef5598fae9
c97ad85adfb7a6ea0602aa1d9ed9dbcd6e6f9486
27d6943fdeb7a2c881dbc9c7106e1162b139e905bd89beee69d69ac7cf336f39

HTTP Headers

GET /img/offers/win_gold/seal.png HTTP/1.1
Host: www.naughtylotto.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.naughtylotto.net/css/offers/win_gold/app.css?id=0f2956d0ef062520859405222ba34af3
Cookie: XSRF-TOKEN=eyJpdiI6Ik1VWU5ZSGo2NWR6dVoyV2hFNS9Dbnc9PSIsInZhbHVlIjoicitGamtsUkdmVmdlS3lMSlNtVEQrOG0zWTRIN0oyZlZtRmRHVlVIYnU0TUxDSTU0SDd4cHJabGkzRU1MdXo1YStFRzlXNFZSSExkQWE2WjdMNUUyQ2kwZ09tNWNNNEU0SzZRRGk3RlI3OXBHYmxLMitvR1dWaUFLVEs0WmFUZzMiLCJtYWMiOiI0ODk4N2M3MzM1YWQ5YjNhNjkwYmMxMTE0MDg1MDMxZDhhZmZkZjRhZWQ2MzkwMWE5NWYxY2UyMTVkNWE5NTY4IiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6IlVYWVAvOFZCWERGbDA0M3B5a0FzWFE9PSIsInZhbHVlIjoicnRmd2JocDJWNmFaUjlOb2RyMnZ3RjVpTWxocHBubnlPU0FDdGozYm9zSXNwaWhqeUxkMzIwM3J3V2xUditjd2FPSTdCalRxNDM1UFJKaFJKeTFYMXV5YTk3bU9HNVFabzhHMGFUa0lELzBzU2NwNy9NdEE0U1lRc1dhYWxzM28iLCJtYWMiOiI1NTExNDljNTcwYjI5YjE4MGI3MjMwNGUwNjQ4MzNhNGNjY2U0ZTg0MGJkYzNkMzQwMmYzNWEyZTkyOTFjYjQzIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6ImhsVlVKQ0xqZGlhYXJLZStTQkNzZ0E9PSIsInZhbHVlIjoiTHNMOHdCZk5OYStQVXgxYnFkck9MNURpK2FSYnRxYjhJTUNYejBQdWJjU0liRGRCMEZXZHVkempNUWRRSks2RDhOUHpISUxQOG03d3VQYkZJL0sxMk5zeWFNVm9oaS9xcmFwTzQ3dm90WVpZNzU4M3VkY0R2YnRVUWh2OFZ6UndnaG5VT2F5czdtdkVXQ2JlanhENklzRGthUlhQampQYTdRZXV0cnNuRGdnPSIsIm1hYyI6ImU5MjI4YzVlZGUxOTdhOTA4MDZiMjQ3N2IyNmNkYTA3MzE2YzE5OTczOWRmNjBkYzBiNjRhMGQ2NjhiM2I5YWQiLCJ0YWciOiIifQ%3D%3D; visit=eyJpdiI6IjlnbzJjNnVRK2hVVHhPYTEwZnozZkE9PSIsInZhbHVlIjoiVUI1anFjSkZPalVINUs3VklTdnZGajFOdHJsaHFpQ00rK2pZOGxOZVgwemp2eHFZOVpPVFFQTmN2cUV1RExtQSIsIm1hYyI6ImJhZmMzOGFiNWQzMDg4MDNhNmRlMzgzZGRhYTU5MmMxMGM0ZWUwM2Y0NzQwNDhlY2QxYzYwNzkyNmE0NjQwZDEiLCJ0YWciOiIifQ%3D%3D; YZ8qv0FgyDI4mAIX7Nc1dakJOK5foRAbnIQReW8F=eyJpdiI6IkN5QkhQdndJbUdUN21tS2lIMnZoamc9PSIsInZhbHVlIjoielVjVzRoY1dPczlxRjJpeUxRa1R5K2VGTERKT2RkcUpaN2FpQW1LTko5YjJ6UG1vR2JrUE9OeFY1dHhQTlpGTDhqV1ppOEZ0TzUwMnk1MWFzYm56ZVExbWRqR3M4bitLZWV4ditqaTdOUDNNS0p2WlBTYXdaMkZoYVllK0cwaHF6Vm1hb0E2ZGExUkNwek0xVnpZWlc5aWFucUJEYlI1TUpML0ZQVjRIOVBMeU5pUk0yWG1aSU1kSTFPUjhuOGRBdUt2MVhINFpYZERPTW4vbXNkWlU4SGZ5bWFlQ1ZhSkdOd29ucVBLRjEreEcwWWZhcTNDRUhhVGJKWis3Z1ZTRFVVU09xZFB6L09qUm1zMFBhNUhHb2ZTcUduUjRQUHVtcldNV1FhdW1FZ2kyMFpjQ0xlSzc0NFRYOTRib0MvK2NhMG5GZWc5WFhlQUxScndiZ0I3UW5WMkZQTm0xRm83eFJicXVhbE1yNWpRQXZvbmhia1hKTGNROHoxajhxV09yYWtPUzh0S2UvM0ZRQ0VYL09rckdiWHk2ZFVoalJoYjRGc3VKbFVUYjZBRWpqMGRTSjFDeE15c0xDdE9UTEFxTTUyLzY3RVZ6ZzFURGRZQjdUS1pGRWg2QjlCNWNVd1FUR0RqRzlsaFpDTUk9IiwibWFjIjoiZDQ3Njc2OWY2NTQ2Mzk0MDY2YTk4NmI0NDk1NzQ0NWM5MTcwMDVmMWJhOTllYzg5YjM1MDgwZmMwMWEzNDMzZCIsInRhZyI6IiJ9

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 05:57:57 GMT
Content-Type: image/png
Content-Length: 11949
Last-Modified: Mon, 30 Jan 2023 16:06:57 GMT
ETag: "63d7eb21-2ead"
Expires: Wed, 31 Jan 2024 05:57:57 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes

www.naughtylotto.net/img/offers/win_gold/bg.jpg

94.237.93.242

200 OK

0 B

URL HTTP/1.1
www.naughtylotto.net/img/offers/win_gold/bg.jpg
IP
94.237.93.242:0
ASN
#202053 UpCloud Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/offers/win_gold/bg.jpg HTTP/1.1
Host: www.naughtylotto.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.naughtylotto.net/css/offers/win_gold/app.css?id=0f2956d0ef062520859405222ba34af3
Cookie: XSRF-TOKEN=eyJpdiI6Ik1VWU5ZSGo2NWR6dVoyV2hFNS9Dbnc9PSIsInZhbHVlIjoicitGamtsUkdmVmdlS3lMSlNtVEQrOG0zWTRIN0oyZlZtRmRHVlVIYnU0TUxDSTU0SDd4cHJabGkzRU1MdXo1YStFRzlXNFZSSExkQWE2WjdMNUUyQ2kwZ09tNWNNNEU0SzZRRGk3RlI3OXBHYmxLMitvR1dWaUFLVEs0WmFUZzMiLCJtYWMiOiI0ODk4N2M3MzM1YWQ5YjNhNjkwYmMxMTE0MDg1MDMxZDhhZmZkZjRhZWQ2MzkwMWE5NWYxY2UyMTVkNWE5NTY4IiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6IlVYWVAvOFZCWERGbDA0M3B5a0FzWFE9PSIsInZhbHVlIjoicnRmd2JocDJWNmFaUjlOb2RyMnZ3RjVpTWxocHBubnlPU0FDdGozYm9zSXNwaWhqeUxkMzIwM3J3V2xUditjd2FPSTdCalRxNDM1UFJKaFJKeTFYMXV5YTk3bU9HNVFabzhHMGFUa0lELzBzU2NwNy9NdEE0U1lRc1dhYWxzM28iLCJtYWMiOiI1NTExNDljNTcwYjI5YjE4MGI3MjMwNGUwNjQ4MzNhNGNjY2U0ZTg0MGJkYzNkMzQwMmYzNWEyZTkyOTFjYjQzIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6ImhsVlVKQ0xqZGlhYXJLZStTQkNzZ0E9PSIsInZhbHVlIjoiTHNMOHdCZk5OYStQVXgxYnFkck9MNURpK2FSYnRxYjhJTUNYejBQdWJjU0liRGRCMEZXZHVkempNUWRRSks2RDhOUHpISUxQOG03d3VQYkZJL0sxMk5zeWFNVm9oaS9xcmFwTzQ3dm90WVpZNzU4M3VkY0R2YnRVUWh2OFZ6UndnaG5VT2F5czdtdkVXQ2JlanhENklzRGthUlhQampQYTdRZXV0cnNuRGdnPSIsIm1hYyI6ImU5MjI4YzVlZGUxOTdhOTA4MDZiMjQ3N2IyNmNkYTA3MzE2YzE5OTczOWRmNjBkYzBiNjRhMGQ2NjhiM2I5YWQiLCJ0YWciOiIifQ%3D%3D; visit=eyJpdiI6IjlnbzJjNnVRK2hVVHhPYTEwZnozZkE9PSIsInZhbHVlIjoiVUI1anFjSkZPalVINUs3VklTdnZGajFOdHJsaHFpQ00rK2pZOGxOZVgwemp2eHFZOVpPVFFQTmN2cUV1RExtQSIsIm1hYyI6ImJhZmMzOGFiNWQzMDg4MDNhNmRlMzgzZGRhYTU5MmMxMGM0ZWUwM2Y0NzQwNDhlY2QxYzYwNzkyNmE0NjQwZDEiLCJ0YWciOiIifQ%3D%3D; YZ8qv0FgyDI4mAIX7Nc1dakJOK5foRAbnIQReW8F=eyJpdiI6IkN5QkhQdndJbUdUN21tS2lIMnZoamc9PSIsInZhbHVlIjoielVjVzRoY1dPczlxRjJpeUxRa1R5K2VGTERKT2RkcUpaN2FpQW1LTko5YjJ6UG1vR2JrUE9OeFY1dHhQTlpGTDhqV1ppOEZ0TzUwMnk1MWFzYm56ZVExbWRqR3M4bitLZWV4ditqaTdOUDNNS0p2WlBTYXdaMkZoYVllK0cwaHF6Vm1hb0E2ZGExUkNwek0xVnpZWlc5aWFucUJEYlI1TUpML0ZQVjRIOVBMeU5pUk0yWG1aSU1kSTFPUjhuOGRBdUt2MVhINFpYZERPTW4vbXNkWlU4SGZ5bWFlQ1ZhSkdOd29ucVBLRjEreEcwWWZhcTNDRUhhVGJKWis3Z1ZTRFVVU09xZFB6L09qUm1zMFBhNUhHb2ZTcUduUjRQUHVtcldNV1FhdW1FZ2kyMFpjQ0xlSzc0NFRYOTRib0MvK2NhMG5GZWc5WFhlQUxScndiZ0I3UW5WMkZQTm0xRm83eFJicXVhbE1yNWpRQXZvbmhia1hKTGNROHoxajhxV09yYWtPUzh0S2UvM0ZRQ0VYL09rckdiWHk2ZFVoalJoYjRGc3VKbFVUYjZBRWpqMGRTSjFDeE15c0xDdE9UTEFxTTUyLzY3RVZ6ZzFURGRZQjdUS1pGRWg2QjlCNWNVd1FUR0RqRzlsaFpDTUk9IiwibWFjIjoiZDQ3Njc2OWY2NTQ2Mzk0MDY2YTk4NmI0NDk1NzQ0NWM5MTcwMDVmMWJhOTllYzg5YjM1MDgwZmMwMWEzNDMzZCIsInRhZyI6IiJ9

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 05:57:55 GMT
Content-Type: image/jpeg
Content-Length: 31535
Last-Modified: Mon, 30 Jan 2023 16:06:57 GMT
ETag: "63d7eb21-7b2f"
Expires: Wed, 31 Jan 2024 05:57:55 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (30)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers