Report - 0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f

Report Overview

Submitted URL
0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
IP
66.195.197.18
ASN
#11402 CCCAS-1
Submitted
2022-12-08 13:40:49
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.62.5
pushrev.neptuneadspush.com	160570	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	885 B	2.3 kB	172.64.128.25
0my.lotstolink.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	30 kB	226 kB	66.195.197.18
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	31 kB	172.217.21.170
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.4 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f	Phishing
2022-12-08	medium	0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f	Phishing
2022-12-08	medium	0my.lotstolink.com/o/2XXQ6DLP/da7ae386-76fd-11ed-b7fb-015a73b94191/?push=true	Phishing
2022-12-08	medium	0my.lotstolink.com/_common/js/service-workers/neptuneads/service-worker.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js	86 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-25 17:28:33 Times Seen5803 Hash 6fc159d00dc3cea4153c038739683f93 5d7e5bbfa540f0e53bd599e4305e1a4e815b5dd1 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Loading...

	0my.lotstolink.com/o/2XXQ6DLP/da7ae386-76fd-11ed-b7fb-015a73b94191/?push=true	1.1 kB	2023-03-08	2023-03-08
Pretty URL 0my.lotstolink.com/o/2XXQ6DLP/da7ae386-76fd-11ed-b7fb-015a73b94191/?push=true IP 66.195.197.18 ASN #11402 CCCAS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:12:12 Last Seen2023-03-08 22:12:12 Times Seen1 Hash 336188448e4654890d31ed583579542d d46bfdba682054a7583cdb7e90ab94b8794d0b58 c21b7cbaae245dd56e0ace9c6e3ea528a91711e082435d21d313af6d41662485 Loading...

	0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f	7.3 kB	2023-03-07	2023-03-17
Pretty URL 0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f IP 66.195.197.18 ASN #11402 CCCAS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:43:13 Last Seen2023-03-17 10:21:20 Times Seen1 Hash 97936fd90d6120b93eb785780de79c97 e87c03430821338a7caced44edbf4b2a91fb9910 9ca33875f6fdfb80a2a6fa34dfd46dc440d014300a058d09b24cb160ef40ad3f Loading...

	0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f	382 B	2023-03-07	2023-03-25
Pretty URL 0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f IP 66.195.197.18 ASN #11402 CCCAS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:43:13 Last Seen2023-03-25 22:11:06 Times Seen2 Hash fbad0ab01e066fe5a0bd61354577a74d 1cfcb9b6cf1be2d4eab139b2b3d063ca60cfbd52 4ff116a423385a883fa2d29ddd0ee7da70f180b57572c49a732ed025e914857d Loading...

	0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f	1.6 kB	2023-03-07	2023-03-25
Pretty URL 0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f IP 66.195.197.18 ASN #11402 CCCAS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:43:13 Last Seen2023-03-25 22:11:06 Times Seen2 Hash c76e0a80d84fd4a97f759e0c1f304b5f a30c0470624b4f7fde67f4a07f127164866b48e8 595403e21a8a61b217ee9e82310bc656d5a96cef23bfe80b9d4a8a90668ec7eb Loading...

	pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true	31 kB	2023-03-07	2024-02-06
Pretty URL pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true IP 172.64.128.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:05 Last Seen2024-02-06 20:59:50 Times Seen125 Hash 082008cf87ed5081440e78698f3fea4b aba52d0908b5fc28f2e222a601783170505ef688 29372b162335dd10e58c65543b10b6955373688fd2033523ec067616bd335ad4 Loading...

HTTP Transactions (51)

URL IP Response Size

0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f

66.195.197.18

301 Moved Permanently

0 B

URL HTTP/1.1
0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3272
Expires: Thu, 08 Dec 2022 14:35:10 GMT
Date: Thu, 08 Dec 2022 13:40:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19919
Expires: Thu, 08 Dec 2022 19:12:37 GMT
Date: Thu, 08 Dec 2022 13:40:38 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 13:08:12 GMT
content-type: application/json
age: 1946
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7267
Expires: Thu, 08 Dec 2022 15:41:45 GMT
Date: Thu, 08 Dec 2022 13:40:38 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: oz905nfsTpGrZ2UEQb6oasausYqZDKWdFeqzyKNrdaqT1Hf1g9bU43+pw2FHVIN8jttyZ9YdM7w=
x-amz-request-id: G47BVB24JHE1PRGQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 12:49:47 GMT
age: 3051
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:40:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03e1d808c7a20d113d1c6f9a6caf4d0e
277581e41e4eb4fbe905b52c2ff2bdbd6d5a7830
f51626f857d31bbac2200663fc52a9a984730d8f126a438c6d48314ad090cb65

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F51626F857D31BBAC2200663FC52A9A984730D8F126A438C6D48314AD090CB65"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Thu, 08 Dec 2022 19:40:20 GMT
Date: Thu, 08 Dec 2022 13:40:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 13:07:58 GMT
age: 1961
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f

66.195.197.18

200 OK

4.7 kB

URL HTTP/1.1
0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
4.7 kB (4656 bytes)
Hash
8947924f01d60c2ecee9dbb6f37e48fd
a41efa440c0df30c0edd20324164e7a1e0be566c
07bad6b93977f89611ffbf4db622c1396e63a4e3465be75eb8d72b0ed21476e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 13:40:39 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
service-worker-allowed: /
cache-control: no-cache, private
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 15:40:39 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 15:40:39 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15768000

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5298
Cache-Control: max-age=161671
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 13:40:39 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:35:10 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 13:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

172.217.21.170

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32069)
Size
30 kB (30089 bytes)
Hash
4ae540714475aa934955496d990ab15f
b7724c4d72a422b86f5dc06571ff4bc86f0308a3
ca0222f8799d862ca8c427d6c612878f47043c9445ad0e1567f1f80e83c965e2

HTTP Headers

GET /ajax/libs/jquery/2.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 15:15:39 GMT
expires: Mon, 04 Dec 2023 15:15:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 339900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/style.css

66.195.197.18

200 OK

14 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/style.css
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
ASCII text
Size
14 kB (14284 bytes)
Hash
cb19a3cdc6604cd4e38707e3d6827533
5099a7076e5aaf21c81ec2d0cc4935e0c8cbbf90
d710e56c31f6e6697599766420b15dcef3fb328539f1381c1d2e2310db9b9e9a

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/style.css HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:57 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "cb19a3cdc6604cd4e38707e3d6827533"
content-type: text/css
content-length: 14284
x-varnish: 33555387 32346611
age: 59263
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 13:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.163.62.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.62.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wvjL9n0SfAz6cJ41ej4aIA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uVq+MH6ZHOuuwAVX27EX/f2oMaE=

0my.lotstolink.com/o/2XXQ6DLP/da7ae386-76fd-11ed-b7fb-015a73b94191/?push=true

66.195.197.18

302 Found

818 B

URL HTTP/1.1
0my.lotstolink.com/o/2XXQ6DLP/da7ae386-76fd-11ed-b7fb-015a73b94191/?push=true
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325)
Size
818 B (818 bytes)
Hash
13feeacd12ae81b84c434f4341353fa3
c6f4f5a1822f99710ea16520b75f9c2ba7e59f16
b7c3b98a88012d43f75b6bd486000f3e17673d13705c3ad597c64ea69441bb9f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /o/2XXQ6DLP/da7ae386-76fd-11ed-b7fb-015a73b94191/?push=true HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
date: Thu, 08 Dec 2022 13:40:39 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e745ae16-76fd-11ed-a0bf-4b5f494a5caf&&push=true
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6IldzVXZnNDZBZWhSUy9iYnJ1ZW1ud3c9PSIsInZhbHVlIjoiS3FkRTFQSm5vZEZuVE1tclJXV2JzaDI1YWZHM1o5SzlzQ0hDUnZoclpacWVkMW83aUsySkFKRHd6QVpNNFZHZDlIUFF4SWZBeE0wQzBUN1pWVkFCc25pMnVab3p1WGNrSE1reUVDU05Bb0lGV2h2bGJnRmtaSXpWZ1FlZm9CbDMiLCJtYWMiOiJhOTA1NzcxYjkyMTg2MGE2MjIwZDYxNTRmMzk3ZWQ4MmMyNWM3YjdiNDI1NTYzMDJkNTc2Y2RlNDc0ODcxZTYzIiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 15:40:39 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6IjF4bG5QMUtoWnF4VFUveVJ4S3N3S0E9PSIsInZhbHVlIjoiYUxMb0svcW9MOG5UQmhZZVRPTEovakQ3cWtLczdpY1BDUWx6em1lR0dSb21oRVFuOHFrM3EzSGt5cUxDcGVqQ3lUcnA1N0cvTnAvTjVPVjhrR3NydjNtc3pvTzB2OTZ1eG9aaFA4TEpBL3RDZUlLUmNkTUtvc080SUlZU3kvb08iLCJtYWMiOiI1M2RjZmY0YWJiMTk5NzRkNjkwNGM1ZTE4ODM1Nzg3OWE1OWYzMjcwZDZlZGM3ODA5MjY5NDE3YzFiYzE3NGQ5IiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 15:40:39 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-right.png

66.195.197.18

200 OK

1.4 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-right.png
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1362 bytes)
Hash
881bdc037be8895ba5d8d53456890e7e
4e105c89e2a1475520bb74c9c20bf2f9e906fcb3
9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/red-arrow-right.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "881bdc037be8895ba5d8d53456890e7e"
content-type: image/png
content-length: 1362
x-varnish: 33125312 31488470
age: 59218
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img1Female.jpg

66.195.197.18

200 OK

1.3 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img1Female.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.3 kB (1315 bytes)
Hash
c3c59916d3b4977017c89125dc42b664
c8e5a97a6e9fbf41558c09c65b2ca6df9ba8723a
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/img1Female.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "c3c59916d3b4977017c89125dc42b664"
content-type: image/jpeg
content-length: 1315
x-varnish: 32865523 32314183
age: 59218
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-1.png

66.195.197.18

200 OK

20 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-1.png
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
20 kB (20370 bytes)
Hash
1fbd2b26e61236d5bcfdfeb6adbd2c8c
c9034272d28dab018b73f1967a679c734f987a1f
c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/slot-result-1.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:58 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "1fbd2b26e61236d5bcfdfeb6adbd2c8c"
content-type: image/png
content-length: 20370
x-varnish: 33399350 32346621
age: 59262
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-2.png

66.195.197.18

200 OK

27 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-2.png
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
27 kB (26733 bytes)
Hash
b6ca0bfea4d0cec334f128f5c2c44cff
f6dc006902542a929187af718d9f6a244e5472b5
b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/slot-result-2.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:58 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "b6ca0bfea4d0cec334f128f5c2c44cff"
content-type: image/png
content-length: 26733
x-varnish: 33307712 32013143
age: 59262
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-win.png

66.195.197.18

200 OK

14 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-win.png
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
14 kB (14391 bytes)
Hash
939b6a73c96383ac0842317037f3a0f0
0654b62431c8ba522833950b8166d7a16e2a6b56
b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/slot-win.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:58 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "939b6a73c96383ac0842317037f3a0f0"
content-type: image/png
content-length: 14391
x-varnish: 32800152 32346625
age: 59262
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
9090f0fb551c67d9674dc5dbcb32cd44
a1ccad12f85266064ec0b30c58f697acea8289b5
a71fb42339187f95f2422180ccab91bebf5b2d544f7af82ba0b41967905a82ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121121
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 13:40:40 GMT
Etag: "63911f79-116"
Expires: Fri, 09 Dec 2022 23:19:21 GMT
Last-Modified: Wed, 07 Dec 2022 23:19:21 GMT
Server: nginx
Content-Length: 278

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-spin.gif

66.195.197.18

200 OK

88 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-spin.gif
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
GIF image data, version 89a, 410 x 279\012- data
Size
88 kB (87599 bytes)
Hash
617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/slot-spin.gif HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:57 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "617c16c5e04c8603dd7f157862b1c682"
content-type: image/gif
content-length: 87599
x-varnish: 33555391 32013137
age: 59263
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e745ae16-76fd-11ed-a0bf-4b5f494a5caf&&push=true

172.64.128.25

200 OK

778 B

URL HTTP/2
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e745ae16-76fd-11ed-a0bf-4b5f494a5caf&&push=true
IP
172.64.128.25:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
778 B (778 bytes)
Hash
24838144c9fe5e44ae27bdb38f1df8f9
6aff6ed37e105e4ba29d4645d810ea3e49d9d129
6e8b4440f59d5eed233458ac26fcfde40ee30e16f30bc6934eecc6e764a02e91

HTTP Headers

GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e745ae16-76fd-11ed-a0bf-4b5f494a5caf&&push=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0my.lotstolink.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:40:40 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Thu, 08 Dec 2022 13:40:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNy1iOI6LIH3qnYlgzhv6aJ6jWdC7Cxn9yU7DKbxsZ%2FhXIN2K2gAAnZUDQtvALra45up3VilyOhi1IXOj7zA4EEKYc9Wc8jFjcw5aA1LrDDF8lwgvldNYK05jFHl1eUWN0ebclzv1CwtnxM%2FLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7765ea070cca776d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-left.png

66.195.197.18

200 OK

1.3 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-left.png
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1334 bytes)
Hash
92d3e482cacea857c5dfaf9fa3a21dfb
3f12c410c77d763cc4719ec367a18417b8300758
4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/red-arrow-left.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "92d3e482cacea857c5dfaf9fa3a21dfb"
content-type: image/png
content-length: 1334
x-varnish: 32865528 32013286
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c7.jpg

66.195.197.18

200 OK

885 B

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c7.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
885 B (885 bytes)
Hash
897f3dd5e858fe80eb0100a2d798c486
b550c18b572c6b95868aafc2c751fa5f92a3be4f
dee106bfd25bef41d50df51bf68521a5846e6f59e68f7494df98fcf8454d5ebc

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/c7.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "897f3dd5e858fe80eb0100a2d798c486"
content-type: image/jpeg
content-length: 885
x-varnish: 33307713 32124081
age: 59218
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img3f.jpg

66.195.197.18

200 OK

2.3 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img3f.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Size
2.3 kB (2336 bytes)
Hash
5edf4db493423ac10c72a27ad5c4a618
5c535d00eaeaa725b39e3e1167a12de5bd66a1f2
a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/img3f.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "5edf4db493423ac10c72a27ad5c4a618"
content-type: image/jpeg
content-length: 2336
x-varnish: 33253513 31488473
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img5m.jpg

66.195.197.18

200 OK

1.2 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img5m.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.2 kB (1169 bytes)
Hash
a848711320a9df61e6457f65b0dfa9fb
68a62a84d89f4f9e1e831a6cef920797c7f2e7d5
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/img5m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "a848711320a9df61e6457f65b0dfa9fb"
content-type: image/jpeg
content-length: 1169
x-varnish: 33125313 31488476
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c3.jpg

66.195.197.18

200 OK

1.5 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c3.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.5 kB (1457 bytes)
Hash
8521c06061df409f6d35ca2a83163a82
e110e850db8d8111fe858764287caeebe14d5e50
cf1ec1a6ce1e4bf8ec7d58bc85d1f166d36646d05c65ea72697b12d1d001747c

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/c3.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "8521c06061df409f6d35ca2a83163a82"
content-type: image/jpeg
content-length: 1457
x-varnish: 33287045 32096163
age: 59218
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Thu, 08 Dec 2022 14:41:58 GMT
Date: Thu, 08 Dec 2022 13:40:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Thu, 08 Dec 2022 14:41:58 GMT
Date: Thu, 08 Dec 2022 13:40:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Thu, 08 Dec 2022 14:41:58 GMT
Date: Thu, 08 Dec 2022 13:40:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Thu, 08 Dec 2022 14:41:58 GMT
Date: Thu, 08 Dec 2022 13:40:40 GMT
Connection: keep-alive

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-start.png

66.195.197.18

200 OK

26 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-start.png
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
26 kB (26084 bytes)
Hash
f491647556e492de92530b48827690aa
6296c44299f5acb17cb2c06e37391a70672b1fd3
efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/slot-start.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:57 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "f491647556e492de92530b48827690aa"
content-type: image/png
content-length: 26084
x-varnish: 32800153 32013135
age: 59263
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/arrow.png

66.195.197.18

200 OK

154 B

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/arrow.png
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
PNG image data, 12 x 12, 4-bit colormap, non-interlaced\012- data
Size
154 B (154 bytes)
Hash
4daf12b0677dd9ae8923d3154187d1d8
d20e8f0a0c1a72d20cd421ba5e162ff938896e51
5351d7b058d47812c8a2c74bccef9389a11e3df9cd19874d95b7000c8ab9ea9e

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/arrow.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IldzVXZnNDZBZWhSUy9iYnJ1ZW1ud3c9PSIsInZhbHVlIjoiS3FkRTFQSm5vZEZuVE1tclJXV2JzaDI1YWZHM1o5SzlzQ0hDUnZoclpacWVkMW83aUsySkFKRHd6QVpNNFZHZDlIUFF4SWZBeE0wQzBUN1pWVkFCc25pMnVab3p1WGNrSE1reUVDU05Bb0lGV2h2bGJnRmtaSXpWZ1FlZm9CbDMiLCJtYWMiOiJhOTA1NzcxYjkyMTg2MGE2MjIwZDYxNTRmMzk3ZWQ4MmMyNWM3YjdiNDI1NTYzMDJkNTc2Y2RlNDc0ODcxZTYzIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjF4bG5QMUtoWnF4VFUveVJ4S3N3S0E9PSIsInZhbHVlIjoiYUxMb0svcW9MOG5UQmhZZVRPTEovakQ3cWtLczdpY1BDUWx6em1lR0dSb21oRVFuOHFrM3EzSGt5cUxDcGVqQ3lUcnA1N0cvTnAvTjVPVjhrR3NydjNtc3pvTzB2OTZ1eG9aaFA4TEpBL3RDZUlLUmNkTUtvc080SUlZU3kvb08iLCJtYWMiOiI1M2RjZmY0YWJiMTk5NzRkNjkwNGM1ZTE4ODM1Nzg3OWE1OWYzMjcwZDZlZGM3ODA5MjY5NDE3YzFiYzE3NGQ5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "4daf12b0677dd9ae8923d3154187d1d8"
content-type: image/png
content-length: 154
x-varnish: 33157419 32124077
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img62.jpg

66.195.197.18

200 OK

2.1 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img62.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Size
2.1 kB (2143 bytes)
Hash
f48aa7778890400e3be6131e64cd4236
9341d039b9f7de4eac9070c36fecac2772cc1ba0
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/img62.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "f48aa7778890400e3be6131e64cd4236"
content-type: image/jpeg
content-length: 2143
x-varnish: 33399352 31488478
age: 59218
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 50841
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img8m.jpg

66.195.197.18

200 OK

1.5 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img8m.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.5 kB (1506 bytes)
Hash
0d0f29abfcedc7dfffe3811a5100a6cd
19567e85aab4fd05d752cfa86f88087465042b0a
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/img8m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "0d0f29abfcedc7dfffe3811a5100a6cd"
content-type: image/jpeg
content-length: 1506
x-varnish: 33253514 32013288
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img42.jpg

66.195.197.18

200 OK

2.0 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img42.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Size
2.0 kB (2037 bytes)
Hash
6d02d5cf49120718501b9a6629290c48
a7bfde16cd37f6a331e8f17fbfc2f1772a5929a1
84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/img42.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "6d02d5cf49120718501b9a6629290c48"
content-type: image/jpeg
content-length: 2037
x-varnish: 33125314 31837722
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img7m.jpg

66.195.197.18

200 OK

2.3 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img7m.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Size
2.3 kB (2264 bytes)
Hash
7364bf39dcf0941d3a1760e46a562710
a358405162193128cceae8551e14648798bd4254
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/img7m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "7364bf39dcf0941d3a1760e46a562710"
content-type: image/jpeg
content-length: 2264
x-varnish: 33287046 32124079
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12534 bytes)
Hash
57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 52602
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7268 bytes)
Hash
24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 52075
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:48:08 GMT
age: 17552
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9596 bytes)
Hash
c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 55158
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4538 bytes)
Hash
2f5ce4070e5050733be6bded399afe53
77cf1dd30e86f5568a8e64cb42f536cf2af9301c
7fe19657e1add41e913e9a326023ff484180ca17615175ddc5d2ab57217566bc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4538
x-amzn-requestid: 143f359f-c0fd-4d32-8de5-cc2c2804bb39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gIHzXoAMFqmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-27db2e3c6de7216e3c17caea;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CTvoYad2nNPubKimSZrkJXGTDWZK6u3fTli1YnBgrXk7WPAtmvO2rA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:04:30 GMT
age: 56170
etag: "77cf1dd30e86f5568a8e64cb42f536cf2af9301c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img9m.jpg

66.195.197.18

200 OK

1.0 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img9m.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 51x51, components 3\012- data
Size
1.0 kB (1017 bytes)
Hash
7a532123e2eda81e018b8c1f90c8b3bd
e03576434acd69d708fae0f3f8df07e93d152280
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/img9m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "7a532123e2eda81e018b8c1f90c8b3bd"
content-type: image/jpeg
content-length: 1017
x-varnish: 32800156 32096161
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img2Male.jpg

66.195.197.18

200 OK

1.3 kB

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img2Male.jpg
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.3 kB (1297 bytes)
Hash
92b944714cea3e478a8e50dea1a80b26
f12fc267be0ab02e2f3585b42df5b8c10d3cd3a5
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/img2Male.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "92b944714cea3e478a8e50dea1a80b26"
content-type: image/jpeg
content-length: 1297
x-varnish: 33085527 31837720
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/_common/js/service-workers/neptuneads/service-worker.js

66.195.197.18

200 OK

90 B

URL HTTP/1.1
0my.lotstolink.com/_common/js/service-workers/neptuneads/service-worker.js
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
ASCII text, with no line terminators
Size
90 B (90 bytes)
Hash
1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IldzVXZnNDZBZWhSUy9iYnJ1ZW1ud3c9PSIsInZhbHVlIjoiS3FkRTFQSm5vZEZuVE1tclJXV2JzaDI1YWZHM1o5SzlzQ0hDUnZoclpacWVkMW83aUsySkFKRHd6QVpNNFZHZDlIUFF4SWZBeE0wQzBUN1pWVkFCc25pMnVab3p1WGNrSE1reUVDU05Bb0lGV2h2bGJnRmtaSXpWZ1FlZm9CbDMiLCJtYWMiOiJhOTA1NzcxYjkyMTg2MGE2MjIwZDYxNTRmMzk3ZWQ4MmMyNWM3YjdiNDI1NTYzMDJkNTc2Y2RlNDc0ODcxZTYzIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjF4bG5QMUtoWnF4VFUveVJ4S3N3S0E9PSIsInZhbHVlIjoiYUxMb0svcW9MOG5UQmhZZVRPTEovakQ3cWtLczdpY1BDUWx6em1lR0dSb21oRVFuOHFrM3EzSGt5cUxDcGVqQ3lUcnA1N0cvTnAvTjVPVjhrR3NydjNtc3pvTzB2OTZ1eG9aaFA4TEpBL3RDZUlLUmNkTUtvc080SUlZU3kvb08iLCJtYWMiOiI1M2RjZmY0YWJiMTk5NzRkNjkwNGM1ZTE4ODM1Nzg3OWE1OWYzMjcwZDZlZGM3ODA5MjY5NDE3YzFiYzE3NGQ5IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=99ab11e6-58a4-617f-46a2-5f852f0af48e
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:11:15 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 33125315 32123898
age: 59366
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/favicon.png

66.195.197.18

200 OK

955 B

URL HTTP/1.1
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/favicon.png
IP
66.195.197.18:0
ASN
#11402 CCCAS-1

File type
PNG image data, 22 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
955 B (955 bytes)
Hash
7ba8f79228f377310ff399ee6d98845b
d29d5b796aedc3c777960875b7115a78214a1162
8b3c2a655893a93cfd6efe3798e008d524adfdb723409ab432e81c3b44bcf79c

HTTP Headers

GET /templates/templates/SPIN_casino-survey/src/favicon.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IldzVXZnNDZBZWhSUy9iYnJ1ZW1ud3c9PSIsInZhbHVlIjoiS3FkRTFQSm5vZEZuVE1tclJXV2JzaDI1YWZHM1o5SzlzQ0hDUnZoclpacWVkMW83aUsySkFKRHd6QVpNNFZHZDlIUFF4SWZBeE0wQzBUN1pWVkFCc25pMnVab3p1WGNrSE1reUVDU05Bb0lGV2h2bGJnRmtaSXpWZ1FlZm9CbDMiLCJtYWMiOiJhOTA1NzcxYjkyMTg2MGE2MjIwZDYxNTRmMzk3ZWQ4MmMyNWM3YjdiNDI1NTYzMDJkNTc2Y2RlNDc0ODcxZTYzIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjF4bG5QMUtoWnF4VFUveVJ4S3N3S0E9PSIsInZhbHVlIjoiYUxMb0svcW9MOG5UQmhZZVRPTEovakQ3cWtLczdpY1BDUWx6em1lR0dSb21oRVFuOHFrM3EzSGt5cUxDcGVqQ3lUcnA1N0cvTnAvTjVPVjhrR3NydjNtc3pvTzB2OTZ1eG9aaFA4TEpBL3RDZUlLUmNkTUtvc080SUlZU3kvb08iLCJtYWMiOiI1M2RjZmY0YWJiMTk5NzRkNjkwNGM1ZTE4ODM1Nzg3OWE1OWYzMjcwZDZlZGM3ODA5MjY5NDE3YzFiYzE3NGQ5IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=99ab11e6-58a4-617f-46a2-5f852f0af48e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:14:23 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "7ba8f79228f377310ff399ee6d98845b"
content-type: image/png
content-length: 955
x-varnish: 32800158 31837832
age: 59178
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true

172.64.128.25

200 OK

0 B

URL HTTP/2
pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
IP
172.64.128.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /javascripts/trackpush-v2-vapid.js?v=1&custom=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:40:40 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 6577
last-modified: Thu, 08 Dec 2022 11:51:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSHkXgLxITTtyZfQphZF3H4%2BI6OYy1UxC5IHmF%2B5N2OPa7T8okh3xJztKv2y0R0gi1tU%2Fia5SPnFlcTvJmFt2Sh5Xb9vACKYUYGd00n%2FfAXO6sGib3JlxNvuMo6gvN5bYvty5z%2F2NG%2F9Ojw6rw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7765ea09086d776d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (51)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type