Report - tx.vc/r/3sXcj/

Report Overview

Submitted URL
tx.vc/r/3sXcj/
IP
75.2.93.90
ASN
#16509 AMAZON-02
Submitted
2022-11-25 03:01:16
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	7.7 kB	104.17.24.14
www.slotswise.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	1.0 kB	18.197.71.232
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	48 kB	34.120.237.76
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	6.5 kB	93.184.220.29
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	21 kB	142.250.74.174
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	349 B	157.240.200.35
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	933 B	104.18.10.207
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	984 B	143.204.42.156
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.69.31
www.googleoptimize.com	1604	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	48 kB	142.250.74.78
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	855 B	172.64.132.15
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
www.freespinsloopy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	21 kB	1.1 MB	3.121.17.50
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.35
res.cloudinary.com	2520	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	102 kB	151.101.85.137
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	50 kB	142.250.74.168
loader.wisepops.com	12332	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	28 kB	172.67.74.220
tx.vc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.5 kB	99.83.131.60

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	www.freespinsloopy.com/static/fsl_assets/css/new_offers_page.css?v=24	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/js/jquery.star-rating-svg.js	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/fsl_assets/css/footer.css?v=24	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/js/custom.js?v=24	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/js/jquery-3.3.1.min.js	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/str_assets/img/GamCare.svg	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/str_assets/img/18.svg	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/str_assets/img/GambleAware.svg	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/fsl_assets/img/Logo.svg	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/fonts/Roboto-Light.ttf	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/fonts/JosefinSans-Regular.ttf	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/fonts/JosefinSans-Bold.ttf	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/fonts/RobotoCondensed-Light.ttf	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/fonts/Roboto-Bold.ttf	Phishing
2022-11-25	medium	www.freespinsloopy.com/static/fonts/RobotoCondensed-Bold.ttf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js	21 kB	2023-03-07	2024-05-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:27 Last Seen2024-05-01 17:52:41 Times Seen16848 Hash 56456db9d72a4b380ed3cb63095e6022 6dbce88aee15b42f29083df7a07513cf3b486ba0 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Loading...

	www.freespinsloopy.com/static/js/jquery.star-rating-svg.js	12 kB	2023-03-07	2024-02-14
Pretty URL www.freespinsloopy.com/static/js/jquery.star-rating-svg.js IP 3.121.17.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:11 Last Seen2024-02-14 08:46:33 Times Seen84 Hash af607d2208a57968ab7047f42d2e82a5 299c7600893333c708212f8b65689d748a148a8a 32a1ee2fe595384779fa1dd2c03d8848ee19bf1cf52d3d71f688274e474bae2d Loading...

	connect.facebook.net/signals/config/149530806794884?v=2.9.89&r=stable	300 kB	2023-03-08	2023-03-11
Pretty URL connect.facebook.net/signals/config/149530806794884?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:24 Last Seen2023-03-11 19:31:45 Times Seen1 Hash 7fa7e41b37243ec4dfe89cd5b104e937 630fd3fb8ed5c3a2dade5b9479486d7721871735 d98a8f2c02b47fb5c32c83ddf44c9a9ba959f7bf594b216bfb18af90953dc503 Loading...

	unknown	0 B	2023-03-07	2024-05-01
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 23:21:32 Times Seen37257834 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540	389 B	2023-03-08	2023-03-11
Pretty URL www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540 IP 3.121.17.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:34:23 Last Seen2023-03-11 19:31:45 Times Seen1 Hash 0f7c8eeea64f8977b805f95a240772f1 457770a5e44c6743e38a4d2b6d17186f319f9796 717e8af21a238d4b035704fd2e1dbf53b27428d730c3d351fe4ac5cb100fd5dc Loading...

	www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540	3.3 kB	2023-03-08	2023-05-26
Pretty URL www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540 IP 3.121.17.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:34:23 Last Seen2023-05-26 19:10:26 Times Seen18 Hash b67ffa65e11275d6ca8b3bf81724a497 7e0b7515468e4dc8eb8a9b648ee113e899d221d6 1c966f2216a06d1569235fa10f05ea5b035cf8e5d8de42e23d2c779860bb99fe Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5PMZWMJ	132 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5PMZWMJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:31:45 Last Seen2023-03-11 19:31:45 Times Seen1 Hash 2a99f32490ebbdf3efb911a8635d40bd 01ff7c0e08100bf7d517619d9f53bb016014749c c8e6733dc515f76fe731acdd4979601859b4e46d8990acc7d60a6fb08121350a Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	www.freespinsloopy.com/static/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-05-01
Pretty URL www.freespinsloopy.com/static/js/jquery-3.3.1.min.js IP 3.121.17.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2024-05-01 19:45:45 Times Seen167425 Hash a46fb81762396b7bf2020774a2fb4d9e fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7 d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Loading...

	www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540	369 B	2023-03-08	2023-05-26
Pretty URL www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540 IP 3.121.17.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:34:23 Last Seen2023-05-26 19:10:26 Times Seen19 Hash 2e9c99c0809055a141e5c0f950ed2a5e 87706d26ff58b4ee6e8a07f348bd31ea89b22985 0d9e7a01637dae3e3b469a206678658c036111675fdfc2d0c83bac2e78d8a0d6 Loading...

	www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540	294 B	2023-03-08	2023-05-26
Pretty URL www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540 IP 3.121.17.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:34:23 Last Seen2023-05-26 19:10:26 Times Seen18 Hash 64e96399b8db5598a7c2d74563f3e86c 065c8a6047d692735ec9aa74d79b635f0b078bdd 0245246b1d05c4e3f010e3e496140697c5a604d7a4bfcff3c6d218cc491097d3 Loading...

	www.freespinsloopy.com/static/js/custom.js?v=24	2.5 kB	2023-03-08	2023-05-26
Pretty URL www.freespinsloopy.com/static/js/custom.js?v=24 IP 3.121.17.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:12:58 Last Seen2023-05-26 19:10:26 Times Seen53 Hash 5d16b20f6d0a08f897e59e8f1868810d 7825e4d97cf46f535bfc4b2d68f66ae64a5a1851 4cd0e6fcd1f5d7b1203899ff64770171e45a69c1770b3ddfc1692cdd1f4aaffe Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-01
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-01 18:36:16 Times Seen1617 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540	340 B	2023-03-11	2023-03-11
Pretty URL www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540 IP 3.121.17.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:31:45 Last Seen2023-03-11 19:31:45 Times Seen1 Hash c305bd6561cf1673cef353799e20427c 9dfd1da69ef60fc847503687929a978bb90b7957 396598484c03c1da6d4293a7b6db8881fd206ec73d25e9e35ec76816fc009421 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js	58 kB	2023-03-07	2024-05-01
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-05-01 20:46:48 Times Seen20377 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540	328 B	2023-03-08	2023-05-23
Pretty URL www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540 IP 3.121.17.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:34:23 Last Seen2023-05-23 15:16:43 Times Seen17 Hash ee45c600daf92b61484ca400d877afa7 a74e9dedad016cc016a18eda6cd59315182740ec da8a4f8050f69f06e2e4b11924f5d31e79a9b378ed6a50ccceeb1ca3150dc6c4 Loading...

	www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540	422 B	2023-03-08	2023-05-23
Pretty URL www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540 IP 3.121.17.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:34:23 Last Seen2023-05-23 15:16:43 Times Seen17 Hash 62150edc0d552262c110e98e39801eb5 0d81d346ef93cc935d911e9bce20aa3f9a04c1e8 1c75a77fdd5d91428b2493a8989e8a091539d3a2abe20ec4c73548503040deae Loading...

HTTP Transactions (75)

URL IP Response Size

tx.vc/r/3sXcj/

99.83.131.60

301 Moved Permanently

134 B

URL HTTP/1.1
tx.vc/r/3sXcj/
IP
99.83.131.60:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /r/3sXcj/ HTTP/1.1
Host: tx.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 25 Nov 2022 03:01:04 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://tx.vc:443/r/3sXcj/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3864
Expires: Fri, 25 Nov 2022 04:05:29 GMT
Date: Fri, 25 Nov 2022 03:01:05 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:05 GMT
Last-Modified: Fri, 25 Nov 2022 01:42:40 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 02:17:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2622
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6320
Expires: Fri, 25 Nov 2022 04:46:25 GMT
Date: Fri, 25 Nov 2022 03:01:05 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: E/RvuzRNotXf7J2BIQgAjFwJvnY7vx9DfQ+xq8ytdPwq8LljJUUPCWEmSsJsymkdITFwW0GONrk=
x-amz-request-id: AJB9DBNDT9T6VZDR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 02:43:40 GMT
age: 1045
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:01:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9c70849f1aedb3219600a28625c15194
8771673b6022bd32c29c027a98870014ecce5c79
709f114c9b9709c4c30939486e6f95ec3b60ca73e6f0111c8d867e21a158e4e8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150810
Date: Fri, 25 Nov 2022 03:01:05 GMT
Etag: "637fda0b-1d7"
Expires: Sat, 26 Nov 2022 20:54:35 GMT
Last-Modified: Thu, 24 Nov 2022 20:54:35 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rAs5yu6YoUEm1esjPyKXa7TsLp7wlbz5s4gmOdQG9Oxqi6F9R-GTyg==

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 02:08:53 GMT
cache-control: public,max-age=3600
age: 3132
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

tx.vc/r/3sXcj/

99.83.131.60

301 Moved Permanently

228 B

URL HTTP/2
tx.vc/r/3sXcj/
IP
99.83.131.60:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
228 B (228 bytes)
Hash
38b60419aba6d78710628b26def625c4
a81cf7e95491c3e3c8abf99d4861ac0be7e9ee74
0e4d17f6728dfa8cee9a146eb6a1424a4e3cac0cadecabed06e05dffcf9b5f7a

HTTP Headers

GET /r/3sXcj/ HTTP/1.1
Host: tx.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Fri, 25 Nov 2022 03:01:05 GMT
content-type: text/html; charset=iso-8859-1
content-length: 228
location: http://tx.vc/r/3sXcj
server: Apache
X-Firefox-Spdy: h2

tx.vc/r/3sXcj

99.83.131.60

301 Moved Permanently

134 B

URL HTTP/1.1
tx.vc/r/3sXcj
IP
99.83.131.60:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /r/3sXcj HTTP/1.1
Host: tx.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 25 Nov 2022 03:01:05 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://tx.vc:443/r/3sXcj

tx.vc/r/3sXcj

99.83.131.60

302 Found

0 B

URL HTTP/2
tx.vc/r/3sXcj
IP
99.83.131.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /r/3sXcj HTTP/1.1
Host: tx.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 302 Found
date: Fri, 25 Nov 2022 03:01:05 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
server: Apache
x-frame-options: tx.vc
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3940
Cache-Control: max-age=112284
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:05 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:12:29 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6c37300d54d2c6437b577292c6fbbed
c1c883bb7989bae739374a6936089ea44f0b9005
b76cb4c224a8797c51c5b846eba413deca349eb01e1b1565bd4f4812c5fbe1e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B76CB4C224A8797C51C5B846EBA413DECA349EB01E1B1565BD4F4812C5FBE1E4"
Last-Modified: Wed, 23 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Fri, 25 Nov 2022 09:00:50 GMT
Date: Fri, 25 Nov 2022 03:01:06 GMT
Connection: keep-alive

push.services.mozilla.com/

54.148.69.31

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.69.31:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WraUmDCbQaaczn9WBH85pw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uNIoRO1SE61KWL8UBkXey8UchPc=

www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540

3.121.17.50

200 OK

10 kB

URL HTTP/1.1
www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (512)
Size
10 kB (10274 bytes)
Hash
de158df287e062030b3ac4703023762d
e7a651116db286487880398e9ab540d38f2b91ec
358fa7233abaf2613fa149e7e55bc931b661ff3a4035388eb7a63c1ed95c42ec

HTTP Headers

GET /lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540 HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: DENY
Vary: Accept-Encoding, Cookie, Accept-Language
Content-Language: en-gb
X-Content-Type-Options: nosniff
Set-Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; Path=/
visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; expires=Fri, 25 Nov 2022 06:01:06 GMT; Max-Age=10800; Path=/
da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; Path=/
csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; expires=Fri, 24 Nov 2023 03:01:06 GMT; Max-Age=31449600; Path=/; SameSite=Lax
sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; expires=Fri, 09 Dec 2022 03:01:06 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax
Content-Encoding: gzip

www.freespinsloopy.com/static/fsl_assets/css/new_offers_page.css?v=24

3.121.17.50

200 OK

3.2 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fsl_assets/css/new_offers_page.css?v=24
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
assembler source, ASCII text
Size
3.2 kB (3214 bytes)
Hash
0f58134f56656e280976b30bfb402a57
068a92328847ba7cfc32513313dc77b33afa8128
8a5f01f57db76df0662147414622cef8d923d3ba0f6af84d1a1bf087df855159

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fsl_assets/css/new_offers_page.css?v=24 HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Jun 2022 09:37:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip

www.freespinsloopy.com/static/css/star-rating-svg.css

3.121.17.50

200 OK

272 B

URL HTTP/1.1
www.freespinsloopy.com/static/css/star-rating-svg.css
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (487), with no line terminators
Size
272 B (272 bytes)
Hash
35e70490396b03528922aef96a7b6158
5c83e732b4159905c7ddae10bbed46374661a0e6
d796f1a85491909b73d77bc3509835503dbf70a9d49f05cede2d7653aaab47a7

HTTP Headers

GET /static/css/star-rating-svg.css HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: text/css
Last-Modified: Wed, 28 Oct 2020 15:55:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
fd6e45fec9010f48d052dc17826c75f0
218e01b9707f1e123eef81d70f24f0d95e526465
8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Last-Modified: Fri, 25 Nov 2022 01:20:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
f2d8c84168fac835cfedc4e3f49dd87e
8850fca6914fe68a79ba16dbf5d8aa120ba9eed6
02366941cc203e7fb16325c12b9c3e59952473eab7a943b3a9faeef2eaeb5218

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3085
Cache-Control: max-age=122228
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Etag: "637f5e59-118"
Expires: Sat, 26 Nov 2022 12:58:14 GMT
Last-Modified: Thu, 24 Nov 2022 12:06:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

104.17.24.14

200 OK

6.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (20831)
Size
6.6 kB (6646 bytes)
Hash
368c425fc94c424e1688caadefbed981
13d24c22c199ef6668d758434819f44307a65094
ed9c7a83e1c1300a93ecd08807a736ebe7b87ab8262a40bc7e3859d00a46a102

HTTP Headers

GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freespinsloopy.com
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:01:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 727102
expires: Wed, 15 Nov 2023 03:01:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWO%2FJqsoOTShQ2u%2BY2xGUSQAaWxnCpoQasUerr2SQ6KR1kQsdxbm9N%2FY4pB%2BFH2KNSm%2Bz36zp5aEcD3c6kQUae%2Fx0QYL2iNukj1b9SoyJF6DgFsA3Z7V3H%2FCxilAWsdkiXTSCAEF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f7234bcf2b0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
fd6e45fec9010f48d052dc17826c75f0
218e01b9707f1e123eef81d70f24f0d95e526465
8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Last-Modified: Fri, 25 Nov 2022 01:20:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278

www.freespinsloopy.com/static/js/jquery.star-rating-svg.js

3.121.17.50

200 OK

3.9 kB

URL HTTP/1.1
www.freespinsloopy.com/static/js/jquery.star-rating-svg.js
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (661)
Size
3.9 kB (3920 bytes)
Hash
7bb300a2dbfed0ea4daaea7e47bd0c2c
d1cb2c5fb8692971359012a5167387554555a1c8
cee510b5f80fc1f4d6b275820a91551019098d2430688e7fd29f305dba32bf73

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/jquery.star-rating-svg.js HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 28 Oct 2020 15:55:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip

www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24

3.121.17.50

200 OK

1.3 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
assembler source, ASCII text
Size
1.3 kB (1285 bytes)
Hash
d3afb7ddffbe799f16fe68eda2878879
7f13b51b8dbc3a7d182a523a06b1ef3ec05b943c
6fe18b8339389f7abef617049e89525f0760e7391deeab55361f633fa482c6b3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fsl_assets/css/ticker-strip.css?v=24 HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: text/css
Last-Modified: Thu, 18 Feb 2021 14:34:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.freespinsloopy.com/static/fsl_assets/css/footer.css?v=24

3.121.17.50

200 OK

1.1 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fsl_assets/css/footer.css?v=24
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
assembler source, ASCII text
Size
1.1 kB (1148 bytes)
Hash
85bdfe0084079f25c2ad7bdecb1b9382
4ffd1ada668300190cf18e71fce0efbf56f5b904
256f986bf50bb872979a06952c466132d87cdca47530ba92c74d201dd51bf2ca

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fsl_assets/css/footer.css?v=24 HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: text/css
Last-Modified: Thu, 14 Jan 2021 15:34:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip

www.freespinsloopy.com/static/js/custom.js?v=24

3.121.17.50

200 OK

926 B

URL HTTP/1.1
www.freespinsloopy.com/static/js/custom.js?v=24
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
926 B (926 bytes)
Hash
a712be49f55b9de162f2d8fd992af49b
ef0d07082f772dcd523878a4f24bc8b769affd67
00d86e8eb5c558945beabfb7a4fee49e6ae97784596786dcc49449af5465b32c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/custom.js?v=24 HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 25 Oct 2022 13:12:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip

res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/07/19/1658234850HIGHBET.png

151.101.85.137

200 OK

4.1 kB

URL HTTP/2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/07/19/1658234850HIGHBET.png
IP
151.101.85.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.1 kB (4052 bytes)
Hash
58deaf12938252dbb7f0655b52629d95
4f29a4731819c592e22027744d1ae745b48edbda
eb51c3c145b3991af970938936d631c5b0bc3439a23d85a9d4ee309fcb3ee025

HTTP Headers

GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/07/19/1658234850HIGHBET.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="1658234850HIGHBET.webp"
content-type: image/webp
etag: "58deaf12938252dbb7f0655b52629d95"
last-modified: Tue, 19 Jul 2022 14:18:55 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 4052
X-Firefox-Spdy: h2

res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/10/06/1633527246BUTLERS-BINGO.png

151.101.85.137

200 OK

17 kB

URL HTTP/2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/10/06/1633527246BUTLERS-BINGO.png
IP
151.101.85.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 700x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
17 kB (16948 bytes)
Hash
b92bd49d2e421dca1a204911ea42b755
5c010f83078cadaef01a80d8558123840afc3351
60b295c97a180e8e2e28f9b4571d86838a652012f5cc303ede3b71f42569afea

HTTP Headers

GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/10/06/1633527246BUTLERS-BINGO.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="1633527246BUTLERS-BINGO.webp"
content-type: image/webp
etag: "b92bd49d2e421dca1a204911ea42b755"
last-modified: Tue, 10 May 2022 10:20:25 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 16948
X-Firefox-Spdy: h2

res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/03/04/1646399597WINK_SLOTS.png

151.101.85.137

200 OK

7.5 kB

URL HTTP/2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/03/04/1646399597WINK_SLOTS.png
IP
151.101.85.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
7.5 kB (7484 bytes)
Hash
0f1df6c96641986b9b99920869d48bd9
dbda8c5733aa1fba9e3a5d532b1ebeb1896cba38
1619781ea9400d971c35a62922be3cab8564efb5516d7f2f30d618f97dffcef4

HTTP Headers

GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/03/04/1646399597WINK_SLOTS.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="1646399597WINK_SLOTS.webp"
content-type: image/webp
etag: "0f1df6c96641986b9b99920869d48bd9"
last-modified: Thu, 01 Sep 2022 07:50:20 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 7484
X-Firefox-Spdy: h2

res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/11/11/1636633681POCKET-WIN.png

151.101.85.137

200 OK

5.7 kB

URL HTTP/2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/11/11/1636633681POCKET-WIN.png
IP
151.101.85.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.7 kB (5748 bytes)
Hash
0be967e23d4ad4ab8c0841366fc4cc82
293e885e928870bee9d979ca7e4e711617c5e21b
d87204ed07f5712586e2f42c1e0e8a5c5d26be4a7ce0513b4be35231b1983a57

HTTP Headers

GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/11/11/1636633681POCKET-WIN.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="1636633681POCKET-WIN.webp"
content-type: image/webp
etag: "0be967e23d4ad4ab8c0841366fc4cc82"
last-modified: Thu, 23 Jun 2022 07:25:09 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 5748
X-Firefox-Spdy: h2

res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/05/1664988394COSTA-BINGO.png

151.101.85.137

200 OK

22 kB

URL HTTP/2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/05/1664988394COSTA-BINGO.png
IP
151.101.85.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
22 kB (21544 bytes)
Hash
9be1473ba3b6ff7bfc41bc4284a1950a
c3751f864889d25beb9318edeaf504bf5f276de7
acb28a029a4af8b672413464c7c599c1cd0d667bf3df92d2fc5813416c0ada3a

HTTP Headers

GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/05/1664988394COSTA-BINGO.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="1664988394COSTA-BINGO.webp"
content-type: image/webp
etag: "9be1473ba3b6ff7bfc41bc4284a1950a"
last-modified: Wed, 05 Oct 2022 16:50:53 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 21544
X-Firefox-Spdy: h2

res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/03/31/1617171886POKERSTARS-CASINO.png

151.101.85.137

200 OK

3.8 kB

URL HTTP/2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/03/31/1617171886POKERSTARS-CASINO.png
IP
151.101.85.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.8 kB (3750 bytes)
Hash
602638d9c42c780b37033b330f390fa5
e8fac790801f179ada7f60cac029c67943e808fb
7d80f01fa2c60e5c7c712ab49a1aeefb24831a96dc69513e4f8da000465bb0a9

HTTP Headers

GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/03/31/1617171886POKERSTARS-CASINO.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="1617171886POKERSTARS-CASINO.webp"
content-type: image/webp
etag: "602638d9c42c780b37033b330f390fa5"
last-modified: Tue, 10 May 2022 10:22:52 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 3750
X-Firefox-Spdy: h2

www.freespinsloopy.com/static/js/jquery-3.3.1.min.js

3.121.17.50

200 OK

30 kB

URL HTTP/1.1
www.freespinsloopy.com/static/js/jquery-3.3.1.min.js
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
30 kB (30288 bytes)
Hash
2d495f5054edf410ef67b9fe39614157
f5048eecb20bffb83bf13f272d2b6599d2ed1a89
97ada30dad98a4983f45c054190b82147114acf4145f843c1c9ee9cd3123f698

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/jquery-3.3.1.min.js HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 23 Oct 2020 17:50:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip

res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/11/1665484498SLOTSBABY2.png

151.101.85.137

200 OK

12 kB

URL HTTP/2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/11/1665484498SLOTSBABY2.png
IP
151.101.85.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
12 kB (11620 bytes)
Hash
8866baad8b1658a5f287bbcfd699b7de
7e6f3e273c712e048dd03efe1c8ed47fbd595cb0
d4078121220b82b5bc311f81642b25a6fb40e557cec1498e44ca6a0b0a1e623a

HTTP Headers

GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/11/1665484498SLOTSBABY2.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="1665484498SLOTSBABY2.webp"
content-type: image/webp
etag: "8866baad8b1658a5f287bbcfd699b7de"
last-modified: Tue, 18 Oct 2022 12:56:39 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 11620
X-Firefox-Spdy: h2

www.googleoptimize.com/optimize.js?id=OPT-KLGLFBZ

142.250.74.78

200 OK

47 kB

URL HTTP/2
www.googleoptimize.com/optimize.js?id=OPT-KLGLFBZ
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
47 kB (46827 bytes)
Hash
093e908ba0a7451227dafd11d374fb42
979b2e8d1d035361e53b1d9e0a3a8e7701287708
e0ce2f7972a350498c74c1ebbdc731b9188c07327d1eefec77a19c9d53c77ef4

HTTP Headers

GET /optimize.js?id=OPT-KLGLFBZ HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 03:01:06 GMT
expires: Fri, 25 Nov 2022 03:01:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/12/1665577263SING_BINGO.png

151.101.85.137

200 OK

11 kB

URL HTTP/2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/12/1665577263SING_BINGO.png
IP
151.101.85.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
11 kB (10720 bytes)
Hash
6e3f56ab9c1ad2f326f65b24c5741980
b78055a51fb502f4be8d4d73db6d7d5e1eca5eea
603fe3177e5cfb91ba25da1ead2e8c40d9ae20d673d1eb9c066a04b144cb1e7c

HTTP Headers

GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/12/1665577263SING_BINGO.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="1665577263SING_BINGO.webp"
content-type: image/webp
etag: "6e3f56ab9c1ad2f326f65b24c5741980"
last-modified: Wed, 12 Oct 2022 15:06:44 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=6;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 10720
X-Firefox-Spdy: h2

res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/04/29/1651222331WILD-WEST-WINS.png

151.101.85.137

200 OK

13 kB

URL HTTP/2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/04/29/1651222331WILD-WEST-WINS.png
IP
151.101.85.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
13 kB (12992 bytes)
Hash
1c07e9d64df9661679e7da1da6ef430a
33742243206eab074d159bd39346b335ce9cf052
8cf32a07f0bda07ece35d5632befd2eb222e3f7a93276940fe154817d8964c7d

HTTP Headers

GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/04/29/1651222331WILD-WEST-WINS.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="1651222331WILD-WEST-WINS.webp"
content-type: image/webp
etag: "1c07e9d64df9661679e7da1da6ef430a"
last-modified: Tue, 10 May 2022 10:20:25 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=14;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 12992
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
fd6e45fec9010f48d052dc17826c75f0
218e01b9707f1e123eef81d70f24f0d95e526465
8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Last-Modified: Fri, 25 Nov 2022 01:20:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
f2d8c84168fac835cfedc4e3f49dd87e
8850fca6914fe68a79ba16dbf5d8aa120ba9eed6
02366941cc203e7fb16325c12b9c3e59952473eab7a943b3a9faeef2eaeb5218

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1476
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Etag: "637f5e59-118"
Last-Modified: Fri, 25 Nov 2022 02:36:30 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280

www.freespinsloopy.com/static/str_assets/img/GamCare.svg

3.121.17.50

200 OK

7.5 kB

URL HTTP/1.1
www.freespinsloopy.com/static/str_assets/img/GamCare.svg
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (7462), with no line terminators
Size
7.5 kB (7462 bytes)
Hash
24543821b1e8213539622f4abe8735b9
f287d3c51296363ef100a22ae6fe3f032c39f669
bd1cfcdb6b7660b212d3ebf4b33b417b89cc390cbc7bdd6965d939ff5b0648f6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/str_assets/img/GamCare.svg HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: image/svg+xml
Content-Length: 7462
Last-Modified: Fri, 23 Oct 2020 17:50:27 GMT
Connection: keep-alive
ETag: "5f9317e3-1d26"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

www.freespinsloopy.com/static/str_assets/img/18.svg

3.121.17.50

200 OK

1.3 kB

URL HTTP/1.1
www.freespinsloopy.com/static/str_assets/img/18.svg
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1334), with no line terminators
Size
1.3 kB (1334 bytes)
Hash
f7e06c1e23a211c3a24442064edf3e8b
5fbc29965dc91868595051c5270527d92139affa
3021698ecb6873de4aab9de5ba733b75ece21b12f5c46bb584c731b59e918f6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/str_assets/img/18.svg HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: image/svg+xml
Content-Length: 1334
Last-Modified: Fri, 23 Oct 2020 17:50:27 GMT
Connection: keep-alive
ETag: "5f9317e3-536"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

www.freespinsloopy.com/static/str_assets/img/GambleAware.svg

3.121.17.50

200 OK

6.2 kB

URL HTTP/1.1
www.freespinsloopy.com/static/str_assets/img/GambleAware.svg
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (6164), with no line terminators
Size
6.2 kB (6164 bytes)
Hash
a2372d6ae8006d52f6cc63facc6bc783
049b076d85a8487b926fe456858e5b184080ccf2
a309913528b8537b116609b9a8bb63cdd95f02f44fe40ec6f550d43f83813d9f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/str_assets/img/GambleAware.svg HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: image/svg+xml
Content-Length: 6164
Last-Modified: Fri, 23 Oct 2020 17:50:27 GMT
Connection: keep-alive
ETag: "5f9317e3-1814"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

www.freespinsloopy.com/static/fsl_assets/img/Logo.svg

3.121.17.50

200 OK

3.4 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fsl_assets/img/Logo.svg
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3393), with no line terminators
Size
3.4 kB (3393 bytes)
Hash
25f62e36d4d31efab9176e20c75539f3
6e66f202d3872f0f1de2e8bd51c7943b9fdf2219
a7cd88c88e48e32943e0844e91dcf1fd97a946ceb3cad833eed7352248ace03f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fsl_assets/img/Logo.svg HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: image/svg+xml
Content-Length: 3393
Last-Modified: Thu, 14 Jan 2021 14:53:29 GMT
Connection: keep-alive
ETag: "60005ae9-d41"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-5PMZWMJ

142.250.74.168

200 OK

50 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5PMZWMJ
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5196)
Size
50 kB (49617 bytes)
Hash
4bf9f999be8fe26eb85540e11581f91b
bf0401d50e6695063138ea22b5c811177f6c86a9
4444e1bbb04130a60910dc1c76b749d284d7f80b1c1c599fa7444d51fab05fab

HTTP Headers

GET /gtm.js?id=GTM-5PMZWMJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 03:01:06 GMT
expires: Fri, 25 Nov 2022 03:01:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 49617
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.freespinsloopy.com/static/fonts/Roboto-Light.ttf

3.121.17.50

200 OK

170 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fonts/Roboto-Light.ttf
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.137; 2017Roboto-Ligh\012- data
Size
170 kB (170012 bytes)
Hash
88823c2015ffd5fa89d567e17297a137
92cc3b6f9440193c12fd02ed690e434d685a9cc8
db02096a91c20ab62d459001a1059bc8d78caa35d637dc91494c4440815a6ac1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fonts/Roboto-Light.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/octet-stream
Content-Length: 170012
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-2981c"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

www.freespinsloopy.com/static/fonts/JosefinSans-Regular.ttf

3.121.17.50

200 OK

58 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fonts/JosefinSans-Regular.ttf
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
TrueType Font data, 16 tables, 1st "GDEF", 18 names, Microsoft, language 0x409, Copyright 2010 The Josefin Sans Project Authors (https://github.com/ThomasJockin/JosefinSansFont\012- data
Size
58 kB (58548 bytes)
Hash
6762afeccd02d16a80409b78fb85251c
1320915dbd19243be53f5458f1b6f2881efc7e67
31ed94e56b1225f07307210cc2ea46e2209b71fe284423f6929f9cdab124e86d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fonts/JosefinSans-Regular.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/octet-stream
Content-Length: 58548
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-e4b4"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

www.freespinsloopy.com/static/fonts/JosefinSans-Bold.ttf

3.121.17.50

200 OK

58 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fonts/JosefinSans-Bold.ttf
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
TrueType Font data, 16 tables, 1st "GDEF", 18 names, Microsoft, language 0x409, Copyright 2010 The Josefin Sans Project Authors (https://github.com/ThomasJockin/JosefinSansFont\012- data
Size
58 kB (58416 bytes)
Hash
9ac2a60828c8f6e627f4f628899398f0
b1b440257fcb021f25f1e845b3091e41189695c4
607a55db524faad26263089be4c1a7085072cf2ccf34b3546610288b418a0381

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fonts/JosefinSans-Bold.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/octet-stream
Content-Length: 58416
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-e430"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

www.freespinsloopy.com/static/fsl_assets/img/Background.png

3.121.17.50

200 OK

221 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fsl_assets/img/Background.png
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size
221 kB (221136 bytes)
Hash
89edddc7f6c38ba260efdcf842d51e3c
a9b437cd2124082174d8ce708374fd5fa472aa99
24a1c51c927ab068a2bd58676a460114b4587d6bf4e27b38b815f28dcd3226f2

HTTP Headers

GET /static/fsl_assets/img/Background.png HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/new_offers_page.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: image/png
Content-Length: 221136
Last-Modified: Thu, 14 Jan 2021 14:53:29 GMT
Connection: keep-alive
ETag: "60005ae9-35fd0"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

www.freespinsloopy.com/static/fonts/RobotoCondensed-Light.ttf

3.121.17.50

200 OK

168 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fonts/RobotoCondensed-Light.ttf
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto Condensed LightRegularVersion 2.137; 2017R\012- data
Size
168 kB (167568 bytes)
Hash
885e5558c90864ddb72ad486f36470cc
b65ec310689040b32a54e62269e8b83e3c40f89e
e4787def35e6d46bb0bef6f6086cceddfc357476858b0e77b3587f6faebe666d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fonts/RobotoCondensed-Light.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/octet-stream
Content-Length: 167568
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-28e90"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

www.freespinsloopy.com/static/fonts/Roboto-Bold.ttf

3.121.17.50

200 OK

170 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fonts/Roboto-Bold.ttf
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo\012- data
Size
170 kB (170348 bytes)
Hash
e07df86cef2e721115583d61d1fb68a6
3dd713113ff2d79b94d2df343e2e28fa8e7279cf
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fonts/Roboto-Bold.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/octet-stream
Content-Length: 170348
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-2996c"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

www.freespinsloopy.com/static/fonts/RobotoCondensed-Bold.ttf

3.121.17.50

200 OK

169 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fonts/RobotoCondensed-Bold.ttf
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto CondensedBoldRoboto Condensed BoldVersion \012- data
Size
169 kB (169352 bytes)
Hash
cbd4e701269338259ee0b39a0b768167
97289a9d7448164e46ea8b3107a24ac1807f6c0e
d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fonts/RobotoCondensed-Bold.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:07 GMT
Content-Type: application/octet-stream
Content-Length: 169352
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-29588"
Expires: Sat, 25 Nov 2023 03:01:07 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
61ed911e1c7efe7245f5779de4d6a52e
d8c398e2ded306383bc6bf5e7bba7b25fb6d3e03
b07cbf2991a524cd3af5c9c24fecff3606797f524eee0f66de361c3a824bf45f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=147202
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Etag: "637fcbf4-118"
Expires: Sat, 26 Nov 2022 19:54:30 GMT
Last-Modified: Thu, 24 Nov 2022 19:54:28 GMT
Server: nginx
Content-Length: 279

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c7f70dcf29b7adc9bc6f8769f830c4e
040fe68e6b1462549334cf37fedf2c61bb25e789
3d9a50df3a49b771a79c608d21828d889c9902ca8c3c070c31bce7cf2b32e01f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D9A50DF3A49B771A79C608D21828D889C9902CA8C3C070C31BCE7CF2B32E01F"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 25 Nov 2022 09:01:07 GMT
Date: Fri, 25 Nov 2022 03:01:07 GMT
Connection: keep-alive

www.slotswise.com/api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO

18.197.71.232

301 MOVED PERMANENTLY

0 B

URL HTTP/1.1
www.slotswise.com/api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO
IP
18.197.71.232:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO HTTP/1.1
Host: www.slotswise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 MOVED PERMANENTLY
Server: nginx
Date: Fri, 25 Nov 2022 03:01:07 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Language, Cookie
X-Frame-Options: SAMEORIGIN
Location: https://www.slotswise.com/api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r/?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO
Content-Language: en-gb
Access-Control-Allow-Origin: slotswise.com

www.slotswise.com/api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r/?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO

18.197.71.232

200 OK

0 B

URL HTTP/1.1
www.slotswise.com/api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r/?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO
IP
18.197.71.232:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r/?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO HTTP/1.1
Host: www.slotswise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.freespinsloopy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept, Accept-Language, Cookie
X-Frame-Options: SAMEORIGIN
Content-Language: en-gb
Allow: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: slotswise.com

www.freespinsloopy.com/static/fsl_assets/img/Favicon.png

3.121.17.50

200 OK

2.9 kB

URL HTTP/1.1
www.freespinsloopy.com/static/fsl_assets/img/Favicon.png
IP
3.121.17.50:0
ASN
#16509 AMAZON-02

File type
PNG image data, 201 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2903 bytes)
Hash
73df78ada483893b293401407206815b
3f2944de0df80c46db27f469428958d1aee05775
2919e03be68fa62af82ff0910c6fc362428f00e443631d29036b13c2ce83ad32

HTTP Headers

GET /static/fsl_assets/img/Favicon.png HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:07 GMT
Content-Type: image/png
Content-Length: 2903
Last-Modified: Thu, 14 Jan 2021 14:53:29 GMT
Connection: keep-alive
ETag: "60005ae9-b57"
Expires: Sat, 25 Nov 2023 03:01:07 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3885
Expires: Fri, 25 Nov 2022 04:05:52 GMT
Date: Fri, 25 Nov 2022 03:01:07 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4861
Cache-Control: max-age=98785
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:07 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:27:32 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3885
Expires: Fri, 25 Nov 2022 04:05:52 GMT
Date: Fri, 25 Nov 2022 03:01:07 GMT
Connection: keep-alive

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 02:41:08 GMT
expires: Fri, 25 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 1199
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3885
Expires: Fri, 25 Nov 2022 04:05:52 GMT
Date: Fri, 25 Nov 2022 03:01:07 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8275 bytes)
Hash
4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJ7Ppbn5tLf-PIzvOMM-JK3paiWilTRRs5f93VzR0dZ5XDeIGwWonw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:55 GMT
age: 18312
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6130 bytes)
Hash
ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 18339
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 78999
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11954 bytes)
Hash
6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 35020
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3955 bytes)
Hash
4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ESacQ13nZwlbUKiNnwl6AxqC9ar8cxPctKLMFWS86aB3ZGsbxG0ZOA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 04:22:08 GMT
age: 81539
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6590 bytes)
Hash
1adbf0cd373a4c06caa71eac14e1286c
236199a790f16dcf96dba80b9945836b37e3c2eb
767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6590
x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8zGeAIAMF4HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4iFMdgZvXpHdbGKY-3exNXsKVn2FuWGQg70mCqzGLSHk_bSTiXSCxA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:01:38 GMT
age: 17969
etag: "236199a790f16dcf96dba80b9945836b37e3c2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

loader.wisepops.com/get-loader.js?v=1&site=fnhFmehqbz

172.67.74.220

404 Not Found

27 kB

URL HTTP/2
loader.wisepops.com/get-loader.js?v=1&site=fnhFmehqbz
IP
172.67.74.220:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
27 kB (27341 bytes)
Hash
056623a9f3797bdd6b6cb69a6e1a8129
d2e959e487f0386ec1cae909a19c7486bcc5a715
921b272d7b625d9fdcf423123e74d97bc3731588c7116b50d14768e26f0e38bc

HTTP Headers

GET /get-loader.js?v=1&site=fnhFmehqbz HTTP/1.1
Host: loader.wisepops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
date: Fri, 25 Nov 2022 03:01:07 GMT
content-type: text/javascript
vary: Accept-Encoding
x-cloud-trace-context: 7c327be44d68efdb138f66ab67a55892
cache-control: private, max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zt5DdkFdqvMPemDYzvPP%2FYYJVAi29MG3c0w%2B%2FbUsJbd44wchdLY9pHVTrCM5Tgg3%2FCd1Xdb%2FMu8Umpgm%2FY9WV8BFhQ2gNqaVF69x2QOtGdt5UgZs0nYkohRNYndeu78Gd6A3G5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f7234f3febb527-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&a=683655303&t=pageview&_s=1&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&ul=en-us&de=UTF-8&dt=FreeSpinsLoopy%20%7C%20CLAIM%20FREE%20SPINS&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=464395837&gjid=387941421&cid=1305725833.1669345267&uid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&tid=UA-136258468-1&_gid=1192918488.1669345267&_r=1&gtm=2wgb905PMZWMJ&cd1=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&cd2=a4386b4e050668efb0159c4ac1bfca8205a995ed&z=587578123

142.250.74.174

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=683655303&t=pageview&_s=1&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&ul=en-us&de=UTF-8&dt=FreeSpinsLoopy%20%7C%20CLAIM%20FREE%20SPINS&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=464395837&gjid=387941421&cid=1305725833.1669345267&uid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&tid=UA-136258468-1&_gid=1192918488.1669345267&_r=1&gtm=2wgb905PMZWMJ&cd1=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&cd2=a4386b4e050668efb0159c4ac1bfca8205a995ed&z=587578123
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j98&a=683655303&t=pageview&_s=1&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&ul=en-us&de=UTF-8&dt=FreeSpinsLoopy%20%7C%20CLAIM%20FREE%20SPINS&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=464395837&gjid=387941421&cid=1305725833.1669345267&uid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&tid=UA-136258468-1&_gid=1192918488.1669345267&_r=1&gtm=2wgb905PMZWMJ&cd1=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&cd2=a4386b4e050668efb0159c4ac1bfca8205a995ed&z=587578123 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.freespinsloopy.com
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.freespinsloopy.com
date: Fri, 25 Nov 2022 03:01:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4861
Cache-Control: max-age=98785
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:07 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:27:32 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

www.facebook.com/tr/?id=149530806794884&ev=PageView&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&rl=&if=false&ts=1669345267156&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669345267155.801835208&it=1669345266935&coo=false&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=149530806794884&ev=PageView&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&rl=&if=false&ts=1669345267156&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669345267155.801835208&it=1669345266935&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=149530806794884&ev=PageView&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&rl=&if=false&ts=1669345267156&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669345267155.801835208&it=1669345266935&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Nov 2022 03:01:07 GMT
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.6.3/css/all.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.6.3/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.6.3/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:01:06 GMT
content-type: text/css
x-amz-id-2: PFm9fUN0xas2W111Iiri/0dSDg95gX66LGBCZuSy+BB/89hYUurN0U6cPuND+nJjMfaoeC5iUOU=
x-amz-request-id: 1ZVBJN1S69T89QT1
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
etag: W/"dc93d584e41f8417f6b7163320d34329"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1472639
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mC0Smsqb8QozmZodWThDdb3K1cwhxpzyoIbYE8X4Q7KhsvM%2BJKaYp2vQ3qQ3uBkJoHvTjpUuIbuCTLP2ai7xGSlDV6lzUZpW1e913lmGwUX%2BwMqjb12GtBHyfvhUAUVFjwWoVygF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7234bfbbd004a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freespinsloopy.com
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:01:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 08/15/2022 13:52:49
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7b14f013b74c901701f67c7c5ff36682
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f7234bece4b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP