0my.lotstolink.com/t/b11e64453ea7/e1497bd0-72bd-11ed-8ba2-3d3571b8d9c8/e14d52a0-72bd-11ed-9032-9303364d669b
66.195.197.18301 Moved Permanently 0 B URL HTTP/1.1 0my.lotstolink.com/t/b11e64453ea7/e1497bd0-72bd-11ed-8ba2-3d3571b8d9c8/e14d52a0-72bd-11ed-9032-9303364d669b
IP 66.195.197.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /t/b11e64453ea7/e1497bd0-72bd-11ed-8ba2-3d3571b8d9c8/e14d52a0-72bd-11ed-9032-9303364d669b HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://0my.lotstolink.com/t/b11e64453ea7/e1497bd0-72bd-11ed-8ba2-3d3571b8d9c8/e14d52a0-72bd-11ed-9032-9303364d669b
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7819
Expires: Sat, 03 Dec 2022 06:02:46 GMT
Date: Sat, 03 Dec 2022 03:52:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 29
Cache-Control: max-age=110357
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:52:27 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 10:31:44 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 03:19:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1949
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5892
Expires: Sat, 03 Dec 2022 05:30:39 GMT
Date: Sat, 03 Dec 2022 03:52:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YEhVgwVi86mLj/2Aj147VXKqLQmDAH0yqvkEKsxA/NBjR13Nx7TA2igZZSZiZz535bky/sasTtqpseEClI0mHQ==
x-amz-request-id: RHY7WWE3TB2E9AG7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 03:46:25 GMT
age: 362
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 03:52:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 03:11:16 GMT
cache-control: public,max-age=3600
age: 2471
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8a4c5d0ca43d849bc43d8bf4e8491427
45d473a77ca49c3b79737faf614c37350d6c055a
1d390a019f0cac6f5d4892082994546b122f38ae3dcb7ac3ab8f7e216eb07ab1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D390A019F0CAC6F5D4892082994546B122F38AE3DCB7AC3AB8F7E216EB07AB1"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 03 Dec 2022 09:52:27 GMT
Date: Sat, 03 Dec 2022 03:52:27 GMT
Connection: keep-alive
0my.lotstolink.com/t/b11e64453ea7/e1497bd0-72bd-11ed-8ba2-3d3571b8d9c8/e14d52a0-72bd-11ed-9032-9303364d669b
66.195.197.18200 OK 1.3 kB URL HTTP/1.1 0my.lotstolink.com/t/b11e64453ea7/e1497bd0-72bd-11ed-8ba2-3d3571b8d9c8/e14d52a0-72bd-11ed-9032-9303364d669b
IP 66.195.197.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b1cd44b957974ccea489d6dcec070847
a542a2e3ac01e7ae458e0b7659a5986c05bae57d
dfbc83f33a8302141e784f6add4fdb7ab3ff3c40b40d149722e9f5fdffe92c8c
Analyzer Verdict Alert fortinet Phishing
GET /t/b11e64453ea7/e1497bd0-72bd-11ed-8ba2-3d3571b8d9c8/e14d52a0-72bd-11ed-9032-9303364d669b HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 03:52:27 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
service-worker-allowed: /
cache-control: no-cache, private
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6ImIwNXdXMExEWEwrenorUHNMVW9HZkE9PSIsInZhbHVlIjoia0pmb1ZKbHRIWUVCT2JtaDBIRUljTTZhS3k0bUtsZGN6V2xIRG5GTjNSUi9FVUtaNitiVWsvUnhtcHFML0dLQ2tHc1E0NGlqdktnMUtKMTZ3ME5udmNGZXppWk1IcC9sbmw4ek9XOFNkTWNiRjI1TUlIdnh2TUN0dlM0L2psNjYiLCJtYWMiOiI1MDdmNmQ5ZTBiNzE1OTMyY2U4NjBhMGJhMGQyYmI1NTBjZmI2NDQyMDkyYmRhN2U4MzRlMjdhMDE0YTUwOWZjIiwidGFnIjoiIn0%3D; expires=Sat, 03 Dec 2022 05:52:27 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6Imp0UC9raE4rR3hDT2dmZmxiWlZpVWc9PSIsInZhbHVlIjoiSmpaM0ZwemEyRkxySXlZRnJzRGhib1NlMUdtdzd1WVRUTlJTVGVBQ0F3YjE0c0xoTFA4anRnNS9WbVA5UENIUGRZS3kvQ0p6MjlKc0FDODc3T001QkoyWlFJZ1RsVlZHL3A2d01UR2x6aWI1RTF2TDA5OXg2WXYvQmVBTmpuVDkiLCJtYWMiOiI3MDE1NDIwZDdlY2ViYzUzMzUyYzdmYTVmOTdkMzE1ZjI1Y2RhNTdjNWE1NjYyN2ExN2Q2ZWM0NmU4ODU3Njc1IiwidGFnIjoiIn0%3D; expires=Sat, 03 Dec 2022 05:52:27 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15768000
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 16
Cache-Control: max-age=105282
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:52:28 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:07:10 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2885bbd026e7dd91d125ebacade4dfbd
b56acda4fe3304578f5cf53ee2146158c0103298
59fcaf6a614e40c998e7ed1300ce9017daf8f46900776e3291f4ef105ae371f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6307
Cache-Control: max-age=132464
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:52:28 GMT
Etag: "638a11c9-118"
Expires: Sun, 04 Dec 2022 16:40:12 GMT
Last-Modified: Fri, 02 Dec 2022 14:55:05 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:52:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
0my.lotstolink.com/templates/templates/prelander_survey/css/style.css
66.195.197.18403 Forbidden 243 B URL HTTP/1.1 0my.lotstolink.com/templates/templates/prelander_survey/css/style.css
IP 66.195.197.18:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash bc95c9128f7deeb0fdb297d35e857364
58fa48d5aff57e311a985128d0183a4e1999fcb3
b072454520047fe586018cfba4eaca1034cd723f512c9014902844b546328dbd
GET /templates/templates/prelander_survey/css/style.css HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImIwNXdXMExEWEwrenorUHNMVW9HZkE9PSIsInZhbHVlIjoia0pmb1ZKbHRIWUVCT2JtaDBIRUljTTZhS3k0bUtsZGN6V2xIRG5GTjNSUi9FVUtaNitiVWsvUnhtcHFML0dLQ2tHc1E0NGlqdktnMUtKMTZ3ME5udmNGZXppWk1IcC9sbmw4ek9XOFNkTWNiRjI1TUlIdnh2TUN0dlM0L2psNjYiLCJtYWMiOiI1MDdmNmQ5ZTBiNzE1OTMyY2U4NjBhMGJhMGQyYmI1NTBjZmI2NDQyMDkyYmRhN2U4MzRlMjdhMDE0YTUwOWZjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Imp0UC9raE4rR3hDT2dmZmxiWlZpVWc9PSIsInZhbHVlIjoiSmpaM0ZwemEyRkxySXlZRnJzRGhib1NlMUdtdzd1WVRUTlJTVGVBQ0F3YjE0c0xoTFA4anRnNS9WbVA5UENIUGRZS3kvQ0p6MjlKc0FDODc3T001QkoyWlFJZ1RsVlZHL3A2d01UR2x6aWI1RTF2TDA5OXg2WXYvQmVBTmpuVDkiLCJtYWMiOiI3MDE1NDIwZDdlY2ViYzUzMzUyYzdmYTVmOTdkMzE1ZjI1Y2RhNTdjNWE1NjYyN2ExN2Q2ZWM0NmU4ODU3Njc1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 403 Forbidden
content-type: application/xml
date: Wed, 30 Nov 2022 21:14:14 GMT
x-varnish: 21709213 16681696
age: 196693
via: 1.1 varnish (Varnish/7.0)
content-length: 243
strict-transport-security: max-age=15768000
fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
142.250.74.106200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
IP 142.250.74.106:0
Hash 579286563c81fdad206f49ddb34f1e3f
572c4836a6394adcf454bfab9e4190ab1e88c64d
b53c421ac5bd5ff8b024272a21c1dd3acc018f5e15d3e0e2ee3ce114eea1ad35
GET /css2?family=Roboto:wght@300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 03:52:28 GMT
date: Sat, 03 Dec 2022 03:52:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.186.169.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.169.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tfQkDxFHY2/vCGpANZNHaw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +50x1O3k7zcHXWDsH6C8W/j0wWc=
0my.lotstolink.com/o/2XXQ6DLP/e1497bd0-72bd-11ed-8ba2-3d3571b8d9c8/?push=true
66.195.197.18302 Found 818 B URL HTTP/1.1 0my.lotstolink.com/o/2XXQ6DLP/e1497bd0-72bd-11ed-8ba2-3d3571b8d9c8/?push=true
IP 66.195.197.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325)
Hash 06c42cbcf671a96877717ef48c80ef53
509336d5d4567e11a93c0d157655c61b56740e0b
4c05c2e1e35d37f58be455134f7c919e5e93b301619e1596c7ea6474c47c6ef5
Analyzer Verdict Alert fortinet Phishing
GET /o/2XXQ6DLP/e1497bd0-72bd-11ed-8ba2-3d3571b8d9c8/?push=true HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImIwNXdXMExEWEwrenorUHNMVW9HZkE9PSIsInZhbHVlIjoia0pmb1ZKbHRIWUVCT2JtaDBIRUljTTZhS3k0bUtsZGN6V2xIRG5GTjNSUi9FVUtaNitiVWsvUnhtcHFML0dLQ2tHc1E0NGlqdktnMUtKMTZ3ME5udmNGZXppWk1IcC9sbmw4ek9XOFNkTWNiRjI1TUlIdnh2TUN0dlM0L2psNjYiLCJtYWMiOiI1MDdmNmQ5ZTBiNzE1OTMyY2U4NjBhMGJhMGQyYmI1NTBjZmI2NDQyMDkyYmRhN2U4MzRlMjdhMDE0YTUwOWZjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Imp0UC9raE4rR3hDT2dmZmxiWlZpVWc9PSIsInZhbHVlIjoiSmpaM0ZwemEyRkxySXlZRnJzRGhib1NlMUdtdzd1WVRUTlJTVGVBQ0F3YjE0c0xoTFA4anRnNS9WbVA5UENIUGRZS3kvQ0p6MjlKc0FDODc3T001QkoyWlFJZ1RsVlZHL3A2d01UR2x6aWI1RTF2TDA5OXg2WXYvQmVBTmpuVDkiLCJtYWMiOiI3MDE1NDIwZDdlY2ViYzUzMzUyYzdmYTVmOTdkMzE1ZjI1Y2RhNTdjNWE1NjYyN2ExN2Q2ZWM0NmU4ODU3Njc1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
date: Sat, 03 Dec 2022 03:52:28 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e7eb3168-72bd-11ed-b367-9599c50e0961&&push=true
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6IlBjUTBxYkJFSm1JcGhyN3VYMmU3aUE9PSIsInZhbHVlIjoidFVUUWpYa0J2dUtRbTJ0b2pIR3o3TC9OMVg4SXlGZGdPKy81MS81UlVlWnE2S3pTNlh0a0lNQUt5OE9yTm5SUFlUODdmbVNaYTNyNXRYVGd1SXNod1RhVW9ZNmZvdm9ZTEM1UDFTZVRQRUwxY21lZHNnS2Q3YUpNU05iM0lBV2IiLCJtYWMiOiJhZTU2NzA5ODlmOGE2OWI2N2Q5ZDQ4MzVhZGI2NDJlYjgzMTUzMDMxYWE1NTYzYTdiNDYzZjJkMzkwNmIzZjZlIiwidGFnIjoiIn0%3D; expires=Sat, 03 Dec 2022 05:52:28 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6IlNVRVczVmY4TWNtZTRMdkR6bWpLaVE9PSIsInZhbHVlIjoiNXNhSVNLcHlnYTNNNVV4d1BoNkgrWk1BaEd0dDdqdjRkT0xvSVVtMm5iUHMrZjJDM1ZEcjNjVWpiZDRES0J5WVJvdnhldHRzS3p1c3VybnViREM2aUd1d0IxTHg0L2t4YjB1OWthTGdjanp5dXk1RXh2RGlaTGFFOXlNS01nVUMiLCJtYWMiOiIwNDBlZDBhZDljYTU5ZTEwODNjYzJjMjhlNWI1OGRmYzM5OTZjYmY0MTY3YWEwZTBmOWNlOTIwM2E3NTkyMDI4IiwidGFnIjoiIn0%3D; expires=Sat, 03 Dec 2022 05:52:28 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
0my.lotstolink.com/templates/templates/prelander_survey/assets/giftcards.png
66.195.197.18200 OK 147 kB URL HTTP/1.1 0my.lotstolink.com/templates/templates/prelander_survey/assets/giftcards.png
IP 66.195.197.18:0
File type PNG image data, 1065 x 336, 8-bit/color RGBA, non-interlaced\012- data
Size 147 kB (147142 bytes)
Hash 49425ba5ce0567bbe0dcd246c1460e3c
f287d8ec9f72d536929bda03227f7b0cfe12208c
32abd755f6d7952add226904ba7a8db18c520bd99152e455d0aabe2005253cbf
GET /templates/templates/prelander_survey/assets/giftcards.png HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImIwNXdXMExEWEwrenorUHNMVW9HZkE9PSIsInZhbHVlIjoia0pmb1ZKbHRIWUVCT2JtaDBIRUljTTZhS3k0bUtsZGN6V2xIRG5GTjNSUi9FVUtaNitiVWsvUnhtcHFML0dLQ2tHc1E0NGlqdktnMUtKMTZ3ME5udmNGZXppWk1IcC9sbmw4ek9XOFNkTWNiRjI1TUlIdnh2TUN0dlM0L2psNjYiLCJtYWMiOiI1MDdmNmQ5ZTBiNzE1OTMyY2U4NjBhMGJhMGQyYmI1NTBjZmI2NDQyMDkyYmRhN2U4MzRlMjdhMDE0YTUwOWZjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6Imp0UC9raE4rR3hDT2dmZmxiWlZpVWc9PSIsInZhbHVlIjoiSmpaM0ZwemEyRkxySXlZRnJzRGhib1NlMUdtdzd1WVRUTlJTVGVBQ0F3YjE0c0xoTFA4anRnNS9WbVA5UENIUGRZS3kvQ0p6MjlKc0FDODc3T001QkoyWlFJZ1RsVlZHL3A2d01UR2x6aWI1RTF2TDA5OXg2WXYvQmVBTmpuVDkiLCJtYWMiOiI3MDE1NDIwZDdlY2ViYzUzMzUyYzdmYTVmOTdkMzE1ZjI1Y2RhNTdjNWE1NjYyN2ExN2Q2ZWM0NmU4ODU3Njc1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Wed, 30 Nov 2022 21:14:15 GMT
last-modified: Fri, 11 Nov 2022 17:13:57 GMT
etag: "49425ba5ce0567bbe0dcd246c1460e3c"
content-type: image/png
content-length: 147142
x-varnish: 21800526 16681698
age: 196693
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash afca47a82d87a9b43ddde1f8be431f08
f1a406c0a7abf946d3319f85973acb8f55ab531e
d4aa0c5ca199c371ed629b80ac8b4ef4dd5bac4271fcde842aa5820ec170903e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=156401
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:52:29 GMT
Etag: "638a87ee-118"
Expires: Sun, 04 Dec 2022 23:19:10 GMT
Last-Modified: Fri, 02 Dec 2022 23:19:10 GMT
Server: nginx
Content-Length: 280
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7886
Expires: Sat, 03 Dec 2022 06:03:55 GMT
Date: Sat, 03 Dec 2022 03:52:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7886
Expires: Sat, 03 Dec 2022 06:03:55 GMT
Date: Sat, 03 Dec 2022 03:52:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2833
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:52:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2833
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:52:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2833
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:52:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 81134
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac15b0561874b0e98a14d037e06dc444
38197764b12e149806126e8a187b0571630d5b26
b4e8ca67dc3e119e2a41d1a362641a1354d5ef68ad18eaa4383e82d38d3c0399
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8169
x-amzn-requestid: a3054dff-b0dd-43cb-ade7-7ec1df6e672f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPWH4DoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2e-788f6fdd1a5e024259e58d80;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 56bQRYbHZJbthXKRpMuKIKkPOxTwDxReBCStAwfkSmc3afFvCcdGdg==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:43:32 GMT
age: 22137
etag: "38197764b12e149806126e8a187b0571630d5b26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 22482
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a483cb4f5948987ff2fa6be8d8f3c4ab
3b36c020f5fc38693ac159e5747518a3234ba8cc
a1c33278142371a168ca50aff0c5dc887461a9c83251e397d45c957c7cf788e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6042
x-amzn-requestid: 51d7c6d8-e3ab-42ec-8771-22244bc65da0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZmkNGe0oAMFXNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386eae7-04a064426ee5d39b3c2afdfb;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 05:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9fzO8Wc_eneNxExk9EPddOAUZPfKsbobykdAyEkBIzw1_wxawY9lOg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 07:25:11 GMT
age: 73638
etag: "3b36c020f5fc38693ac159e5747518a3234ba8cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94556ef834fbd97092ea3e546fece90d
3f75442d8577c6272b9a3fdf2c5d1305c5e02703
0e49c3b246f4f999404e408e5326c636584f18ddaeec4ff50ffdd74ad48b9dd3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10454
x-amzn-requestid: 3c95e941-d127-43a5-a338-7fff4e751367
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfcG82IAMF2JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f95-4dde51fa769890d057216cfa;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GaPRHeLJCWSLgGsYaCxii5UNLcRbVsBJV-XvSnDid4KzIqGqLWCc7Q==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 08:18:23 GMT
age: 70446
etag: "3f75442d8577c6272b9a3fdf2c5d1305c5e02703"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b481c9e-a8af-468b-b839-a5948a749564.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b481c9e-a8af-468b-b839-a5948a749564.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49fea74a471d9b45d94402298988d827
11dbe272c75ad8dda9fe66062f761ad0a978c350
ddcf2de56e0fa45e50b45bb021a7b212ddf1ba5a108a849df04ad109809913bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b481c9e-a8af-468b-b839-a5948a749564.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4996
x-amzn-requestid: ac93701b-5591-447b-abcd-6dd7c8236d63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1EmIoAMFUyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-62984f247ab5233275eefc7f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8_misG2sRVJlrCdLEQhPoQdkNAxTYwdSqNwAoqDzwEZuC787t9US0A==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 22482
etag: "11dbe272c75ad8dda9fe66062f761ad0a978c350"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash afca47a82d87a9b43ddde1f8be431f08
f1a406c0a7abf946d3319f85973acb8f55ab531e
d4aa0c5ca199c371ed629b80ac8b4ef4dd5bac4271fcde842aa5820ec170903e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=156401
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:52:29 GMT
Etag: "638a87ee-118"
Expires: Sun, 04 Dec 2022 23:19:10 GMT
Last-Modified: Fri, 02 Dec 2022 23:19:10 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:52:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://0my.lotstolink.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 202694
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:52:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://0my.lotstolink.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 202713
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://0my.lotstolink.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 202715
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:52:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
0my.lotstolink.com/_common/js/service-workers/neptuneads/service-worker.js
66.195.197.18200 OK 90 B URL HTTP/1.1 0my.lotstolink.com/_common/js/service-workers/neptuneads/service-worker.js
IP 66.195.197.18:0
File type ASCII text, with no line terminators
Hash 1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123
Analyzer Verdict Alert fortinet Phishing
GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlBjUTBxYkJFSm1JcGhyN3VYMmU3aUE9PSIsInZhbHVlIjoidFVUUWpYa0J2dUtRbTJ0b2pIR3o3TC9OMVg4SXlGZGdPKy81MS81UlVlWnE2S3pTNlh0a0lNQUt5OE9yTm5SUFlUODdmbVNaYTNyNXRYVGd1SXNod1RhVW9ZNmZvdm9ZTEM1UDFTZVRQRUwxY21lZHNnS2Q3YUpNU05iM0lBV2IiLCJtYWMiOiJhZTU2NzA5ODlmOGE2OWI2N2Q5ZDQ4MzVhZGI2NDJlYjgzMTUzMDMxYWE1NTYzYTdiNDYzZjJkMzkwNmIzZjZlIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IlNVRVczVmY4TWNtZTRMdkR6bWpLaVE9PSIsInZhbHVlIjoiNXNhSVNLcHlnYTNNNVV4d1BoNkgrWk1BaEd0dDdqdjRkT0xvSVVtMm5iUHMrZjJDM1ZEcjNjVWpiZDRES0J5WVJvdnhldHRzS3p1c3VybnViREM2aUd1d0IxTHg0L2t4YjB1OWthTGdjanp5dXk1RXh2RGlaTGFFOXlNS01nVUMiLCJtYWMiOiIwNDBlZDBhZDljYTU5ZTEwODNjYzJjMjhlNWI1OGRmYzM5OTZjYmY0MTY3YWEwZTBmOWNlOTIwM2E3NTkyMDI4IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=2bdacaa5-4543-eaf7-9166-4af70f1409fd
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Wed, 30 Nov 2022 21:11:15 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 21800529 16557135
age: 196875
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
0my.lotstolink.com/favicon.ico
66.195.197.18403 Forbidden 243 B URL HTTP/1.1 0my.lotstolink.com/favicon.ico
IP 66.195.197.18:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash bec56048616f6f4df945c65bd80709d8
9557bec2f07eac8aacdcf935a52e61b0b456f5af
52aab5b4d884bd4c9d25335af7c0f074280177aa7feb1882536eca2f5fdf9dfc
GET /favicon.ico HTTP/1.1
Host: 0my.lotstolink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlBjUTBxYkJFSm1JcGhyN3VYMmU3aUE9PSIsInZhbHVlIjoidFVUUWpYa0J2dUtRbTJ0b2pIR3o3TC9OMVg4SXlGZGdPKy81MS81UlVlWnE2S3pTNlh0a0lNQUt5OE9yTm5SUFlUODdmbVNaYTNyNXRYVGd1SXNod1RhVW9ZNmZvdm9ZTEM1UDFTZVRQRUwxY21lZHNnS2Q3YUpNU05iM0lBV2IiLCJtYWMiOiJhZTU2NzA5ODlmOGE2OWI2N2Q5ZDQ4MzVhZGI2NDJlYjgzMTUzMDMxYWE1NTYzYTdiNDYzZjJkMzkwNmIzZjZlIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IlNVRVczVmY4TWNtZTRMdkR6bWpLaVE9PSIsInZhbHVlIjoiNXNhSVNLcHlnYTNNNVV4d1BoNkgrWk1BaEd0dDdqdjRkT0xvSVVtMm5iUHMrZjJDM1ZEcjNjVWpiZDRES0J5WVJvdnhldHRzS3p1c3VybnViREM2aUd1d0IxTHg0L2t4YjB1OWthTGdjanp5dXk1RXh2RGlaTGFFOXlNS01nVUMiLCJtYWMiOiIwNDBlZDBhZDljYTU5ZTEwODNjYzJjMjhlNWI1OGRmYzM5OTZjYmY0MTY3YWEwZTBmOWNlOTIwM2E3NTkyMDI4IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=2bdacaa5-4543-eaf7-9166-4af70f1409fd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 403 Forbidden
content-type: application/xml
date: Mon, 28 Nov 2022 15:54:14 GMT
x-varnish: 21709223 10462126
age: 388694
via: 1.1 varnish (Varnish/7.0)
content-length: 243
strict-transport-security: max-age=15768000
unpkg.com/tailwindcss@%5E2/dist/tailwind.min.css
104.16.124.175302 Found 0 B URL HTTP/2 unpkg.com/tailwindcss@%5E2/dist/tailwind.min.css
IP 104.16.124.175:0
GET /tailwindcss@%5E2/dist/tailwind.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Dec 2022 03:52:28 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /tailwindcss@2.2.19/dist/tailwind.min.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GKB18CQZY67JRGYX63976SBP-ams
cf-cache-status: HIT
age: 590
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773959880bad0b55-OSL
X-Firefox-Spdy: h2
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e7eb3168-72bd-11ed-b367-9599c50e0961&&push=true
172.64.129.25200 OK 0 B URL HTTP/2 pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e7eb3168-72bd-11ed-b367-9599c50e0961&&push=true
IP 172.64.129.25:0
GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=e7eb3168-72bd-11ed-b367-9599c50e0961&&push=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 03:52:29 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Sat, 03 Dec 2022 03:52:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UczhoWY%2B9SF7BpTF%2FaEjk0oVgrqhxwvsspF4cZosnO77dULREcFdknExN4MDuu5%2FJNGljo5MbscpUELs6hZrzwrv7Eivu8ulBF7fAda8yJfui6IO5X9rSRP3nWiVWa7%2B9t1p%2B1lAvP0iQCZxDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7739598e7f2e774f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
172.64.129.25200 OK 0 B URL HTTP/2 pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
IP 172.64.129.25:0
GET /javascripts/trackpush-v2-vapid.js?v=1&custom=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 03:52:29 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2451
last-modified: Sat, 03 Dec 2022 03:11:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Q3pBXPZ%2FUXSaZ%2FqaGnsH8o%2BuV%2BrkNZR%2FdzDSyd0LNwcmKYwWr1RV%2F%2BG%2FeAn5oYD3ytPbba9rCiBw%2F1XKH%2FCFeDOXlVlWmUiaqPJFrOQTXtU%2FOM8ltjErC7MgNLOcSnoTiItASPkGyj6KjL%2FGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7739599058ad774f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2