tx.vc/r/3sXcj/
99.83.131.60301 Moved Permanently 134 B IP 99.83.131.60:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /r/3sXcj/ HTTP/1.1
Host: tx.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 25 Nov 2022 03:01:04 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://tx.vc:443/r/3sXcj/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3864
Expires: Fri, 25 Nov 2022 04:05:29 GMT
Date: Fri, 25 Nov 2022 03:01:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:05 GMT
Last-Modified: Fri, 25 Nov 2022 01:42:40 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 02:17:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2622
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6320
Expires: Fri, 25 Nov 2022 04:46:25 GMT
Date: Fri, 25 Nov 2022 03:01:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: E/RvuzRNotXf7J2BIQgAjFwJvnY7vx9DfQ+xq8ytdPwq8LljJUUPCWEmSsJsymkdITFwW0GONrk=
x-amz-request-id: AJB9DBNDT9T6VZDR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 02:43:40 GMT
age: 1045
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:01:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9c70849f1aedb3219600a28625c15194
8771673b6022bd32c29c027a98870014ecce5c79
709f114c9b9709c4c30939486e6f95ec3b60ca73e6f0111c8d867e21a158e4e8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150810
Date: Fri, 25 Nov 2022 03:01:05 GMT
Etag: "637fda0b-1d7"
Expires: Sat, 26 Nov 2022 20:54:35 GMT
Last-Modified: Thu, 24 Nov 2022 20:54:35 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rAs5yu6YoUEm1esjPyKXa7TsLp7wlbz5s4gmOdQG9Oxqi6F9R-GTyg==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 02:08:53 GMT
cache-control: public,max-age=3600
age: 3132
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
tx.vc/r/3sXcj/
99.83.131.60301 Moved Permanently 228 B IP 99.83.131.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 38b60419aba6d78710628b26def625c4
a81cf7e95491c3e3c8abf99d4861ac0be7e9ee74
0e4d17f6728dfa8cee9a146eb6a1424a4e3cac0cadecabed06e05dffcf9b5f7a
GET /r/3sXcj/ HTTP/1.1
Host: tx.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 25 Nov 2022 03:01:05 GMT
content-type: text/html; charset=iso-8859-1
content-length: 228
location: http://tx.vc/r/3sXcj
server: Apache
X-Firefox-Spdy: h2
tx.vc/r/3sXcj
99.83.131.60301 Moved Permanently 134 B IP 99.83.131.60:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /r/3sXcj HTTP/1.1
Host: tx.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 25 Nov 2022 03:01:05 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://tx.vc:443/r/3sXcj
tx.vc/r/3sXcj
99.83.131.60302 Found 0 B IP 99.83.131.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/3sXcj HTTP/1.1
Host: tx.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
date: Fri, 25 Nov 2022 03:01:05 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
server: Apache
x-frame-options: tx.vc
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3940
Cache-Control: max-age=112284
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:05 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:12:29 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6c37300d54d2c6437b577292c6fbbed
c1c883bb7989bae739374a6936089ea44f0b9005
b76cb4c224a8797c51c5b846eba413deca349eb01e1b1565bd4f4812c5fbe1e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B76CB4C224A8797C51C5B846EBA413DECA349EB01E1B1565BD4F4812C5FBE1E4"
Last-Modified: Wed, 23 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Fri, 25 Nov 2022 09:00:50 GMT
Date: Fri, 25 Nov 2022 03:01:06 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.69.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.69.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WraUmDCbQaaczn9WBH85pw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uNIoRO1SE61KWL8UBkXey8UchPc=
www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
3.121.17.50200 OK 10 kB URL HTTP/1.1 www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
IP 3.121.17.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (512)
Hash de158df287e062030b3ac4703023762d
e7a651116db286487880398e9ab540d38f2b91ec
358fa7233abaf2613fa149e7e55bc931b661ff3a4035388eb7a63c1ed95c42ec
GET /lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540 HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: DENY
Vary: Accept-Encoding, Cookie, Accept-Language
Content-Language: en-gb
X-Content-Type-Options: nosniff
Set-Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; Path=/
visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; expires=Fri, 25 Nov 2022 06:01:06 GMT; Max-Age=10800; Path=/
da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; Path=/
csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; expires=Fri, 24 Nov 2023 03:01:06 GMT; Max-Age=31449600; Path=/; SameSite=Lax
sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; expires=Fri, 09 Dec 2022 03:01:06 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax
Content-Encoding: gzip
www.freespinsloopy.com/static/fsl_assets/css/new_offers_page.css?v=24
3.121.17.50200 OK 3.2 kB URL HTTP/1.1 www.freespinsloopy.com/static/fsl_assets/css/new_offers_page.css?v=24
IP 3.121.17.50:0
File type assembler source, ASCII text
Hash 0f58134f56656e280976b30bfb402a57
068a92328847ba7cfc32513313dc77b33afa8128
8a5f01f57db76df0662147414622cef8d923d3ba0f6af84d1a1bf087df855159
Analyzer Verdict Alert fortinet Phishing
GET /static/fsl_assets/css/new_offers_page.css?v=24 HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Jun 2022 09:37:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
www.freespinsloopy.com/static/css/star-rating-svg.css
3.121.17.50200 OK 272 B URL HTTP/1.1 www.freespinsloopy.com/static/css/star-rating-svg.css
IP 3.121.17.50:0
File type ASCII text, with very long lines (487), with no line terminators
Hash 35e70490396b03528922aef96a7b6158
5c83e732b4159905c7ddae10bbed46374661a0e6
d796f1a85491909b73d77bc3509835503dbf70a9d49f05cede2d7653aaab47a7
GET /static/css/star-rating-svg.css HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: text/css
Last-Modified: Wed, 28 Oct 2020 15:55:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fd6e45fec9010f48d052dc17826c75f0
218e01b9707f1e123eef81d70f24f0d95e526465
8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Last-Modified: Fri, 25 Nov 2022 01:20:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f2d8c84168fac835cfedc4e3f49dd87e
8850fca6914fe68a79ba16dbf5d8aa120ba9eed6
02366941cc203e7fb16325c12b9c3e59952473eab7a943b3a9faeef2eaeb5218
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3085
Cache-Control: max-age=122228
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Etag: "637f5e59-118"
Expires: Sat, 26 Nov 2022 12:58:14 GMT
Last-Modified: Thu, 24 Nov 2022 12:06:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
104.17.24.14200 OK 6.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (20831)
Hash 368c425fc94c424e1688caadefbed981
13d24c22c199ef6668d758434819f44307a65094
ed9c7a83e1c1300a93ecd08807a736ebe7b87ab8262a40bc7e3859d00a46a102
GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freespinsloopy.com
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:01:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 727102
expires: Wed, 15 Nov 2023 03:01:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWO%2FJqsoOTShQ2u%2BY2xGUSQAaWxnCpoQasUerr2SQ6KR1kQsdxbm9N%2FY4pB%2BFH2KNSm%2Bz36zp5aEcD3c6kQUae%2Fx0QYL2iNukj1b9SoyJF6DgFsA3Z7V3H%2FCxilAWsdkiXTSCAEF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f7234bcf2b0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fd6e45fec9010f48d052dc17826c75f0
218e01b9707f1e123eef81d70f24f0d95e526465
8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Last-Modified: Fri, 25 Nov 2022 01:20:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
www.freespinsloopy.com/static/js/jquery.star-rating-svg.js
3.121.17.50200 OK 3.9 kB URL HTTP/1.1 www.freespinsloopy.com/static/js/jquery.star-rating-svg.js
IP 3.121.17.50:0
File type ASCII text, with very long lines (661)
Hash 7bb300a2dbfed0ea4daaea7e47bd0c2c
d1cb2c5fb8692971359012a5167387554555a1c8
cee510b5f80fc1f4d6b275820a91551019098d2430688e7fd29f305dba32bf73
Analyzer Verdict Alert fortinet Phishing
GET /static/js/jquery.star-rating-svg.js HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 28 Oct 2020 15:55:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
3.121.17.50200 OK 1.3 kB URL HTTP/1.1 www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
IP 3.121.17.50:0
File type assembler source, ASCII text
Hash d3afb7ddffbe799f16fe68eda2878879
7f13b51b8dbc3a7d182a523a06b1ef3ec05b943c
6fe18b8339389f7abef617049e89525f0760e7391deeab55361f633fa482c6b3
Analyzer Verdict Alert fortinet Phishing
GET /static/fsl_assets/css/ticker-strip.css?v=24 HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: text/css
Last-Modified: Thu, 18 Feb 2021 14:34:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freespinsloopy.com/static/fsl_assets/css/footer.css?v=24
3.121.17.50200 OK 1.1 kB URL HTTP/1.1 www.freespinsloopy.com/static/fsl_assets/css/footer.css?v=24
IP 3.121.17.50:0
File type assembler source, ASCII text
Hash 85bdfe0084079f25c2ad7bdecb1b9382
4ffd1ada668300190cf18e71fce0efbf56f5b904
256f986bf50bb872979a06952c466132d87cdca47530ba92c74d201dd51bf2ca
Analyzer Verdict Alert fortinet Phishing
GET /static/fsl_assets/css/footer.css?v=24 HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: text/css
Last-Modified: Thu, 14 Jan 2021 15:34:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
www.freespinsloopy.com/static/js/custom.js?v=24
3.121.17.50200 OK 926 B URL HTTP/1.1 www.freespinsloopy.com/static/js/custom.js?v=24
IP 3.121.17.50:0
Hash a712be49f55b9de162f2d8fd992af49b
ef0d07082f772dcd523878a4f24bc8b769affd67
00d86e8eb5c558945beabfb7a4fee49e6ae97784596786dcc49449af5465b32c
Analyzer Verdict Alert fortinet Phishing
GET /static/js/custom.js?v=24 HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 25 Oct 2022 13:12:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/07/19/1658234850HIGHBET.png
151.101.85.137200 OK 4.1 kB URL HTTP/2 res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/07/19/1658234850HIGHBET.png
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 58deaf12938252dbb7f0655b52629d95
4f29a4731819c592e22027744d1ae745b48edbda
eb51c3c145b3991af970938936d631c5b0bc3439a23d85a9d4ee309fcb3ee025
GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/07/19/1658234850HIGHBET.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="1658234850HIGHBET.webp"
content-type: image/webp
etag: "58deaf12938252dbb7f0655b52629d95"
last-modified: Tue, 19 Jul 2022 14:18:55 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 4052
X-Firefox-Spdy: h2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/10/06/1633527246BUTLERS-BINGO.png
151.101.85.137200 OK 17 kB URL HTTP/2 res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/10/06/1633527246BUTLERS-BINGO.png
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b92bd49d2e421dca1a204911ea42b755
5c010f83078cadaef01a80d8558123840afc3351
60b295c97a180e8e2e28f9b4571d86838a652012f5cc303ede3b71f42569afea
GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/10/06/1633527246BUTLERS-BINGO.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="1633527246BUTLERS-BINGO.webp"
content-type: image/webp
etag: "b92bd49d2e421dca1a204911ea42b755"
last-modified: Tue, 10 May 2022 10:20:25 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 16948
X-Firefox-Spdy: h2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/03/04/1646399597WINK_SLOTS.png
151.101.85.137200 OK 7.5 kB URL HTTP/2 res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/03/04/1646399597WINK_SLOTS.png
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0f1df6c96641986b9b99920869d48bd9
dbda8c5733aa1fba9e3a5d532b1ebeb1896cba38
1619781ea9400d971c35a62922be3cab8564efb5516d7f2f30d618f97dffcef4
GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/03/04/1646399597WINK_SLOTS.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="1646399597WINK_SLOTS.webp"
content-type: image/webp
etag: "0f1df6c96641986b9b99920869d48bd9"
last-modified: Thu, 01 Sep 2022 07:50:20 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 7484
X-Firefox-Spdy: h2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/11/11/1636633681POCKET-WIN.png
151.101.85.137200 OK 5.7 kB URL HTTP/2 res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/11/11/1636633681POCKET-WIN.png
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0be967e23d4ad4ab8c0841366fc4cc82
293e885e928870bee9d979ca7e4e711617c5e21b
d87204ed07f5712586e2f42c1e0e8a5c5d26be4a7ce0513b4be35231b1983a57
GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/11/11/1636633681POCKET-WIN.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="1636633681POCKET-WIN.webp"
content-type: image/webp
etag: "0be967e23d4ad4ab8c0841366fc4cc82"
last-modified: Thu, 23 Jun 2022 07:25:09 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 5748
X-Firefox-Spdy: h2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/05/1664988394COSTA-BINGO.png
151.101.85.137200 OK 22 kB URL HTTP/2 res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/05/1664988394COSTA-BINGO.png
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9be1473ba3b6ff7bfc41bc4284a1950a
c3751f864889d25beb9318edeaf504bf5f276de7
acb28a029a4af8b672413464c7c599c1cd0d667bf3df92d2fc5813416c0ada3a
GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/05/1664988394COSTA-BINGO.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="1664988394COSTA-BINGO.webp"
content-type: image/webp
etag: "9be1473ba3b6ff7bfc41bc4284a1950a"
last-modified: Wed, 05 Oct 2022 16:50:53 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 21544
X-Firefox-Spdy: h2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/03/31/1617171886POKERSTARS-CASINO.png
151.101.85.137200 OK 3.8 kB URL HTTP/2 res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/03/31/1617171886POKERSTARS-CASINO.png
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 602638d9c42c780b37033b330f390fa5
e8fac790801f179ada7f60cac029c67943e808fb
7d80f01fa2c60e5c7c712ab49a1aeefb24831a96dc69513e4f8da000465bb0a9
GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2021/03/31/1617171886POKERSTARS-CASINO.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="1617171886POKERSTARS-CASINO.webp"
content-type: image/webp
etag: "602638d9c42c780b37033b330f390fa5"
last-modified: Tue, 10 May 2022 10:22:52 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 3750
X-Firefox-Spdy: h2
www.freespinsloopy.com/static/js/jquery-3.3.1.min.js
3.121.17.50200 OK 30 kB URL HTTP/1.1 www.freespinsloopy.com/static/js/jquery-3.3.1.min.js
IP 3.121.17.50:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 2d495f5054edf410ef67b9fe39614157
f5048eecb20bffb83bf13f272d2b6599d2ed1a89
97ada30dad98a4983f45c054190b82147114acf4145f843c1c9ee9cd3123f698
Analyzer Verdict Alert fortinet Phishing
GET /static/js/jquery-3.3.1.min.js HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 23 Oct 2020 17:50:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/11/1665484498SLOTSBABY2.png
151.101.85.137200 OK 12 kB URL HTTP/2 res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/11/1665484498SLOTSBABY2.png
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8866baad8b1658a5f287bbcfd699b7de
7e6f3e273c712e048dd03efe1c8ed47fbd595cb0
d4078121220b82b5bc311f81642b25a6fb40e557cec1498e44ca6a0b0a1e623a
GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/11/1665484498SLOTSBABY2.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="1665484498SLOTSBABY2.webp"
content-type: image/webp
etag: "8866baad8b1658a5f287bbcfd699b7de"
last-modified: Tue, 18 Oct 2022 12:56:39 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 11620
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-KLGLFBZ
142.250.74.78200 OK 47 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-KLGLFBZ
IP 142.250.74.78:0
File type ASCII text, with very long lines (1921)
Hash 093e908ba0a7451227dafd11d374fb42
979b2e8d1d035361e53b1d9e0a3a8e7701287708
e0ce2f7972a350498c74c1ebbdc731b9188c07327d1eefec77a19c9d53c77ef4
GET /optimize.js?id=OPT-KLGLFBZ HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 03:01:06 GMT
expires: Fri, 25 Nov 2022 03:01:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/12/1665577263SING_BINGO.png
151.101.85.137200 OK 11 kB URL HTTP/2 res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/12/1665577263SING_BINGO.png
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6e3f56ab9c1ad2f326f65b24c5741980
b78055a51fb502f4be8d4d73db6d7d5e1eca5eea
603fe3177e5cfb91ba25da1ead2e8c40d9ae20d673d1eb9c066a04b144cb1e7c
GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/10/12/1665577263SING_BINGO.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="1665577263SING_BINGO.webp"
content-type: image/webp
etag: "6e3f56ab9c1ad2f326f65b24c5741980"
last-modified: Wed, 12 Oct 2022 15:06:44 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=6;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 10720
X-Firefox-Spdy: h2
res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/04/29/1651222331WILD-WEST-WINS.png
151.101.85.137200 OK 13 kB URL HTTP/2 res.cloudinary.com/qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/04/29/1651222331WILD-WEST-WINS.png
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1c07e9d64df9661679e7da1da6ef430a
33742243206eab074d159bd39346b335ce9cf052
8cf32a07f0bda07ece35d5632befd2eb222e3f7a93276940fe154817d8964c7d
GET /qih/image/upload/f_auto/v1/multisite/media/Merchants/2022/04/29/1651222331WILD-WEST-WINS.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="1651222331WILD-WEST-WINS.webp"
content-type: image/webp
etag: "1c07e9d64df9661679e7da1da6ef430a"
last-modified: Tue, 10 May 2022 10:20:25 GMT
date: Fri, 25 Nov 2022 03:01:06 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=14;cpu=1;start=2022-11-25T03:01:06.579Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 12992
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fd6e45fec9010f48d052dc17826c75f0
218e01b9707f1e123eef81d70f24f0d95e526465
8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Last-Modified: Fri, 25 Nov 2022 01:20:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f2d8c84168fac835cfedc4e3f49dd87e
8850fca6914fe68a79ba16dbf5d8aa120ba9eed6
02366941cc203e7fb16325c12b9c3e59952473eab7a943b3a9faeef2eaeb5218
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1476
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Etag: "637f5e59-118"
Last-Modified: Fri, 25 Nov 2022 02:36:30 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
www.freespinsloopy.com/static/str_assets/img/GamCare.svg
3.121.17.50200 OK 7.5 kB URL HTTP/1.1 www.freespinsloopy.com/static/str_assets/img/GamCare.svg
IP 3.121.17.50:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (7462), with no line terminators
Hash 24543821b1e8213539622f4abe8735b9
f287d3c51296363ef100a22ae6fe3f032c39f669
bd1cfcdb6b7660b212d3ebf4b33b417b89cc390cbc7bdd6965d939ff5b0648f6
Analyzer Verdict Alert fortinet Phishing
GET /static/str_assets/img/GamCare.svg HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: image/svg+xml
Content-Length: 7462
Last-Modified: Fri, 23 Oct 2020 17:50:27 GMT
Connection: keep-alive
ETag: "5f9317e3-1d26"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
www.freespinsloopy.com/static/str_assets/img/18.svg
3.121.17.50200 OK 1.3 kB URL HTTP/1.1 www.freespinsloopy.com/static/str_assets/img/18.svg
IP 3.121.17.50:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1334), with no line terminators
Hash f7e06c1e23a211c3a24442064edf3e8b
5fbc29965dc91868595051c5270527d92139affa
3021698ecb6873de4aab9de5ba733b75ece21b12f5c46bb584c731b59e918f6f
Analyzer Verdict Alert fortinet Phishing
GET /static/str_assets/img/18.svg HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: image/svg+xml
Content-Length: 1334
Last-Modified: Fri, 23 Oct 2020 17:50:27 GMT
Connection: keep-alive
ETag: "5f9317e3-536"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
www.freespinsloopy.com/static/str_assets/img/GambleAware.svg
3.121.17.50200 OK 6.2 kB URL HTTP/1.1 www.freespinsloopy.com/static/str_assets/img/GambleAware.svg
IP 3.121.17.50:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (6164), with no line terminators
Hash a2372d6ae8006d52f6cc63facc6bc783
049b076d85a8487b926fe456858e5b184080ccf2
a309913528b8537b116609b9a8bb63cdd95f02f44fe40ec6f550d43f83813d9f
Analyzer Verdict Alert fortinet Phishing
GET /static/str_assets/img/GambleAware.svg HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: image/svg+xml
Content-Length: 6164
Last-Modified: Fri, 23 Oct 2020 17:50:27 GMT
Connection: keep-alive
ETag: "5f9317e3-1814"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
www.freespinsloopy.com/static/fsl_assets/img/Logo.svg
3.121.17.50200 OK 3.4 kB URL HTTP/1.1 www.freespinsloopy.com/static/fsl_assets/img/Logo.svg
IP 3.121.17.50:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3393), with no line terminators
Hash 25f62e36d4d31efab9176e20c75539f3
6e66f202d3872f0f1de2e8bd51c7943b9fdf2219
a7cd88c88e48e32943e0844e91dcf1fd97a946ceb3cad833eed7352248ace03f
Analyzer Verdict Alert fortinet Phishing
GET /static/fsl_assets/img/Logo.svg HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: image/svg+xml
Content-Length: 3393
Last-Modified: Thu, 14 Jan 2021 14:53:29 GMT
Connection: keep-alive
ETag: "60005ae9-d41"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5PMZWMJ
142.250.74.168200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5PMZWMJ
IP 142.250.74.168:0
File type ASCII text, with very long lines (5196)
Hash 4bf9f999be8fe26eb85540e11581f91b
bf0401d50e6695063138ea22b5c811177f6c86a9
4444e1bbb04130a60910dc1c76b749d284d7f80b1c1c599fa7444d51fab05fab
GET /gtm.js?id=GTM-5PMZWMJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 03:01:06 GMT
expires: Fri, 25 Nov 2022 03:01:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 49617
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.freespinsloopy.com/static/fonts/Roboto-Light.ttf
3.121.17.50200 OK 170 kB URL HTTP/1.1 www.freespinsloopy.com/static/fonts/Roboto-Light.ttf
IP 3.121.17.50:0
File type TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.137; 2017Roboto-Ligh\012- data
Size 170 kB (170012 bytes)
Hash 88823c2015ffd5fa89d567e17297a137
92cc3b6f9440193c12fd02ed690e434d685a9cc8
db02096a91c20ab62d459001a1059bc8d78caa35d637dc91494c4440815a6ac1
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Roboto-Light.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/octet-stream
Content-Length: 170012
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-2981c"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
www.freespinsloopy.com/static/fonts/JosefinSans-Regular.ttf
3.121.17.50200 OK 58 kB URL HTTP/1.1 www.freespinsloopy.com/static/fonts/JosefinSans-Regular.ttf
IP 3.121.17.50:0
File type TrueType Font data, 16 tables, 1st "GDEF", 18 names, Microsoft, language 0x409, Copyright 2010 The Josefin Sans Project Authors (https://github.com/ThomasJockin/JosefinSansFont\012- data
Hash 6762afeccd02d16a80409b78fb85251c
1320915dbd19243be53f5458f1b6f2881efc7e67
31ed94e56b1225f07307210cc2ea46e2209b71fe284423f6929f9cdab124e86d
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/JosefinSans-Regular.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/octet-stream
Content-Length: 58548
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-e4b4"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
www.freespinsloopy.com/static/fonts/JosefinSans-Bold.ttf
3.121.17.50200 OK 58 kB URL HTTP/1.1 www.freespinsloopy.com/static/fonts/JosefinSans-Bold.ttf
IP 3.121.17.50:0
File type TrueType Font data, 16 tables, 1st "GDEF", 18 names, Microsoft, language 0x409, Copyright 2010 The Josefin Sans Project Authors (https://github.com/ThomasJockin/JosefinSansFont\012- data
Hash 9ac2a60828c8f6e627f4f628899398f0
b1b440257fcb021f25f1e845b3091e41189695c4
607a55db524faad26263089be4c1a7085072cf2ccf34b3546610288b418a0381
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/JosefinSans-Bold.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/octet-stream
Content-Length: 58416
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-e430"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
www.freespinsloopy.com/static/fsl_assets/img/Background.png
3.121.17.50200 OK 221 kB URL HTTP/1.1 www.freespinsloopy.com/static/fsl_assets/img/Background.png
IP 3.121.17.50:0
File type PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size 221 kB (221136 bytes)
Hash 89edddc7f6c38ba260efdcf842d51e3c
a9b437cd2124082174d8ce708374fd5fa472aa99
24a1c51c927ab068a2bd58676a460114b4587d6bf4e27b38b815f28dcd3226f2
GET /static/fsl_assets/img/Background.png HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/new_offers_page.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: image/png
Content-Length: 221136
Last-Modified: Thu, 14 Jan 2021 14:53:29 GMT
Connection: keep-alive
ETag: "60005ae9-35fd0"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
www.freespinsloopy.com/static/fonts/RobotoCondensed-Light.ttf
3.121.17.50200 OK 168 kB URL HTTP/1.1 www.freespinsloopy.com/static/fonts/RobotoCondensed-Light.ttf
IP 3.121.17.50:0
File type TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto Condensed LightRegularVersion 2.137; 2017R\012- data
Size 168 kB (167568 bytes)
Hash 885e5558c90864ddb72ad486f36470cc
b65ec310689040b32a54e62269e8b83e3c40f89e
e4787def35e6d46bb0bef6f6086cceddfc357476858b0e77b3587f6faebe666d
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/RobotoCondensed-Light.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/octet-stream
Content-Length: 167568
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-28e90"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
www.freespinsloopy.com/static/fonts/Roboto-Bold.ttf
3.121.17.50200 OK 170 kB URL HTTP/1.1 www.freespinsloopy.com/static/fonts/Roboto-Bold.ttf
IP 3.121.17.50:0
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo\012- data
Size 170 kB (170348 bytes)
Hash e07df86cef2e721115583d61d1fb68a6
3dd713113ff2d79b94d2df343e2e28fa8e7279cf
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Roboto-Bold.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:06 GMT
Content-Type: application/octet-stream
Content-Length: 170348
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-2996c"
Expires: Sat, 25 Nov 2023 03:01:06 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
www.freespinsloopy.com/static/fonts/RobotoCondensed-Bold.ttf
3.121.17.50200 OK 169 kB URL HTTP/1.1 www.freespinsloopy.com/static/fonts/RobotoCondensed-Bold.ttf
IP 3.121.17.50:0
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto CondensedBoldRoboto Condensed BoldVersion \012- data
Size 169 kB (169352 bytes)
Hash cbd4e701269338259ee0b39a0b768167
97289a9d7448164e46ea8b3107a24ac1807f6c0e
d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/RobotoCondensed-Bold.ttf HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/static/fsl_assets/css/ticker-strip.css?v=24
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:07 GMT
Content-Type: application/octet-stream
Content-Length: 169352
Last-Modified: Mon, 21 Dec 2020 10:32:53 GMT
Connection: keep-alive
ETag: "5fe079d5-29588"
Expires: Sat, 25 Nov 2023 03:01:07 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 61ed911e1c7efe7245f5779de4d6a52e
d8c398e2ded306383bc6bf5e7bba7b25fb6d3e03
b07cbf2991a524cd3af5c9c24fecff3606797f524eee0f66de361c3a824bf45f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=147202
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:06 GMT
Etag: "637fcbf4-118"
Expires: Sat, 26 Nov 2022 19:54:30 GMT
Last-Modified: Thu, 24 Nov 2022 19:54:28 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c7f70dcf29b7adc9bc6f8769f830c4e
040fe68e6b1462549334cf37fedf2c61bb25e789
3d9a50df3a49b771a79c608d21828d889c9902ca8c3c070c31bce7cf2b32e01f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D9A50DF3A49B771A79C608D21828D889C9902CA8C3C070C31BCE7CF2B32E01F"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 25 Nov 2022 09:01:07 GMT
Date: Fri, 25 Nov 2022 03:01:07 GMT
Connection: keep-alive
www.slotswise.com/api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO
18.197.71.232301 MOVED PERMANENTLY 0 B URL HTTP/1.1 www.slotswise.com/api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO
IP 18.197.71.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO HTTP/1.1
Host: www.slotswise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 MOVED PERMANENTLY
Server: nginx
Date: Fri, 25 Nov 2022 03:01:07 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Language, Cookie
X-Frame-Options: SAMEORIGIN
Location: https://www.slotswise.com/api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r/?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO
Content-Language: en-gb
Access-Control-Allow-Origin: slotswise.com
www.slotswise.com/api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r/?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO
18.197.71.232200 OK 0 B URL HTTP/1.1 www.slotswise.com/api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r/?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO
IP 18.197.71.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/ga-hit/7hsiey4o4mx4vzrq0hsyre0jcn4d806r/?url=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&user_agent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&referrer=&ip_addr=undefined&visitor_id=a4386b4e050668efb0159c4ac1bfca8205a995ed&geo=NO HTTP/1.1
Host: www.slotswise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.freespinsloopy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept, Accept-Language, Cookie
X-Frame-Options: SAMEORIGIN
Content-Language: en-gb
Allow: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: slotswise.com
www.freespinsloopy.com/static/fsl_assets/img/Favicon.png
3.121.17.50200 OK 2.9 kB URL HTTP/1.1 www.freespinsloopy.com/static/fsl_assets/img/Favicon.png
IP 3.121.17.50:0
File type PNG image data, 201 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 73df78ada483893b293401407206815b
3f2944de0df80c46db27f469428958d1aee05775
2919e03be68fa62af82ff0910c6fc362428f00e443631d29036b13c2ce83ad32
GET /static/fsl_assets/img/Favicon.png HTTP/1.1
Host: www.freespinsloopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/lp286/?lavi=BSC15135049&conversion_method=sms&conversion_campaign=6540&send_id=6540
Cookie: session_key=7hsiey4o4mx4vzrq0hsyre0jcn4d806r; visitor_key=a4386b4e050668efb0159c4ac1bfca8205a995ed; da_cookies="{'query_dict': {'value': \"{'lavi': 'BSC15135049'\054 'conversion_method': 'sms'\054 'conversion_campaign': '6540'\054 'send_id': '6540'}\"\054 'expiry': '2022-11-25 03:01:06'}\054 'network': {'value': 'nonetwork'\054 'expiry': '2022-11-25 03:01:06'}\054 'channel': {'value': 'direct'\054 'expiry': '2022-11-25 03:01:06'}}"; csrftoken=3UTTkrbXCEHvL8Ng7fMwSYRThXPccAqfSjnCrjiBN6oa8JP4RIoRe8BysfyucpPU; sessionid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:01:07 GMT
Content-Type: image/png
Content-Length: 2903
Last-Modified: Thu, 14 Jan 2021 14:53:29 GMT
Connection: keep-alive
ETag: "60005ae9-b57"
Expires: Sat, 25 Nov 2023 03:01:07 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3885
Expires: Fri, 25 Nov 2022 04:05:52 GMT
Date: Fri, 25 Nov 2022 03:01:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4861
Cache-Control: max-age=98785
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:07 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:27:32 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3885
Expires: Fri, 25 Nov 2022 04:05:52 GMT
Date: Fri, 25 Nov 2022 03:01:07 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 02:41:08 GMT
expires: Fri, 25 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 1199
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3885
Expires: Fri, 25 Nov 2022 04:05:52 GMT
Date: Fri, 25 Nov 2022 03:01:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJ7Ppbn5tLf-PIzvOMM-JK3paiWilTRRs5f93VzR0dZ5XDeIGwWonw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:55 GMT
age: 18312
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 18339
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 78999
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 35020
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ESacQ13nZwlbUKiNnwl6AxqC9ar8cxPctKLMFWS86aB3ZGsbxG0ZOA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 04:22:08 GMT
age: 81539
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1adbf0cd373a4c06caa71eac14e1286c
236199a790f16dcf96dba80b9945836b37e3c2eb
767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6590
x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8zGeAIAMF4HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4iFMdgZvXpHdbGKY-3exNXsKVn2FuWGQg70mCqzGLSHk_bSTiXSCxA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:01:38 GMT
age: 17969
etag: "236199a790f16dcf96dba80b9945836b37e3c2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
loader.wisepops.com/get-loader.js?v=1&site=fnhFmehqbz
172.67.74.220404 Not Found 27 kB URL HTTP/2 loader.wisepops.com/get-loader.js?v=1&site=fnhFmehqbz
IP 172.67.74.220:0
Hash 056623a9f3797bdd6b6cb69a6e1a8129
d2e959e487f0386ec1cae909a19c7486bcc5a715
921b272d7b625d9fdcf423123e74d97bc3731588c7116b50d14768e26f0e38bc
GET /get-loader.js?v=1&site=fnhFmehqbz HTTP/1.1
Host: loader.wisepops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 25 Nov 2022 03:01:07 GMT
content-type: text/javascript
vary: Accept-Encoding
x-cloud-trace-context: 7c327be44d68efdb138f66ab67a55892
cache-control: private, max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zt5DdkFdqvMPemDYzvPP%2FYYJVAi29MG3c0w%2B%2FbUsJbd44wchdLY9pHVTrCM5Tgg3%2FCd1Xdb%2FMu8Umpgm%2FY9WV8BFhQ2gNqaVF69x2QOtGdt5UgZs0nYkohRNYndeu78Gd6A3G5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f7234f3febb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=683655303&t=pageview&_s=1&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&ul=en-us&de=UTF-8&dt=FreeSpinsLoopy%20%7C%20CLAIM%20FREE%20SPINS&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=464395837&gjid=387941421&cid=1305725833.1669345267&uid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&tid=UA-136258468-1&_gid=1192918488.1669345267&_r=1>m=2wgb905PMZWMJ&cd1=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&cd2=a4386b4e050668efb0159c4ac1bfca8205a995ed&z=587578123
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=683655303&t=pageview&_s=1&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&ul=en-us&de=UTF-8&dt=FreeSpinsLoopy%20%7C%20CLAIM%20FREE%20SPINS&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=464395837&gjid=387941421&cid=1305725833.1669345267&uid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&tid=UA-136258468-1&_gid=1192918488.1669345267&_r=1>m=2wgb905PMZWMJ&cd1=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&cd2=a4386b4e050668efb0159c4ac1bfca8205a995ed&z=587578123
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=683655303&t=pageview&_s=1&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&ul=en-us&de=UTF-8&dt=FreeSpinsLoopy%20%7C%20CLAIM%20FREE%20SPINS&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=464395837&gjid=387941421&cid=1305725833.1669345267&uid=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&tid=UA-136258468-1&_gid=1192918488.1669345267&_r=1>m=2wgb905PMZWMJ&cd1=7hsiey4o4mx4vzrq0hsyre0jcn4d806r&cd2=a4386b4e050668efb0159c4ac1bfca8205a995ed&z=587578123 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.freespinsloopy.com
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.freespinsloopy.com
date: Fri, 25 Nov 2022 03:01:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4861
Cache-Control: max-age=98785
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:01:07 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:27:32 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.facebook.com/tr/?id=149530806794884&ev=PageView&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&rl=&if=false&ts=1669345267156&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669345267155.801835208&it=1669345266935&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=149530806794884&ev=PageView&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&rl=&if=false&ts=1669345267156&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669345267155.801835208&it=1669345266935&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=149530806794884&ev=PageView&dl=https%3A%2F%2Fwww.freespinsloopy.com%2Flp286%2F%3Flavi%3DBSC15135049%26conversion_method%3Dsms%26conversion_campaign%3D6540%26send_id%3D6540&rl=&if=false&ts=1669345267156&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669345267155.801835208&it=1669345266935&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Nov 2022 03:01:07 GMT
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.6.3/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.6.3/css/all.css
IP 172.64.132.15:0
GET /releases/v5.6.3/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:01:06 GMT
content-type: text/css
x-amz-id-2: PFm9fUN0xas2W111Iiri/0dSDg95gX66LGBCZuSy+BB/89hYUurN0U6cPuND+nJjMfaoeC5iUOU=
x-amz-request-id: 1ZVBJN1S69T89QT1
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
etag: W/"dc93d584e41f8417f6b7163320d34329"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1472639
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mC0Smsqb8QozmZodWThDdb3K1cwhxpzyoIbYE8X4Q7KhsvM%2BJKaYp2vQ3qQ3uBkJoHvTjpUuIbuCTLP2ai7xGSlDV6lzUZpW1e913lmGwUX%2BwMqjb12GtBHyfvhUAUVFjwWoVygF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7234bfbbd004a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freespinsloopy.com
Connection: keep-alive
Referer: https://www.freespinsloopy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:01:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 08/15/2022 13:52:49
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7b14f013b74c901701f67c7c5ff36682
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f7234bece4b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2