0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
66.195.197.18301 Moved Permanently 0 B URL HTTP/1.1 0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
IP 66.195.197.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3272
Expires: Thu, 08 Dec 2022 14:35:10 GMT
Date: Thu, 08 Dec 2022 13:40:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19919
Expires: Thu, 08 Dec 2022 19:12:37 GMT
Date: Thu, 08 Dec 2022 13:40:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 13:08:12 GMT
content-type: application/json
age: 1946
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7267
Expires: Thu, 08 Dec 2022 15:41:45 GMT
Date: Thu, 08 Dec 2022 13:40:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oz905nfsTpGrZ2UEQb6oasausYqZDKWdFeqzyKNrdaqT1Hf1g9bU43+pw2FHVIN8jttyZ9YdM7w=
x-amz-request-id: G47BVB24JHE1PRGQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 12:49:47 GMT
age: 3051
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:40:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03e1d808c7a20d113d1c6f9a6caf4d0e
277581e41e4eb4fbe905b52c2ff2bdbd6d5a7830
f51626f857d31bbac2200663fc52a9a984730d8f126a438c6d48314ad090cb65
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F51626F857D31BBAC2200663FC52A9A984730D8F126A438C6D48314AD090CB65"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Thu, 08 Dec 2022 19:40:20 GMT
Date: Thu, 08 Dec 2022 13:40:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 13:07:58 GMT
age: 1961
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
66.195.197.18200 OK 4.7 kB URL HTTP/1.1 0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
IP 66.195.197.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8947924f01d60c2ecee9dbb6f37e48fd
a41efa440c0df30c0edd20324164e7a1e0be566c
07bad6b93977f89611ffbf4db622c1396e63a4e3465be75eb8d72b0ed21476e2
Analyzer Verdict Alert fortinet Phishing
GET /t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 13:40:39 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
service-worker-allowed: /
cache-control: no-cache, private
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 15:40:39 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 15:40:39 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15768000
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5298
Cache-Control: max-age=161671
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 13:40:39 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:35:10 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 13:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
172.217.21.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (32069)
Hash 4ae540714475aa934955496d990ab15f
b7724c4d72a422b86f5dc06571ff4bc86f0308a3
ca0222f8799d862ca8c427d6c612878f47043c9445ad0e1567f1f80e83c965e2
GET /ajax/libs/jquery/2.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 15:15:39 GMT
expires: Mon, 04 Dec 2023 15:15:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 339900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/style.css
66.195.197.18200 OK 14 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/style.css
IP 66.195.197.18:0
Hash cb19a3cdc6604cd4e38707e3d6827533
5099a7076e5aaf21c81ec2d0cc4935e0c8cbbf90
d710e56c31f6e6697599766420b15dcef3fb328539f1381c1d2e2310db9b9e9a
GET /templates/templates/SPIN_casino-survey/src/style.css HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:57 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "cb19a3cdc6604cd4e38707e3d6827533"
content-type: text/css
content-length: 14284
x-varnish: 33555387 32346611
age: 59263
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 13:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.163.62.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.62.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wvjL9n0SfAz6cJ41ej4aIA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uVq+MH6ZHOuuwAVX27EX/f2oMaE=
0my.lotstolink.com/o/2XXQ6DLP/da7ae386-76fd-11ed-b7fb-015a73b94191/?push=true
66.195.197.18302 Found 818 B URL HTTP/1.1 0my.lotstolink.com/o/2XXQ6DLP/da7ae386-76fd-11ed-b7fb-015a73b94191/?push=true
IP 66.195.197.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325)
Hash 13feeacd12ae81b84c434f4341353fa3
c6f4f5a1822f99710ea16520b75f9c2ba7e59f16
b7c3b98a88012d43f75b6bd486000f3e17673d13705c3ad597c64ea69441bb9f
Analyzer Verdict Alert fortinet Phishing
GET /o/2XXQ6DLP/da7ae386-76fd-11ed-b7fb-015a73b94191/?push=true HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
date: Thu, 08 Dec 2022 13:40:39 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e745ae16-76fd-11ed-a0bf-4b5f494a5caf&&push=true
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6IldzVXZnNDZBZWhSUy9iYnJ1ZW1ud3c9PSIsInZhbHVlIjoiS3FkRTFQSm5vZEZuVE1tclJXV2JzaDI1YWZHM1o5SzlzQ0hDUnZoclpacWVkMW83aUsySkFKRHd6QVpNNFZHZDlIUFF4SWZBeE0wQzBUN1pWVkFCc25pMnVab3p1WGNrSE1reUVDU05Bb0lGV2h2bGJnRmtaSXpWZ1FlZm9CbDMiLCJtYWMiOiJhOTA1NzcxYjkyMTg2MGE2MjIwZDYxNTRmMzk3ZWQ4MmMyNWM3YjdiNDI1NTYzMDJkNTc2Y2RlNDc0ODcxZTYzIiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 15:40:39 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6IjF4bG5QMUtoWnF4VFUveVJ4S3N3S0E9PSIsInZhbHVlIjoiYUxMb0svcW9MOG5UQmhZZVRPTEovakQ3cWtLczdpY1BDUWx6em1lR0dSb21oRVFuOHFrM3EzSGt5cUxDcGVqQ3lUcnA1N0cvTnAvTjVPVjhrR3NydjNtc3pvTzB2OTZ1eG9aaFA4TEpBL3RDZUlLUmNkTUtvc080SUlZU3kvb08iLCJtYWMiOiI1M2RjZmY0YWJiMTk5NzRkNjkwNGM1ZTE4ODM1Nzg3OWE1OWYzMjcwZDZlZGM3ODA5MjY5NDE3YzFiYzE3NGQ5IiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 15:40:39 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-right.png
66.195.197.18200 OK 1.4 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-right.png
IP 66.195.197.18:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 881bdc037be8895ba5d8d53456890e7e
4e105c89e2a1475520bb74c9c20bf2f9e906fcb3
9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f
GET /templates/templates/SPIN_casino-survey/src/red-arrow-right.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "881bdc037be8895ba5d8d53456890e7e"
content-type: image/png
content-length: 1362
x-varnish: 33125312 31488470
age: 59218
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img1Female.jpg
66.195.197.18200 OK 1.3 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img1Female.jpg
IP 66.195.197.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash c3c59916d3b4977017c89125dc42b664
c8e5a97a6e9fbf41558c09c65b2ca6df9ba8723a
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
GET /templates/templates/SPIN_casino-survey/src/img1Female.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "c3c59916d3b4977017c89125dc42b664"
content-type: image/jpeg
content-length: 1315
x-varnish: 32865523 32314183
age: 59218
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-1.png
66.195.197.18200 OK 20 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-1.png
IP 66.195.197.18:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 1fbd2b26e61236d5bcfdfeb6adbd2c8c
c9034272d28dab018b73f1967a679c734f987a1f
c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963
GET /templates/templates/SPIN_casino-survey/src/slot-result-1.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:58 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "1fbd2b26e61236d5bcfdfeb6adbd2c8c"
content-type: image/png
content-length: 20370
x-varnish: 33399350 32346621
age: 59262
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-2.png
66.195.197.18200 OK 27 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-result-2.png
IP 66.195.197.18:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash b6ca0bfea4d0cec334f128f5c2c44cff
f6dc006902542a929187af718d9f6a244e5472b5
b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435
GET /templates/templates/SPIN_casino-survey/src/slot-result-2.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:58 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "b6ca0bfea4d0cec334f128f5c2c44cff"
content-type: image/png
content-length: 26733
x-varnish: 33307712 32013143
age: 59262
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-win.png
66.195.197.18200 OK 14 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-win.png
IP 66.195.197.18:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 939b6a73c96383ac0842317037f3a0f0
0654b62431c8ba522833950b8166d7a16e2a6b56
b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837
GET /templates/templates/SPIN_casino-survey/src/slot-win.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:58 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "939b6a73c96383ac0842317037f3a0f0"
content-type: image/png
content-length: 14391
x-varnish: 32800152 32346625
age: 59262
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9090f0fb551c67d9674dc5dbcb32cd44
a1ccad12f85266064ec0b30c58f697acea8289b5
a71fb42339187f95f2422180ccab91bebf5b2d544f7af82ba0b41967905a82ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121121
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 13:40:40 GMT
Etag: "63911f79-116"
Expires: Fri, 09 Dec 2022 23:19:21 GMT
Last-Modified: Wed, 07 Dec 2022 23:19:21 GMT
Server: nginx
Content-Length: 278
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-spin.gif
66.195.197.18200 OK 88 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-spin.gif
IP 66.195.197.18:0
File type GIF image data, version 89a, 410 x 279\012- data
Hash 617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
GET /templates/templates/SPIN_casino-survey/src/slot-spin.gif HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:57 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "617c16c5e04c8603dd7f157862b1c682"
content-type: image/gif
content-length: 87599
x-varnish: 33555391 32013137
age: 59263
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e745ae16-76fd-11ed-a0bf-4b5f494a5caf&&push=true
172.64.128.25200 OK 778 B URL HTTP/2 pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e745ae16-76fd-11ed-a0bf-4b5f494a5caf&&push=true
IP 172.64.128.25:0
File type ASCII text, with CRLF line terminators
Hash 24838144c9fe5e44ae27bdb38f1df8f9
6aff6ed37e105e4ba29d4645d810ea3e49d9d129
6e8b4440f59d5eed233458ac26fcfde40ee30e16f30bc6934eecc6e764a02e91
GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e745ae16-76fd-11ed-a0bf-4b5f494a5caf&&push=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0my.lotstolink.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:40:40 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Thu, 08 Dec 2022 13:40:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNy1iOI6LIH3qnYlgzhv6aJ6jWdC7Cxn9yU7DKbxsZ%2FhXIN2K2gAAnZUDQtvALra45up3VilyOhi1IXOj7zA4EEKYc9Wc8jFjcw5aA1LrDDF8lwgvldNYK05jFHl1eUWN0ebclzv1CwtnxM%2FLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7765ea070cca776d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-left.png
66.195.197.18200 OK 1.3 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/red-arrow-left.png
IP 66.195.197.18:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 92d3e482cacea857c5dfaf9fa3a21dfb
3f12c410c77d763cc4719ec367a18417b8300758
4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef
GET /templates/templates/SPIN_casino-survey/src/red-arrow-left.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "92d3e482cacea857c5dfaf9fa3a21dfb"
content-type: image/png
content-length: 1334
x-varnish: 32865528 32013286
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c7.jpg
66.195.197.18200 OK 885 B URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c7.jpg
IP 66.195.197.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 897f3dd5e858fe80eb0100a2d798c486
b550c18b572c6b95868aafc2c751fa5f92a3be4f
dee106bfd25bef41d50df51bf68521a5846e6f59e68f7494df98fcf8454d5ebc
GET /templates/templates/SPIN_casino-survey/src/c7.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "897f3dd5e858fe80eb0100a2d798c486"
content-type: image/jpeg
content-length: 885
x-varnish: 33307713 32124081
age: 59218
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img3f.jpg
66.195.197.18200 OK 2.3 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img3f.jpg
IP 66.195.197.18:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 5edf4db493423ac10c72a27ad5c4a618
5c535d00eaeaa725b39e3e1167a12de5bd66a1f2
a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f
GET /templates/templates/SPIN_casino-survey/src/img3f.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "5edf4db493423ac10c72a27ad5c4a618"
content-type: image/jpeg
content-length: 2336
x-varnish: 33253513 31488473
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img5m.jpg
66.195.197.18200 OK 1.2 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img5m.jpg
IP 66.195.197.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash a848711320a9df61e6457f65b0dfa9fb
68a62a84d89f4f9e1e831a6cef920797c7f2e7d5
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
GET /templates/templates/SPIN_casino-survey/src/img5m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "a848711320a9df61e6457f65b0dfa9fb"
content-type: image/jpeg
content-length: 1169
x-varnish: 33125313 31488476
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c3.jpg
66.195.197.18200 OK 1.5 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/c3.jpg
IP 66.195.197.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 8521c06061df409f6d35ca2a83163a82
e110e850db8d8111fe858764287caeebe14d5e50
cf1ec1a6ce1e4bf8ec7d58bc85d1f166d36646d05c65ea72697b12d1d001747c
GET /templates/templates/SPIN_casino-survey/src/c3.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "8521c06061df409f6d35ca2a83163a82"
content-type: image/jpeg
content-length: 1457
x-varnish: 33287045 32096163
age: 59218
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Thu, 08 Dec 2022 14:41:58 GMT
Date: Thu, 08 Dec 2022 13:40:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Thu, 08 Dec 2022 14:41:58 GMT
Date: Thu, 08 Dec 2022 13:40:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Thu, 08 Dec 2022 14:41:58 GMT
Date: Thu, 08 Dec 2022 13:40:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Thu, 08 Dec 2022 14:41:58 GMT
Date: Thu, 08 Dec 2022 13:40:40 GMT
Connection: keep-alive
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-start.png
66.195.197.18200 OK 26 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/slot-start.png
IP 66.195.197.18:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash f491647556e492de92530b48827690aa
6296c44299f5acb17cb2c06e37391a70672b1fd3
efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d
GET /templates/templates/SPIN_casino-survey/src/slot-start.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:12:57 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "f491647556e492de92530b48827690aa"
content-type: image/png
content-length: 26084
x-varnish: 32800153 32013135
age: 59263
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/arrow.png
66.195.197.18200 OK 154 B URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/arrow.png
IP 66.195.197.18:0
File type PNG image data, 12 x 12, 4-bit colormap, non-interlaced\012- data
Hash 4daf12b0677dd9ae8923d3154187d1d8
d20e8f0a0c1a72d20cd421ba5e162ff938896e51
5351d7b058d47812c8a2c74bccef9389a11e3df9cd19874d95b7000c8ab9ea9e
GET /templates/templates/SPIN_casino-survey/src/arrow.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IldzVXZnNDZBZWhSUy9iYnJ1ZW1ud3c9PSIsInZhbHVlIjoiS3FkRTFQSm5vZEZuVE1tclJXV2JzaDI1YWZHM1o5SzlzQ0hDUnZoclpacWVkMW83aUsySkFKRHd6QVpNNFZHZDlIUFF4SWZBeE0wQzBUN1pWVkFCc25pMnVab3p1WGNrSE1reUVDU05Bb0lGV2h2bGJnRmtaSXpWZ1FlZm9CbDMiLCJtYWMiOiJhOTA1NzcxYjkyMTg2MGE2MjIwZDYxNTRmMzk3ZWQ4MmMyNWM3YjdiNDI1NTYzMDJkNTc2Y2RlNDc0ODcxZTYzIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjF4bG5QMUtoWnF4VFUveVJ4S3N3S0E9PSIsInZhbHVlIjoiYUxMb0svcW9MOG5UQmhZZVRPTEovakQ3cWtLczdpY1BDUWx6em1lR0dSb21oRVFuOHFrM3EzSGt5cUxDcGVqQ3lUcnA1N0cvTnAvTjVPVjhrR3NydjNtc3pvTzB2OTZ1eG9aaFA4TEpBL3RDZUlLUmNkTUtvc080SUlZU3kvb08iLCJtYWMiOiI1M2RjZmY0YWJiMTk5NzRkNjkwNGM1ZTE4ODM1Nzg3OWE1OWYzMjcwZDZlZGM3ODA5MjY5NDE3YzFiYzE3NGQ5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "4daf12b0677dd9ae8923d3154187d1d8"
content-type: image/png
content-length: 154
x-varnish: 33157419 32124077
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img62.jpg
66.195.197.18200 OK 2.1 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img62.jpg
IP 66.195.197.18:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash f48aa7778890400e3be6131e64cd4236
9341d039b9f7de4eac9070c36fecac2772cc1ba0
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
GET /templates/templates/SPIN_casino-survey/src/img62.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "f48aa7778890400e3be6131e64cd4236"
content-type: image/jpeg
content-length: 2143
x-varnish: 33399352 31488478
age: 59218
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 50841
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img8m.jpg
66.195.197.18200 OK 1.5 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img8m.jpg
IP 66.195.197.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 0d0f29abfcedc7dfffe3811a5100a6cd
19567e85aab4fd05d752cfa86f88087465042b0a
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
GET /templates/templates/SPIN_casino-survey/src/img8m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "0d0f29abfcedc7dfffe3811a5100a6cd"
content-type: image/jpeg
content-length: 1506
x-varnish: 33253514 32013288
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img42.jpg
66.195.197.18200 OK 2.0 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img42.jpg
IP 66.195.197.18:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 6d02d5cf49120718501b9a6629290c48
a7bfde16cd37f6a331e8f17fbfc2f1772a5929a1
84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9
GET /templates/templates/SPIN_casino-survey/src/img42.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "6d02d5cf49120718501b9a6629290c48"
content-type: image/jpeg
content-length: 2037
x-varnish: 33125314 31837722
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img7m.jpg
66.195.197.18200 OK 2.3 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img7m.jpg
IP 66.195.197.18:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 7364bf39dcf0941d3a1760e46a562710
a358405162193128cceae8551e14648798bd4254
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
GET /templates/templates/SPIN_casino-survey/src/img7m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "7364bf39dcf0941d3a1760e46a562710"
content-type: image/jpeg
content-length: 2264
x-varnish: 33287046 32124079
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 52602
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 52075
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:48:08 GMT
age: 17552
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 55158
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f5ce4070e5050733be6bded399afe53
77cf1dd30e86f5568a8e64cb42f536cf2af9301c
7fe19657e1add41e913e9a326023ff484180ca17615175ddc5d2ab57217566bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4538
x-amzn-requestid: 143f359f-c0fd-4d32-8de5-cc2c2804bb39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gIHzXoAMFqmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-27db2e3c6de7216e3c17caea;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CTvoYad2nNPubKimSZrkJXGTDWZK6u3fTli1YnBgrXk7WPAtmvO2rA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:04:30 GMT
age: 56170
etag: "77cf1dd30e86f5568a8e64cb42f536cf2af9301c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img9m.jpg
66.195.197.18200 OK 1.0 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img9m.jpg
IP 66.195.197.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 51x51, components 3\012- data
Hash 7a532123e2eda81e018b8c1f90c8b3bd
e03576434acd69d708fae0f3f8df07e93d152280
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1
GET /templates/templates/SPIN_casino-survey/src/img9m.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "7a532123e2eda81e018b8c1f90c8b3bd"
content-type: image/jpeg
content-length: 1017
x-varnish: 32800156 32096161
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img2Male.jpg
66.195.197.18200 OK 1.3 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/img2Male.jpg
IP 66.195.197.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 92b944714cea3e478a8e50dea1a80b26
f12fc267be0ab02e2f3585b42df5b8c10d3cd3a5
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205
GET /templates/templates/SPIN_casino-survey/src/img2Male.jpg HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IkROL2l4NC84UlQ3TFNobXdlWTA1V2c9PSIsInZhbHVlIjoiQktZdEE3QzRSeXhxaVdKVExmTDJPWTQwaW85WHlrZTh2MU5HZHlQaXcyd2lyRGgrbFAvK2V6Tk8yKzlOeUcvVXd3SXdQUUxQWk9oVi9XNGEzZHdUcWN4cGtVOUF1UVNwOFdDa0UyY1kxY0dOb216UXh2MFV3VXFZcHg1eDAwV1QiLCJtYWMiOiJlZjdkMGM1ZThhZDhmMjE0YmNjZjJjNmYwZGQ2YWNhNWUxZDFjNTk0Y2QyZmI2Zjg2ZWFiNGYzMzQ1NGMwOTU2IiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Im1Md2NDNktaSXkyRE5FbWMxVDN4Nmc9PSIsInZhbHVlIjoiY0JIekdGNFNvMW1LM04vYlgzK2hCSFVBejZldU9VQXRpYlFYdUtCd3JxV3pJMmFscTYzMnVEVkxqaTNhTGVraTI2NTdMeUdRY0FiZU5XZVFMRDRWTjBXbzQ5enNQZHFwOHBVWmMyZUpjY3pZQkQxYm9hQVg0Uk5rZFk4NFRvWHoiLCJtYWMiOiIxMTE0YTY2NWYxNGQ3NDcwYTY4MmM2NWU1NjE0M2VhODc3YWU5MWE2MGE3MmEyM2Q1ZDk5Yjg2YzFmMjQzOTIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:13:42 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "92b944714cea3e478a8e50dea1a80b26"
content-type: image/jpeg
content-length: 1297
x-varnish: 33085527 31837720
age: 59219
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/_common/js/service-workers/neptuneads/service-worker.js
66.195.197.18200 OK 90 B URL HTTP/1.1 0my.lotstolink.com/_common/js/service-workers/neptuneads/service-worker.js
IP 66.195.197.18:0
File type ASCII text, with no line terminators
Hash 1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123
Analyzer Verdict Alert fortinet Phishing
GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IldzVXZnNDZBZWhSUy9iYnJ1ZW1ud3c9PSIsInZhbHVlIjoiS3FkRTFQSm5vZEZuVE1tclJXV2JzaDI1YWZHM1o5SzlzQ0hDUnZoclpacWVkMW83aUsySkFKRHd6QVpNNFZHZDlIUFF4SWZBeE0wQzBUN1pWVkFCc25pMnVab3p1WGNrSE1reUVDU05Bb0lGV2h2bGJnRmtaSXpWZ1FlZm9CbDMiLCJtYWMiOiJhOTA1NzcxYjkyMTg2MGE2MjIwZDYxNTRmMzk3ZWQ4MmMyNWM3YjdiNDI1NTYzMDJkNTc2Y2RlNDc0ODcxZTYzIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjF4bG5QMUtoWnF4VFUveVJ4S3N3S0E9PSIsInZhbHVlIjoiYUxMb0svcW9MOG5UQmhZZVRPTEovakQ3cWtLczdpY1BDUWx6em1lR0dSb21oRVFuOHFrM3EzSGt5cUxDcGVqQ3lUcnA1N0cvTnAvTjVPVjhrR3NydjNtc3pvTzB2OTZ1eG9aaFA4TEpBL3RDZUlLUmNkTUtvc080SUlZU3kvb08iLCJtYWMiOiI1M2RjZmY0YWJiMTk5NzRkNjkwNGM1ZTE4ODM1Nzg3OWE1OWYzMjcwZDZlZGM3ODA5MjY5NDE3YzFiYzE3NGQ5IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=99ab11e6-58a4-617f-46a2-5f852f0af48e
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:11:15 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 33125315 32123898
age: 59366
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/favicon.png
66.195.197.18200 OK 955 B URL HTTP/1.1 0my.lotstolink.com/templates/templates/SPIN_casino-survey/src/favicon.png
IP 66.195.197.18:0
File type PNG image data, 22 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ba8f79228f377310ff399ee6d98845b
d29d5b796aedc3c777960875b7115a78214a1162
8b3c2a655893a93cfd6efe3798e008d524adfdb723409ab432e81c3b44bcf79c
GET /templates/templates/SPIN_casino-survey/src/favicon.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/t/fe312738ec36/da7ae386-76fd-11ed-b7fb-015a73b94191/da874fae-76fd-11ed-a078-d3e87724087f
Cookie: XSRF-TOKEN=eyJpdiI6IldzVXZnNDZBZWhSUy9iYnJ1ZW1ud3c9PSIsInZhbHVlIjoiS3FkRTFQSm5vZEZuVE1tclJXV2JzaDI1YWZHM1o5SzlzQ0hDUnZoclpacWVkMW83aUsySkFKRHd6QVpNNFZHZDlIUFF4SWZBeE0wQzBUN1pWVkFCc25pMnVab3p1WGNrSE1reUVDU05Bb0lGV2h2bGJnRmtaSXpWZ1FlZm9CbDMiLCJtYWMiOiJhOTA1NzcxYjkyMTg2MGE2MjIwZDYxNTRmMzk3ZWQ4MmMyNWM3YjdiNDI1NTYzMDJkNTc2Y2RlNDc0ODcxZTYzIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IjF4bG5QMUtoWnF4VFUveVJ4S3N3S0E9PSIsInZhbHVlIjoiYUxMb0svcW9MOG5UQmhZZVRPTEovakQ3cWtLczdpY1BDUWx6em1lR0dSb21oRVFuOHFrM3EzSGt5cUxDcGVqQ3lUcnA1N0cvTnAvTjVPVjhrR3NydjNtc3pvTzB2OTZ1eG9aaFA4TEpBL3RDZUlLUmNkTUtvc080SUlZU3kvb08iLCJtYWMiOiI1M2RjZmY0YWJiMTk5NzRkNjkwNGM1ZTE4ODM1Nzg3OWE1OWYzMjcwZDZlZGM3ODA5MjY5NDE3YzFiYzE3NGQ5IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=99ab11e6-58a4-617f-46a2-5f852f0af48e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 21:14:23 GMT
last-modified: Fri, 11 Nov 2022 17:13:54 GMT
etag: "7ba8f79228f377310ff399ee6d98845b"
content-type: image/png
content-length: 955
x-varnish: 32800158 31837832
age: 59178
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
172.64.128.25200 OK 0 B URL HTTP/2 pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
IP 172.64.128.25:0
GET /javascripts/trackpush-v2-vapid.js?v=1&custom=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0my.lotstolink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:40:40 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 6577
last-modified: Thu, 08 Dec 2022 11:51:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSHkXgLxITTtyZfQphZF3H4%2BI6OYy1UxC5IHmF%2B5N2OPa7T8okh3xJztKv2y0R0gi1tU%2Fia5SPnFlcTvJmFt2Sh5Xb9vACKYUYGd00n%2FfAXO6sGib3JlxNvuMo6gvN5bYvty5z%2F2NG%2F9Ojw6rw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7765ea09086d776d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2