0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
301 Moved Permanently 0 B URL HTTP/1.1 0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16048
Expires: Sat, 26 Nov 2022 17:07:26 GMT
Date: Sat, 26 Nov 2022 12:39:58 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4733
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:58 GMT
Last-Modified: Sat, 26 Nov 2022 11:21:05 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 12:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1245
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2197
Expires: Sat, 26 Nov 2022 13:16:35 GMT
Date: Sat, 26 Nov 2022 12:39:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BQB40y3ip/Tt1agGlSbVYq3fRFSCsG0VrUBksMXpObyiwplu2+VozOFRhLqOKEV0V/vxK7KQJGw=
x-amz-request-id: VK0DQZ5XM3DP6MK0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 11:44:13 GMT
age: 3345
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:39:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 119d932b9ee0084c08b3d696bda0f191
2858cdead9d492718991fcdcc2f229b6c3a79aa3
24954ae1f7636a6b95c64619fb8b2ad37879b779d623f78384944be3630a45ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24954AE1F7636A6B95C64619FB8B2AD37879B779D623F78384944BE3630A45EE"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=587
Expires: Sat, 26 Nov 2022 12:49:45 GMT
Date: Sat, 26 Nov 2022 12:39:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 12:11:12 GMT
cache-control: public,max-age=3600
age: 1726
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
200 OK 4.7 kB URL HTTP/1.1 0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fa0f02405520d4517bafa89b30715063
ea6ff0712a4e9b5c50a269c0590722477805f20a
aeeb8d25fa5ce73c0f96f618be3cbc4fdad59e051d7c2188e4cf23bbf3e73255
Analyzer Verdict Alert fortinet Phishing
GET /t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Sat, 26 Nov 2022 12:39:58 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
service-worker-allowed: /
cache-control: no-cache, private
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; expires=Sat, 26 Nov 2022 14:39:58 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D; expires=Sat, 26 Nov 2022 14:39:58 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5920
Cache-Control: max-age=165933
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:58 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:45:31 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
IP
File type ASCII text, with very long lines (32069)
Hash 4ae540714475aa934955496d990ab15f
b7724c4d72a422b86f5dc06571ff4bc86f0308a3
ca0222f8799d862ca8c427d6c612878f47043c9445ad0e1567f1f80e83c965e2
GET /ajax/libs/jquery/2.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 22:29:01 GMT
expires: Sat, 25 Nov 2023 22:29:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 51057
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/style.css
200 OK 14 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/style.css
IP
Hash cb19a3cdc6604cd4e38707e3d6827533
5099a7076e5aaf21c81ec2d0cc4935e0c8cbbf90
d710e56c31f6e6697599766420b15dcef3fb328539f1381c1d2e2310db9b9e9a
GET /templates/templates/SPIN_casino-survey/src/style.css HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:40 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "cb19a3cdc6604cd4e38707e3d6827533"
content-type: text/css
content-length: 14284
x-varnish: 5604998 295994
age: 228439
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
0my.lotstolink.com/o/2XXQ6DLP/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/?push=true
302 Found 818 B URL HTTP/1.1 0my.lotstolink.com/o/2XXQ6DLP/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/?push=true
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325)
Hash 13d28977e19f3ebf759da9d9621c50cc
64771714b7586737117a78c52d1ada4445667355
93b4c52f6083319cf1161e52d1a3c68ab3b27f71e56002e619591b73512dd3af
Analyzer Verdict Alert fortinet Phishing
GET /o/2XXQ6DLP/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/?push=true HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
date: Sat, 26 Nov 2022 12:39:59 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=705ab0d2-6d87-11ed-8703-4f3c0e4710fb&&push=true
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6IklPbFM0SGxzeEFET1IrckRDWmlCRXc9PSIsInZhbHVlIjoid25MM0ZUUXBscEVmU254Q0l6bTh5VjRTT3BlNGtpN1RVRTIxV2tyaWR0MmRRbnQ2YmlpTituYytXeEFRTklqM1JQUW4reUEyYkhNbU1rbTQ5WFFMSTJBZnVyNkFCQmxtSm04M2JRT3FoZ0NMRC9CM21PQzFoK241ZnRGQ3JwU0IiLCJtYWMiOiIwMDc1YmMxODNjZmZmOTgyYWZlNDAyY2QyOWQyMTJlMjFmMmE1MjZkYjA1NTI3MWZkMmRiZjEyMmM0OThiMGU3IiwidGFnIjoiIn0%3D; expires=Sat, 26 Nov 2022 14:39:59 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6Ik5nSStCYVRUQnZwcXF2R3VzbVRwaUE9PSIsInZhbHVlIjoiaTF0Ynh6dGhrcUJDWHdEa1VWdjBYU1ZlN2hxalY4VmRkU1RCbTZsMFJiNnlZczlUOWlDc21BTzQyUGh5R2FoNHBoakM1TXRYdnJ6a09IYnpMZi9EaHc1SmZPSytHZFIvWUdjSjY2QTRXWmg4akF0M1hzTHA2ZklaV3JrSDBOWTMiLCJtYWMiOiJmNzBhY2JkMmQ4ODNmMmRkNzNlMzViZjY4MmY3NDNiOTRlZDRiZTVkMDZkZmI1OWZkODQxMTIyMGI4ZGI2YWE2IiwidGFnIjoiIn0%3D; expires=Sat, 26 Nov 2022 14:39:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4V8KZr4BBkZ3GUNWDW2Qxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FQNJBhkl87HE1hJug+PcSVmR7Es=
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img7m.jpg
200 OK 2.3 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img7m.jpg
IP
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 7364bf39dcf0941d3a1760e46a562710
a358405162193128cceae8551e14648798bd4254
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
GET /templates/templates/SPIN_casino-survey/src/img7m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "7364bf39dcf0941d3a1760e46a562710"
content-type: image/jpeg
content-length: 2264
x-varnish: 4837225 754202
age: 228434
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c7.jpg
200 OK 885 B URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c7.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 897f3dd5e858fe80eb0100a2d798c486
b550c18b572c6b95868aafc2c751fa5f92a3be4f
dee106bfd25bef41d50df51bf68521a5846e6f59e68f7494df98fcf8454d5ebc
GET /templates/templates/SPIN_casino-survey/src/c7.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "897f3dd5e858fe80eb0100a2d798c486"
content-type: image/jpeg
content-length: 885
x-varnish: 5509508 656121
age: 228434
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img62.jpg
200 OK 2.1 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img62.jpg
IP
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash f48aa7778890400e3be6131e64cd4236
9341d039b9f7de4eac9070c36fecac2772cc1ba0
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
GET /templates/templates/SPIN_casino-survey/src/img62.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "f48aa7778890400e3be6131e64cd4236"
content-type: image/jpeg
content-length: 2143
x-varnish: 3828639 459069
age: 228434
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c3.jpg
200 OK 1.5 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c3.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 8521c06061df409f6d35ca2a83163a82
e110e850db8d8111fe858764287caeebe14d5e50
cf1ec1a6ce1e4bf8ec7d58bc85d1f166d36646d05c65ea72697b12d1d001747c
GET /templates/templates/SPIN_casino-survey/src/c3.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "8521c06061df409f6d35ca2a83163a82"
content-type: image/jpeg
content-length: 1457
x-varnish: 5636338 786901
age: 228434
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.digicert.com/
200 OK 279 B IP
Hash 58d9f6bc0fda6e5cdc70aa8e5d9867c8
7b5b6960bd04202ad3dfb961738443df953fd85b
b1576062529f740ec9830d6eafa1e9c5ef9924de15986039c9f7bb15b70cd16e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124756
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:59 GMT
Etag: "63814d73-117"
Expires: Sun, 27 Nov 2022 23:19:15 GMT
Last-Modified: Fri, 25 Nov 2022 23:19:15 GMT
Server: nginx
Content-Length: 279
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-spin.gif
200 OK 88 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-spin.gif
IP
File type GIF image data, version 89a, 410 x 279\012- data
Hash 617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
GET /templates/templates/SPIN_casino-survey/src/slot-spin.gif HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:43 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "617c16c5e04c8603dd7f157862b1c682"
content-type: image/gif
content-length: 87599
x-varnish: 5605001 295999
age: 228436
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-1.png
200 OK 20 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-1.png
IP
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 1fbd2b26e61236d5bcfdfeb6adbd2c8c
c9034272d28dab018b73f1967a679c734f987a1f
c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963
GET /templates/templates/SPIN_casino-survey/src/slot-result-1.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:44 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "1fbd2b26e61236d5bcfdfeb6adbd2c8c"
content-type: image/png
content-length: 20370
x-varnish: 5072728 754196
age: 228435
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.digicert.com/
200 OK 279 B IP
Hash 58d9f6bc0fda6e5cdc70aa8e5d9867c8
7b5b6960bd04202ad3dfb961738443df953fd85b
b1576062529f740ec9830d6eafa1e9c5ef9924de15986039c9f7bb15b70cd16e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=124756
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:59 GMT
Etag: "63814d73-117"
Expires: Sun, 27 Nov 2022 23:19:15 GMT
Last-Modified: Fri, 25 Nov 2022 23:19:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img42.jpg
200 OK 2.0 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img42.jpg
IP
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 6d02d5cf49120718501b9a6629290c48
a7bfde16cd37f6a331e8f17fbfc2f1772a5929a1
84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9
GET /templates/templates/SPIN_casino-survey/src/img42.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "6d02d5cf49120718501b9a6629290c48"
content-type: image/jpeg
content-length: 2037
x-varnish: 4837229 459065
age: 228435
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-win.png
200 OK 14 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-win.png
IP
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 939b6a73c96383ac0842317037f3a0f0
0654b62431c8ba522833950b8166d7a16e2a6b56
b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837
GET /templates/templates/SPIN_casino-survey/src/slot-win.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "939b6a73c96383ac0842317037f3a0f0"
content-type: image/png
content-length: 14391
x-varnish: 5072732 459063
age: 228435
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img2Male.jpg
200 OK 1.3 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img2Male.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 92b944714cea3e478a8e50dea1a80b26
f12fc267be0ab02e2f3585b42df5b8c10d3cd3a5
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205
GET /templates/templates/SPIN_casino-survey/src/img2Male.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "92b944714cea3e478a8e50dea1a80b26"
content-type: image/jpeg
content-length: 1297
x-varnish: 5111501 754198
age: 228435
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img9m.jpg
200 OK 1.0 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img9m.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 51x51, components 3\012- data
Hash 7a532123e2eda81e018b8c1f90c8b3bd
e03576434acd69d708fae0f3f8df07e93d152280
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1
GET /templates/templates/SPIN_casino-survey/src/img9m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "7a532123e2eda81e018b8c1f90c8b3bd"
content-type: image/jpeg
content-length: 1017
x-varnish: 5480772 754200
age: 228435
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img8m.jpg
200 OK 1.5 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img8m.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 0d0f29abfcedc7dfffe3811a5100a6cd
19567e85aab4fd05d752cfa86f88087465042b0a
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
GET /templates/templates/SPIN_casino-survey/src/img8m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "0d0f29abfcedc7dfffe3811a5100a6cd"
content-type: image/jpeg
content-length: 1506
x-varnish: 5605002 656119
age: 228435
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-2.png
200 OK 27 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-2.png
IP
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash b6ca0bfea4d0cec334f128f5c2c44cff
f6dc006902542a929187af718d9f6a244e5472b5
b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435
GET /templates/templates/SPIN_casino-survey/src/slot-result-2.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "b6ca0bfea4d0cec334f128f5c2c44cff"
content-type: image/png
content-length: 26733
x-varnish: 5317181 296002
age: 228435
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/arrow.png
200 OK 154 B URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/arrow.png
IP
File type PNG image data, 12 x 12, 4-bit colormap, non-interlaced\012- data
Hash 4daf12b0677dd9ae8923d3154187d1d8
d20e8f0a0c1a72d20cd421ba5e162ff938896e51
5351d7b058d47812c8a2c74bccef9389a11e3df9cd19874d95b7000c8ab9ea9e
GET /templates/templates/SPIN_casino-survey/src/arrow.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IklPbFM0SGxzeEFET1IrckRDWmlCRXc9PSIsInZhbHVlIjoid25MM0ZUUXBscEVmU254Q0l6bTh5VjRTT3BlNGtpN1RVRTIxV2tyaWR0MmRRbnQ2YmlpTituYytXeEFRTklqM1JQUW4reUEyYkhNbU1rbTQ5WFFMSTJBZnVyNkFCQmxtSm04M2JRT3FoZ0NMRC9CM21PQzFoK241ZnRGQ3JwU0IiLCJtYWMiOiIwMDc1YmMxODNjZmZmOTgyYWZlNDAyY2QyOWQyMTJlMjFmMmE1MjZkYjA1NTI3MWZkMmRiZjEyMmM0OThiMGU3IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Ik5nSStCYVRUQnZwcXF2R3VzbVRwaUE9PSIsInZhbHVlIjoiaTF0Ynh6dGhrcUJDWHdEa1VWdjBYU1ZlN2hxalY4VmRkU1RCbTZsMFJiNnlZczlUOWlDc21BTzQyUGh5R2FoNHBoakM1TXRYdnJ6a09IYnpMZi9EaHc1SmZPSytHZFIvWUdjSjY2QTRXWmg4akF0M1hzTHA2ZklaV3JrSDBOWTMiLCJtYWMiOiJmNzBhY2JkMmQ4ODNmMmRkNzNlMzViZjY4MmY3NDNiOTRlZDRiZTVkMDZkZmI1OWZkODQxMTIyMGI4ZGI2YWE2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:44 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "4daf12b0677dd9ae8923d3154187d1d8"
content-type: image/png
content-length: 154
x-varnish: 5317182 754194
age: 228436
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-left.png
200 OK 1.3 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-left.png
IP
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 92d3e482cacea857c5dfaf9fa3a21dfb
3f12c410c77d763cc4719ec367a18417b8300758
4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef
GET /templates/templates/SPIN_casino-survey/src/red-arrow-left.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:44 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "92d3e482cacea857c5dfaf9fa3a21dfb"
content-type: image/png
content-length: 1334
x-varnish: 5072733 557236
age: 228436
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-start.png
200 OK 26 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-start.png
IP
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash f491647556e492de92530b48827690aa
6296c44299f5acb17cb2c06e37391a70672b1fd3
efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d
GET /templates/templates/SPIN_casino-survey/src/slot-start.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "f491647556e492de92530b48827690aa"
content-type: image/png
content-length: 26084
x-varnish: 5605003 295996
age: 228437
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-right.png
200 OK 1.4 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-right.png
IP
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 881bdc037be8895ba5d8d53456890e7e
4e105c89e2a1475520bb74c9c20bf2f9e906fcb3
9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f
GET /templates/templates/SPIN_casino-survey/src/red-arrow-right.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:43 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "881bdc037be8895ba5d8d53456890e7e"
content-type: image/png
content-length: 1362
x-varnish: 5136515 754192
age: 228437
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img3f.jpg
200 OK 2.3 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img3f.jpg
IP
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 5edf4db493423ac10c72a27ad5c4a618
5c535d00eaeaa725b39e3e1167a12de5bd66a1f2
a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f
GET /templates/templates/SPIN_casino-survey/src/img3f.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "5edf4db493423ac10c72a27ad5c4a618"
content-type: image/jpeg
content-length: 2336
x-varnish: 5111502 656115
age: 228435
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img1Female.jpg
200 OK 1.3 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img1Female.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash c3c59916d3b4977017c89125dc42b664
c8e5a97a6e9fbf41558c09c65b2ca6df9ba8723a
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
GET /templates/templates/SPIN_casino-survey/src/img1Female.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:44 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "c3c59916d3b4977017c89125dc42b664"
content-type: image/jpeg
content-length: 1315
x-varnish: 4837230 557238
age: 228435
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img5m.jpg
200 OK 1.2 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img5m.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash a848711320a9df61e6457f65b0dfa9fb
68a62a84d89f4f9e1e831a6cef920797c7f2e7d5
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
GET /templates/templates/SPIN_casino-survey/src/img5m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IkJPZG1Wd3F5U2JPM2ZYNlVOcldCRFE9PSIsInZhbHVlIjoibjlMM1M3dE4xY3NLZGhkRG9adWdFMmJlTi9XTlMrZ1cyb2RkQ0I5UVlWY0VXcTA2dnVCVHFIbmNTZlFjTGwrbHYwblJsWEJMM3p1VUJrL1IxaDR3dytIOGV4RkltZGJUV0N4MWdjR2Zwci9qUjVZNkE2dGo5WERzRnk4RGRUaTkiLCJtYWMiOiJlZmIwNWQ2NDFhNTkyMWJlMTY4ZmVjMGEzZmI1NzM5YjUxM2FjOGYwNGFiMTFjZGU0YTE0MzU2ZGEzZTQ5YzhiIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjIrRWhKNjJSRCtGTjR3UHM3M012UFE9PSIsInZhbHVlIjoiYlNMbmIyd0daVnFKOWoxVXdpblVlbEFOQ2xvZ0dCTzhPa3pwSFBVcUp3a3VoTWtkTDlLUnlYZzhNZUJKRlpKNUxnd2Y0ck0wMCtVVEhGaVZQQ1R6ZC9HTEViM0d4OXNaMFBMUlFZN08wMitDVDRCR0pkRUE1RVprWThtejBQRVMiLCJtYWMiOiJiNjg4N2EwOWZiZGE1NzM0NzU1ZjgxNDc4NWEzMmU0NDI2MWYwZDEwYTczMDY4ODIwOTk5NTc2NDJkNGFmMTBjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:12:45 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "a848711320a9df61e6457f65b0dfa9fb"
content-type: image/jpeg
content-length: 1169
x-varnish: 5605004 656117
age: 228435
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/_common/js/service-workers/neptuneads/service-worker.js
200 OK 90 B URL HTTP/1.1 0my.lotstolink.com/_common/js/service-workers/neptuneads/service-worker.js
IP
File type ASCII text, with no line terminators
Hash 1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123
Analyzer Verdict Alert fortinet Phishing
GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IklPbFM0SGxzeEFET1IrckRDWmlCRXc9PSIsInZhbHVlIjoid25MM0ZUUXBscEVmU254Q0l6bTh5VjRTT3BlNGtpN1RVRTIxV2tyaWR0MmRRbnQ2YmlpTituYytXeEFRTklqM1JQUW4reUEyYkhNbU1rbTQ5WFFMSTJBZnVyNkFCQmxtSm04M2JRT3FoZ0NMRC9CM21PQzFoK241ZnRGQ3JwU0IiLCJtYWMiOiIwMDc1YmMxODNjZmZmOTgyYWZlNDAyY2QyOWQyMTJlMjFmMmE1MjZkYjA1NTI3MWZkMmRiZjEyMmM0OThiMGU3IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Ik5nSStCYVRUQnZwcXF2R3VzbVRwaUE9PSIsInZhbHVlIjoiaTF0Ynh6dGhrcUJDWHdEa1VWdjBYU1ZlN2hxalY4VmRkU1RCbTZsMFJiNnlZczlUOWlDc21BTzQyUGh5R2FoNHBoakM1TXRYdnJ6a09IYnpMZi9EaHc1SmZPSytHZFIvWUdjSjY2QTRXWmg4akF0M1hzTHA2ZklaV3JrSDBOWTMiLCJtYWMiOiJmNzBhY2JkMmQ4ODNmMmRkNzNlMzViZjY4MmY3NDNiOTRlZDRiZTVkMDZkZmI1OWZkODQxMTIyMGI4ZGI2YWE2IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=582d038d-c157-0fd7-24f8-e4bec8f78c75
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:11:14 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 5072734 656016
age: 228526
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/favicon.png
200 OK 955 B URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/favicon.png
IP
File type PNG image data, 22 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ba8f79228f377310ff399ee6d98845b
d29d5b796aedc3c777960875b7115a78214a1162
8b3c2a655893a93cfd6efe3798e008d524adfdb723409ab432e81c3b44bcf79c
GET /templates/templates/SPIN_casino-survey/src/favicon.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/6a4b77ee-6d87-11ed-b507-a59d4e0764b9/6a5000a2-6d87-11ed-9903-a1c888a6c9fa
Cookie: XSRF-TOKEN=eyJpdiI6IklPbFM0SGxzeEFET1IrckRDWmlCRXc9PSIsInZhbHVlIjoid25MM0ZUUXBscEVmU254Q0l6bTh5VjRTT3BlNGtpN1RVRTIxV2tyaWR0MmRRbnQ2YmlpTituYytXeEFRTklqM1JQUW4reUEyYkhNbU1rbTQ5WFFMSTJBZnVyNkFCQmxtSm04M2JRT3FoZ0NMRC9CM21PQzFoK241ZnRGQ3JwU0IiLCJtYWMiOiIwMDc1YmMxODNjZmZmOTgyYWZlNDAyY2QyOWQyMTJlMjFmMmE1MjZkYjA1NTI3MWZkMmRiZjEyMmM0OThiMGU3IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Ik5nSStCYVRUQnZwcXF2R3VzbVRwaUE9PSIsInZhbHVlIjoiaTF0Ynh6dGhrcUJDWHdEa1VWdjBYU1ZlN2hxalY4VmRkU1RCbTZsMFJiNnlZczlUOWlDc21BTzQyUGh5R2FoNHBoakM1TXRYdnJ6a09IYnpMZi9EaHc1SmZPSytHZFIvWUdjSjY2QTRXWmg4akF0M1hzTHA2ZklaV3JrSDBOWTMiLCJtYWMiOiJmNzBhY2JkMmQ4ODNmMmRkNzNlMzViZjY4MmY3NDNiOTRlZDRiZTVkMDZkZmI1OWZkODQxMTIyMGI4ZGI2YWE2IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=582d038d-c157-0fd7-24f8-e4bec8f78c75
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 21:13:51 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "7ba8f79228f377310ff399ee6d98845b"
content-type: image/png
content-length: 955
x-varnish: 5072735 721552
age: 228369
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18924
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 12:40:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18924
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 12:40:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18924
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 12:40:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18924
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 12:40:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0f860248042a8499ffb1701a880b2ba
845842c789e6e97fd1687e668d446bbb8309ffc7
9eca5258c7b6e4e145ca6576a3f3791f1324714404ffd7a56a61961f81e7bd44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11150
x-amzn-requestid: 0b773c28-feda-41a2-9de6-8b559bd773eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5EukoAMFxfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-3bfe118939abc352072c5af1;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RBv0V5RyDoApQfc5QIHFxVzmasUJvYZ6X4-kTTfI9UhtdjUWitlkJA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
etag: "845842c789e6e97fd1687e668d446bbb8309ffc7"
content-type: image/jpeg
age: 53616
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -6kE-HDfLIQMtzuaOuArCjtxgpQUgxMrpjcT7pDIdY7CDlJNK1GZWA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
age: 53616
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 19594
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mxC9qkJyuCX0NOEgkK3Z0LWPpxbTcFIvkrDAJ6KBnMFLHToB50AEFg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:02:20 GMT
age: 52660
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 50811
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70fae9ac56bb7676177d4252757f0180
bd3027af47f20f4bb9ac36cd9e4493e28e6b041c
1378749f1b28b6c56b8e76418fc5dd59cf608a4e64c1e1067b4f19df10233afc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8078
x-amzn-requestid: e199b062-09f2-46b8-a8ee-6d7b782f7359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC7GT2oAMF5XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-485ea8fd3e785be748834efd;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yJdSAEHw1AFVsBFBSX5G6rqED3Kpi_P69vtTrVVE1vFDtl3XMsyJ4g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:03:54 GMT
age: 52566
etag: "bd3027af47f20f4bb9ac36cd9e4493e28e6b041c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=705ab0d2-6d87-11ed-8703-4f3c0e4710fb&&push=true
200 OK 0 B URL HTTP/2 pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=705ab0d2-6d87-11ed-8703-4f3c0e4710fb&&push=true
IP
GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=705ab0d2-6d87-11ed-8703-4f3c0e4710fb&&push=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0my.lotstolink.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:39:59 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 12:39:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wc0ax8OIXc4TonIfEAf%2FHcH%2BzUOv6P2WuvqVbo8ole9F%2FjaTacYy%2FhZCgDTnN4WZ%2Fdegk5z876KLHIl3nC45%2BXzbvNlZs1w4WJxVV8gaYxWwVRRzzsiR5anvX5ZiFP1ZuHWxPZVsulLEmS6jiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702b0a41bd276dd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
66.195.197.18
23.36.76.226
93.184.220.29
0.0.0.0