www.lottohunts.com/easygift?tid=5xni7q8d5ce0n6b4pgfksskgk,16669851,5,5221&ctrack=1674273431.3121675281&p=5221&pi=106&click_id=1c259eeadd0745ade8bd3ecfca2bc9ce44a02d3959ed49efbc4c4a1631b8dd30&media_type=mainstream
94.237.84.54200 OK 4.0 kB URL HTTP/1.1 www.lottohunts.com/easygift?tid=5xni7q8d5ce0n6b4pgfksskgk,16669851,5,5221&ctrack=1674273431.3121675281&p=5221&pi=106&click_id=1c259eeadd0745ade8bd3ecfca2bc9ce44a02d3959ed49efbc4c4a1631b8dd30&media_type=mainstream
IP 94.237.84.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5882)
Hash 62e4e7ce633db51749f59b673b6aa93e
51771f6b18eac0c971941872756a87f2adde4cd3
6bc81bc7f020f3ffc49ed0fb91aa9df346d7954946a772a33df3dd491dce0f10
GET /easygift?tid=5xni7q8d5ce0n6b4pgfksskgk,16669851,5,5221&ctrack=1674273431.3121675281&p=5221&pi=106&click_id=1c259eeadd0745ade8bd3ecfca2bc9ce44a02d3959ed49efbc4c4a1631b8dd30&media_type=mainstream HTTP/1.1
Host: www.lottohunts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 21 Jan 2023 03:57:30 GMT
Log-Id: 3c5ed6c4-c414-47a4-a901-c3b4202d8911
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkUxUDFVbWhYZ05tNGxKdCtsZ2FsRUE9PSIsInZhbHVlIjoiblJQU0RWZEVEUG9sa2gyb2lOWHh3TnEwNTUyVlNWN0ljTmNEeXdIS2lVTVNzd0w0T2VyOW12UGtwSnV6UmNzZUs0S0doWEcvQU1xb0c5T05Pa0h4VHdCUWMyZnA5UlpBOXdsNUIzK3grdEJ2UGo4eEFhc0NhNjRabXZJeU5ORWsiLCJtYWMiOiIzNzYyYmQyY2EzZjFhYjYxN2IzNjg3N2NiODk2MmE2MGNjMzNkMzc0NGIyZTJmODkzZDE2NGRjOWFjZjMxMWYzIiwidGFnIjoiIn0%3D; expires=Sat, 21-Jan-2023 05:57:30 GMT; Max-Age=7200; path=/
ivr_offers_session=eyJpdiI6IlBVbHk3NlZMTzBlQ295akErSG1DRWc9PSIsInZhbHVlIjoiaTkyTHJaam9ESXhhbUMrTWpSTnF1ZFFvQU9SY25UQVFLU0pTcnRlU2YvdzNQNS80WE9xOU1EZS9USU1QelVVbWNXeXIxNHpjUTFsM0VpNm5KaDliUXAwWFkybFkyYTFSQ0JaODM0NDh5c2l2aFdmWXRVN3A2eTRSTk91cDd5cDUiLCJtYWMiOiJjYTEwNTZhZDVlMmU1NzQ2NmQyYTAxNjFhOTBkMjVjOWY0YjczNmNmZjljZWY4Mzg1NDIwYTNiMGJiZjA4NDc0IiwidGFnIjoiIn0%3D; expires=Sat, 21-Jan-2023 05:57:30 GMT; Max-Age=7200; path=/; httponly
SESS_TRAF=eyJpdiI6ImZscGljL3hLNEZuYlVCOXYwN090Vnc9PSIsInZhbHVlIjoiVVJSdUVUT3dLc1NXc2IrZ0pUK0dFWTB0VUxXeFpnZE1Ea3dZc0JYak5oVjVFcER5YWk0UXJNcmVUTzJOQUJVak1PWDJmb2dWb2RWQ2xnRDJXRUkvMWpOd3cvU3FRNVR6ZjJzQXJHMXdhTTNkOTlUNzJjS1VDMmxNUXBCWkduaks2YU0wRmdCV3Z3N2c4NE5IbTBrbEQ4RmxzaXo0TFRJdjI3NWxxRmIrcmhyNXYwR1NjZFc4K2U5dmppSDIzODA2L3JncVpScCtWR1JRL2JqaytFSXpmbFRHQmFRbkIvc0U2Q0w4VGVsN2JrL3VLT1dBSVFRdE1DaDFTNy80TjgvRUhyZVNHVDJQUGxITUFDd3JHa0w4WXJrUEhOYWYxYTYvMUl4ZWc0eTgxMTIxZGZSemtYeVFiQzE4b3pRSWM0WkxNdUFpYXFpeFJHQmV3Y2N0SEZjbEd3PT0iLCJtYWMiOiJmMjY3MmNmMjQ0NTA3ZWViNDgwYzAzY2Y2NmE2MTMxMzVjYTQwMGUwYzE3M2E5ZmUwNTM4Y2Y4YTU0YzU0OGI5IiwidGFnIjoiIn0%3D; path=/; httponly
visit=eyJpdiI6Iml4Wm1KcWswbTNVb1o1elJCMGNzbWc9PSIsInZhbHVlIjoiejZsSms4SXYzWkw3MHl2QXdSa0hMbnlpbnRUR0VEaFZMVWkya1M4UWtvaFN2a3pXYi9hbThrTmg2RjlHMGNnQyIsIm1hYyI6IjkxZmE5Y2Y0YjhiZjczNWI5Y2EzNDk4ODMwOWNmZWE2YzFmOTg5N2U2M2E4YmNkZjNmMWRmNDQ1OTk2NTJmOTMiLCJ0YWciOiIifQ%3D%3D; expires=Sun, 22-Jan-2023 03:57:30 GMT; Max-Age=86400; path=/; httponly
CX63eIqEpVbaqhiprkNg9eM5TR9j8FAUlj8f5LTB=eyJpdiI6IjJuNjhxWkZIOTBwa3Z0aXlOKy9PNUE9PSIsInZhbHVlIjoicm1QRjRPYTJHY3oraVR0MngrQTdhRlFhYjNRYkNhYzJFVllEWVErUGo1ZDBIZlVxN2doNHR4MjM0VElMQkZBZVVwZlM3OWthQ2JZTzI1ZSs1ME92d1ZwSldTRzdDSnJoR1RXVFNIcnVnNVFqeW05SG1ZWVlGa0N6MFE5c1AvSUdhdzFQWVZJMElhQlBiOSt1Q2c0ejZsa2JFMFRuUzNWYWowZkwvME1LNjYzWUllaEMvMjFmc0I5aG5ERFVNeU5tZDczY1NlbmU1eXVrZm81clVjc0V3ZjQ3OXY4bGNsTkowM2NYT3h2TktxZWRjN3VYK3pwZUFVSXAyTk5nV0krdFM4RjAxWEsxUHh4TWFJb3QyakhhaHZRdWhMcUVJNS9MYmcwYUVJN01aZHJYTEtLdHRKanRsVXNmVkQyY1pZUHVIVTh5dlYyNW5mVFdWNC85dUVpdHZ5UnRyVUxUYm5ncVZ2ZmZqbVdWcFZ4TkFhRlA1SlVkQ2FFWm1BYXc3VkpCSnppMjVsUWRWSjlsc0VlR3p2VG5DbHdOdW1ZYnAxckE5Uk1jYnI2RDhVdnRpVGQwSlJuN3NDaE9VRi9Hc3NXa3RwUmFGTmhtS3Z0bnlCbzQ1RjFpK3VZTGpZajRFVk9Kdzc3Z1JmZndEVVFjbVBhbWIxMThkTFJlOExOMStlTHl4YmpGK0tTbGhlY3NObkV2VksvL01XcnlSWkJVWk1BT2lpQ0pBL1JCTm52NXY4WHhUMUFWek5WSUZkeDU1bWpGOTFRRXM3QVVxYm1BYitzNEhVUS9XSTVvY250eHloZHRoVUVoUWg4YVJFem5Na3BYUFVaVHZuOUpmY25PQ1NSViIsIm1hYyI6ImE3MmY5YmM3NzlmZWI5NmVkZWM1NGUyODI2NDY4NzViOTkyY2I1YzkxNjJhYTc1NWFiMzFkNWU0ODFlZGFiYTUiLCJ0YWciOiIifQ%3D%3D; expires=Sat, 21-Jan-2023 05:57:30 GMT; Max-Age=7200; path=/; httponly
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8238
Expires: Sat, 21 Jan 2023 06:14:48 GMT
Date: Sat, 21 Jan 2023 03:57:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11129
Expires: Sat, 21 Jan 2023 07:02:59 GMT
Date: Sat, 21 Jan 2023 03:57:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 03:34:41 GMT
content-type: application/json
age: 1369
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7afaa97fbfa9baa1485c892eac8e114d
8c17c707c218e28ac14197ce8e5eef873207a732
59db16baacb452453dbf44fc2a24f25ab09c4dbaec3a9271fda84230d8f11925
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59DB16BAACB452453DBF44FC2A24F25AB09C4DBAEC3A9271FDA84230D8F11925"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Sat, 21 Jan 2023 04:48:02 GMT
Date: Sat, 21 Jan 2023 03:57:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YZ12Fqm8Gu5oETFKopnyMVrcVA8ymbPzrk+OTJSIyNJx76wsueZ8NFIUAcx6yRRLglpns/7KpQs=
x-amz-request-id: MS3WB5HB3SRG5PK3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 03:17:51 GMT
age: 2379
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 03:57:30 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.lottohunts.com/css/offers/easygift/app.css?id=71a27d441492b80782e563847c6c0e53
94.237.84.54200 OK 853 B URL HTTP/1.1 www.lottohunts.com/css/offers/easygift/app.css?id=71a27d441492b80782e563847c6c0e53
IP 94.237.84.54:0
File type ASCII text, with very long lines (2022)
Hash 9ca66b2c2a72c07cf32ff2cf7f829152
05493cbdaee0422b44954b5197507482a65ff044
86800dcfdee59173f68f442fc76076be44b2bd64af98edbae199459c55ab2a0b
Analyzer Verdict Alert fortinet Phishing
GET /css/offers/easygift/app.css?id=71a27d441492b80782e563847c6c0e53 HTTP/1.1
Host: www.lottohunts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lottohunts.com/easygift?tid=5xni7q8d5ce0n6b4pgfksskgk,16669851,5,5221&ctrack=1674273431.3121675281&p=5221&pi=106&click_id=1c259eeadd0745ade8bd3ecfca2bc9ce44a02d3959ed49efbc4c4a1631b8dd30&media_type=mainstream
Cookie: XSRF-TOKEN=eyJpdiI6IkUxUDFVbWhYZ05tNGxKdCtsZ2FsRUE9PSIsInZhbHVlIjoiblJQU0RWZEVEUG9sa2gyb2lOWHh3TnEwNTUyVlNWN0ljTmNEeXdIS2lVTVNzd0w0T2VyOW12UGtwSnV6UmNzZUs0S0doWEcvQU1xb0c5T05Pa0h4VHdCUWMyZnA5UlpBOXdsNUIzK3grdEJ2UGo4eEFhc0NhNjRabXZJeU5ORWsiLCJtYWMiOiIzNzYyYmQyY2EzZjFhYjYxN2IzNjg3N2NiODk2MmE2MGNjMzNkMzc0NGIyZTJmODkzZDE2NGRjOWFjZjMxMWYzIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6IlBVbHk3NlZMTzBlQ295akErSG1DRWc9PSIsInZhbHVlIjoiaTkyTHJaam9ESXhhbUMrTWpSTnF1ZFFvQU9SY25UQVFLU0pTcnRlU2YvdzNQNS80WE9xOU1EZS9USU1QelVVbWNXeXIxNHpjUTFsM0VpNm5KaDliUXAwWFkybFkyYTFSQ0JaODM0NDh5c2l2aFdmWXRVN3A2eTRSTk91cDd5cDUiLCJtYWMiOiJjYTEwNTZhZDVlMmU1NzQ2NmQyYTAxNjFhOTBkMjVjOWY0YjczNmNmZjljZWY4Mzg1NDIwYTNiMGJiZjA4NDc0IiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6ImZscGljL3hLNEZuYlVCOXYwN090Vnc9PSIsInZhbHVlIjoiVVJSdUVUT3dLc1NXc2IrZ0pUK0dFWTB0VUxXeFpnZE1Ea3dZc0JYak5oVjVFcER5YWk0UXJNcmVUTzJOQUJVak1PWDJmb2dWb2RWQ2xnRDJXRUkvMWpOd3cvU3FRNVR6ZjJzQXJHMXdhTTNkOTlUNzJjS1VDMmxNUXBCWkduaks2YU0wRmdCV3Z3N2c4NE5IbTBrbEQ4RmxzaXo0TFRJdjI3NWxxRmIrcmhyNXYwR1NjZFc4K2U5dmppSDIzODA2L3JncVpScCtWR1JRL2JqaytFSXpmbFRHQmFRbkIvc0U2Q0w4VGVsN2JrL3VLT1dBSVFRdE1DaDFTNy80TjgvRUhyZVNHVDJQUGxITUFDd3JHa0w4WXJrUEhOYWYxYTYvMUl4ZWc0eTgxMTIxZGZSemtYeVFiQzE4b3pRSWM0WkxNdUFpYXFpeFJHQmV3Y2N0SEZjbEd3PT0iLCJtYWMiOiJmMjY3MmNmMjQ0NTA3ZWViNDgwYzAzY2Y2NmE2MTMxMzVjYTQwMGUwYzE3M2E5ZmUwNTM4Y2Y4YTU0YzU0OGI5IiwidGFnIjoiIn0%3D; visit=eyJpdiI6Iml4Wm1KcWswbTNVb1o1elJCMGNzbWc9PSIsInZhbHVlIjoiejZsSms4SXYzWkw3MHl2QXdSa0hMbnlpbnRUR0VEaFZMVWkya1M4UWtvaFN2a3pXYi9hbThrTmg2RjlHMGNnQyIsIm1hYyI6IjkxZmE5Y2Y0YjhiZjczNWI5Y2EzNDk4ODMwOWNmZWE2YzFmOTg5N2U2M2E4YmNkZjNmMWRmNDQ1OTk2NTJmOTMiLCJ0YWciOiIifQ%3D%3D; CX63eIqEpVbaqhiprkNg9eM5TR9j8FAUlj8f5LTB=eyJpdiI6IjJuNjhxWkZIOTBwa3Z0aXlOKy9PNUE9PSIsInZhbHVlIjoicm1QRjRPYTJHY3oraVR0MngrQTdhRlFhYjNRYkNhYzJFVllEWVErUGo1ZDBIZlVxN2doNHR4MjM0VElMQkZBZVVwZlM3OWthQ2JZTzI1ZSs1ME92d1ZwSldTRzdDSnJoR1RXVFNIcnVnNVFqeW05SG1ZWVlGa0N6MFE5c1AvSUdhdzFQWVZJMElhQlBiOSt1Q2c0ejZsa2JFMFRuUzNWYWowZkwvME1LNjYzWUllaEMvMjFmc0I5aG5ERFVNeU5tZDczY1NlbmU1eXVrZm81clVjc0V3ZjQ3OXY4bGNsTkowM2NYT3h2TktxZWRjN3VYK3pwZUFVSXAyTk5nV0krdFM4RjAxWEsxUHh4TWFJb3QyakhhaHZRdWhMcUVJNS9MYmcwYUVJN01aZHJYTEtLdHRKanRsVXNmVkQyY1pZUHVIVTh5dlYyNW5mVFdWNC85dUVpdHZ5UnRyVUxUYm5ncVZ2ZmZqbVdWcFZ4TkFhRlA1SlVkQ2FFWm1BYXc3VkpCSnppMjVsUWRWSjlsc0VlR3p2VG5DbHdOdW1ZYnAxckE5Uk1jYnI2RDhVdnRpVGQwSlJuN3NDaE9VRi9Hc3NXa3RwUmFGTmhtS3Z0bnlCbzQ1RjFpK3VZTGpZajRFVk9Kdzc3Z1JmZndEVVFjbVBhbWIxMThkTFJlOExOMStlTHl4YmpGK0tTbGhlY3NObkV2VksvL01XcnlSWkJVWk1BT2lpQ0pBL1JCTm52NXY4WHhUMUFWek5WSUZkeDU1bWpGOTFRRXM3QVVxYm1BYitzNEhVUS9XSTVvY250eHloZHRoVUVoUWg4YVJFem5Na3BYUFVaVHZuOUpmY25PQ1NSViIsIm1hYyI6ImE3MmY5YmM3NzlmZWI5NmVkZWM1NGUyODI2NDY4NzViOTkyY2I1YzkxNjJhYTc1NWFiMzFkNWU0ODFlZGFiYTUiLCJ0YWciOiIifQ%3D%3D
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 03:57:30 GMT
Content-Type: text/css
Last-Modified: Thu, 19 Jan 2023 15:31:00 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"63c96234-80a"
Expires: Sun, 21 Jan 2024 03:57:30 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c4cc01d0e8305caad7898742b84aab4e
94b282f758aa16c56829790b5e855ed54bb4e14a
61710205d65330500a3d14a56a6751a2588b1367efee2a25ee54a3b71ab8e9e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61710205D65330500A3D14A56A6751A2588B1367EFEE2A25EE54A3B71AB8E9E1"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5818
Expires: Sat, 21 Jan 2023 05:34:28 GMT
Date: Sat, 21 Jan 2023 03:57:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c4cc01d0e8305caad7898742b84aab4e
94b282f758aa16c56829790b5e855ed54bb4e14a
61710205d65330500a3d14a56a6751a2588b1367efee2a25ee54a3b71ab8e9e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61710205D65330500A3D14A56A6751A2588B1367EFEE2A25EE54A3B71AB8E9E1"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5878
Expires: Sat, 21 Jan 2023 05:35:28 GMT
Date: Sat, 21 Jan 2023 03:57:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c4cc01d0e8305caad7898742b84aab4e
94b282f758aa16c56829790b5e855ed54bb4e14a
61710205d65330500a3d14a56a6751a2588b1367efee2a25ee54a3b71ab8e9e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61710205D65330500A3D14A56A6751A2588B1367EFEE2A25EE54A3B71AB8E9E1"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5878
Expires: Sat, 21 Jan 2023 05:35:28 GMT
Date: Sat, 21 Jan 2023 03:57:30 GMT
Connection: keep-alive
www.lottohunts.com/js/offers/easygift/app.js?id=82aa19f394721f462889db3481820710
94.237.84.54200 OK 75 kB URL HTTP/1.1 www.lottohunts.com/js/offers/easygift/app.js?id=82aa19f394721f462889db3481820710
IP 94.237.84.54:0
File type Unicode text, UTF-8 text, with very long lines (65443)
Hash 0037e8b3d62f2199e6ce0e689492d592
558a950506ea16e89fa42348b8ba0f2c6a9f0b29
8a3986c121c4601e51ea73f0285a999f77b33b2b7db0b3709807938731645b70
GET /js/offers/easygift/app.js?id=82aa19f394721f462889db3481820710 HTTP/1.1
Host: www.lottohunts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lottohunts.com/easygift?tid=5xni7q8d5ce0n6b4pgfksskgk,16669851,5,5221&ctrack=1674273431.3121675281&p=5221&pi=106&click_id=1c259eeadd0745ade8bd3ecfca2bc9ce44a02d3959ed49efbc4c4a1631b8dd30&media_type=mainstream
Cookie: XSRF-TOKEN=eyJpdiI6IkUxUDFVbWhYZ05tNGxKdCtsZ2FsRUE9PSIsInZhbHVlIjoiblJQU0RWZEVEUG9sa2gyb2lOWHh3TnEwNTUyVlNWN0ljTmNEeXdIS2lVTVNzd0w0T2VyOW12UGtwSnV6UmNzZUs0S0doWEcvQU1xb0c5T05Pa0h4VHdCUWMyZnA5UlpBOXdsNUIzK3grdEJ2UGo4eEFhc0NhNjRabXZJeU5ORWsiLCJtYWMiOiIzNzYyYmQyY2EzZjFhYjYxN2IzNjg3N2NiODk2MmE2MGNjMzNkMzc0NGIyZTJmODkzZDE2NGRjOWFjZjMxMWYzIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6IlBVbHk3NlZMTzBlQ295akErSG1DRWc9PSIsInZhbHVlIjoiaTkyTHJaam9ESXhhbUMrTWpSTnF1ZFFvQU9SY25UQVFLU0pTcnRlU2YvdzNQNS80WE9xOU1EZS9USU1QelVVbWNXeXIxNHpjUTFsM0VpNm5KaDliUXAwWFkybFkyYTFSQ0JaODM0NDh5c2l2aFdmWXRVN3A2eTRSTk91cDd5cDUiLCJtYWMiOiJjYTEwNTZhZDVlMmU1NzQ2NmQyYTAxNjFhOTBkMjVjOWY0YjczNmNmZjljZWY4Mzg1NDIwYTNiMGJiZjA4NDc0IiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6ImZscGljL3hLNEZuYlVCOXYwN090Vnc9PSIsInZhbHVlIjoiVVJSdUVUT3dLc1NXc2IrZ0pUK0dFWTB0VUxXeFpnZE1Ea3dZc0JYak5oVjVFcER5YWk0UXJNcmVUTzJOQUJVak1PWDJmb2dWb2RWQ2xnRDJXRUkvMWpOd3cvU3FRNVR6ZjJzQXJHMXdhTTNkOTlUNzJjS1VDMmxNUXBCWkduaks2YU0wRmdCV3Z3N2c4NE5IbTBrbEQ4RmxzaXo0TFRJdjI3NWxxRmIrcmhyNXYwR1NjZFc4K2U5dmppSDIzODA2L3JncVpScCtWR1JRL2JqaytFSXpmbFRHQmFRbkIvc0U2Q0w4VGVsN2JrL3VLT1dBSVFRdE1DaDFTNy80TjgvRUhyZVNHVDJQUGxITUFDd3JHa0w4WXJrUEhOYWYxYTYvMUl4ZWc0eTgxMTIxZGZSemtYeVFiQzE4b3pRSWM0WkxNdUFpYXFpeFJHQmV3Y2N0SEZjbEd3PT0iLCJtYWMiOiJmMjY3MmNmMjQ0NTA3ZWViNDgwYzAzY2Y2NmE2MTMxMzVjYTQwMGUwYzE3M2E5ZmUwNTM4Y2Y4YTU0YzU0OGI5IiwidGFnIjoiIn0%3D; visit=eyJpdiI6Iml4Wm1KcWswbTNVb1o1elJCMGNzbWc9PSIsInZhbHVlIjoiejZsSms4SXYzWkw3MHl2QXdSa0hMbnlpbnRUR0VEaFZMVWkya1M4UWtvaFN2a3pXYi9hbThrTmg2RjlHMGNnQyIsIm1hYyI6IjkxZmE5Y2Y0YjhiZjczNWI5Y2EzNDk4ODMwOWNmZWE2YzFmOTg5N2U2M2E4YmNkZjNmMWRmNDQ1OTk2NTJmOTMiLCJ0YWciOiIifQ%3D%3D; CX63eIqEpVbaqhiprkNg9eM5TR9j8FAUlj8f5LTB=eyJpdiI6IjJuNjhxWkZIOTBwa3Z0aXlOKy9PNUE9PSIsInZhbHVlIjoicm1QRjRPYTJHY3oraVR0MngrQTdhRlFhYjNRYkNhYzJFVllEWVErUGo1ZDBIZlVxN2doNHR4MjM0VElMQkZBZVVwZlM3OWthQ2JZTzI1ZSs1ME92d1ZwSldTRzdDSnJoR1RXVFNIcnVnNVFqeW05SG1ZWVlGa0N6MFE5c1AvSUdhdzFQWVZJMElhQlBiOSt1Q2c0ejZsa2JFMFRuUzNWYWowZkwvME1LNjYzWUllaEMvMjFmc0I5aG5ERFVNeU5tZDczY1NlbmU1eXVrZm81clVjc0V3ZjQ3OXY4bGNsTkowM2NYT3h2TktxZWRjN3VYK3pwZUFVSXAyTk5nV0krdFM4RjAxWEsxUHh4TWFJb3QyakhhaHZRdWhMcUVJNS9MYmcwYUVJN01aZHJYTEtLdHRKanRsVXNmVkQyY1pZUHVIVTh5dlYyNW5mVFdWNC85dUVpdHZ5UnRyVUxUYm5ncVZ2ZmZqbVdWcFZ4TkFhRlA1SlVkQ2FFWm1BYXc3VkpCSnppMjVsUWRWSjlsc0VlR3p2VG5DbHdOdW1ZYnAxckE5Uk1jYnI2RDhVdnRpVGQwSlJuN3NDaE9VRi9Hc3NXa3RwUmFGTmhtS3Z0bnlCbzQ1RjFpK3VZTGpZajRFVk9Kdzc3Z1JmZndEVVFjbVBhbWIxMThkTFJlOExOMStlTHl4YmpGK0tTbGhlY3NObkV2VksvL01XcnlSWkJVWk1BT2lpQ0pBL1JCTm52NXY4WHhUMUFWek5WSUZkeDU1bWpGOTFRRXM3QVVxYm1BYitzNEhVUS9XSTVvY250eHloZHRoVUVoUWg4YVJFem5Na3BYUFVaVHZuOUpmY25PQ1NSViIsIm1hYyI6ImE3MmY5YmM3NzlmZWI5NmVkZWM1NGUyODI2NDY4NzViOTkyY2I1YzkxNjJhYTc1NWFiMzFkNWU0ODFlZGFiYTUiLCJ0YWciOiIifQ%3D%3D
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 03:57:30 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 19 Jan 2023 15:31:00 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"63c96234-37fb5"
Expires: Sun, 21 Jan 2024 03:57:30 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
www.lottohunts.com/js/app.js?id=4123e33d1f129a992d3bb6009f02803b
94.237.84.54200 OK 64 kB URL HTTP/1.1 www.lottohunts.com/js/app.js?id=4123e33d1f129a992d3bb6009f02803b
IP 94.237.84.54:0
File type Unicode text, UTF-8 text, with very long lines (65474)
Hash 6fddfae1bdb09e9004cea9d0ee663df7
0fa220d8517ddf4bd3a7b4392943216aa0d58eb1
e2d4db39d76b4861043dbeb1bf747bab7677a3b553d6ab19f0b3190751144eb9
Analyzer Verdict Alert fortinet Phishing
GET /js/app.js?id=4123e33d1f129a992d3bb6009f02803b HTTP/1.1
Host: www.lottohunts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lottohunts.com/easygift?tid=5xni7q8d5ce0n6b4pgfksskgk,16669851,5,5221&ctrack=1674273431.3121675281&p=5221&pi=106&click_id=1c259eeadd0745ade8bd3ecfca2bc9ce44a02d3959ed49efbc4c4a1631b8dd30&media_type=mainstream
Cookie: XSRF-TOKEN=eyJpdiI6IkUxUDFVbWhYZ05tNGxKdCtsZ2FsRUE9PSIsInZhbHVlIjoiblJQU0RWZEVEUG9sa2gyb2lOWHh3TnEwNTUyVlNWN0ljTmNEeXdIS2lVTVNzd0w0T2VyOW12UGtwSnV6UmNzZUs0S0doWEcvQU1xb0c5T05Pa0h4VHdCUWMyZnA5UlpBOXdsNUIzK3grdEJ2UGo4eEFhc0NhNjRabXZJeU5ORWsiLCJtYWMiOiIzNzYyYmQyY2EzZjFhYjYxN2IzNjg3N2NiODk2MmE2MGNjMzNkMzc0NGIyZTJmODkzZDE2NGRjOWFjZjMxMWYzIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6IlBVbHk3NlZMTzBlQ295akErSG1DRWc9PSIsInZhbHVlIjoiaTkyTHJaam9ESXhhbUMrTWpSTnF1ZFFvQU9SY25UQVFLU0pTcnRlU2YvdzNQNS80WE9xOU1EZS9USU1QelVVbWNXeXIxNHpjUTFsM0VpNm5KaDliUXAwWFkybFkyYTFSQ0JaODM0NDh5c2l2aFdmWXRVN3A2eTRSTk91cDd5cDUiLCJtYWMiOiJjYTEwNTZhZDVlMmU1NzQ2NmQyYTAxNjFhOTBkMjVjOWY0YjczNmNmZjljZWY4Mzg1NDIwYTNiMGJiZjA4NDc0IiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6ImZscGljL3hLNEZuYlVCOXYwN090Vnc9PSIsInZhbHVlIjoiVVJSdUVUT3dLc1NXc2IrZ0pUK0dFWTB0VUxXeFpnZE1Ea3dZc0JYak5oVjVFcER5YWk0UXJNcmVUTzJOQUJVak1PWDJmb2dWb2RWQ2xnRDJXRUkvMWpOd3cvU3FRNVR6ZjJzQXJHMXdhTTNkOTlUNzJjS1VDMmxNUXBCWkduaks2YU0wRmdCV3Z3N2c4NE5IbTBrbEQ4RmxzaXo0TFRJdjI3NWxxRmIrcmhyNXYwR1NjZFc4K2U5dmppSDIzODA2L3JncVpScCtWR1JRL2JqaytFSXpmbFRHQmFRbkIvc0U2Q0w4VGVsN2JrL3VLT1dBSVFRdE1DaDFTNy80TjgvRUhyZVNHVDJQUGxITUFDd3JHa0w4WXJrUEhOYWYxYTYvMUl4ZWc0eTgxMTIxZGZSemtYeVFiQzE4b3pRSWM0WkxNdUFpYXFpeFJHQmV3Y2N0SEZjbEd3PT0iLCJtYWMiOiJmMjY3MmNmMjQ0NTA3ZWViNDgwYzAzY2Y2NmE2MTMxMzVjYTQwMGUwYzE3M2E5ZmUwNTM4Y2Y4YTU0YzU0OGI5IiwidGFnIjoiIn0%3D; visit=eyJpdiI6Iml4Wm1KcWswbTNVb1o1elJCMGNzbWc9PSIsInZhbHVlIjoiejZsSms4SXYzWkw3MHl2QXdSa0hMbnlpbnRUR0VEaFZMVWkya1M4UWtvaFN2a3pXYi9hbThrTmg2RjlHMGNnQyIsIm1hYyI6IjkxZmE5Y2Y0YjhiZjczNWI5Y2EzNDk4ODMwOWNmZWE2YzFmOTg5N2U2M2E4YmNkZjNmMWRmNDQ1OTk2NTJmOTMiLCJ0YWciOiIifQ%3D%3D; CX63eIqEpVbaqhiprkNg9eM5TR9j8FAUlj8f5LTB=eyJpdiI6IjJuNjhxWkZIOTBwa3Z0aXlOKy9PNUE9PSIsInZhbHVlIjoicm1QRjRPYTJHY3oraVR0MngrQTdhRlFhYjNRYkNhYzJFVllEWVErUGo1ZDBIZlVxN2doNHR4MjM0VElMQkZBZVVwZlM3OWthQ2JZTzI1ZSs1ME92d1ZwSldTRzdDSnJoR1RXVFNIcnVnNVFqeW05SG1ZWVlGa0N6MFE5c1AvSUdhdzFQWVZJMElhQlBiOSt1Q2c0ejZsa2JFMFRuUzNWYWowZkwvME1LNjYzWUllaEMvMjFmc0I5aG5ERFVNeU5tZDczY1NlbmU1eXVrZm81clVjc0V3ZjQ3OXY4bGNsTkowM2NYT3h2TktxZWRjN3VYK3pwZUFVSXAyTk5nV0krdFM4RjAxWEsxUHh4TWFJb3QyakhhaHZRdWhMcUVJNS9MYmcwYUVJN01aZHJYTEtLdHRKanRsVXNmVkQyY1pZUHVIVTh5dlYyNW5mVFdWNC85dUVpdHZ5UnRyVUxUYm5ncVZ2ZmZqbVdWcFZ4TkFhRlA1SlVkQ2FFWm1BYXc3VkpCSnppMjVsUWRWSjlsc0VlR3p2VG5DbHdOdW1ZYnAxckE5Uk1jYnI2RDhVdnRpVGQwSlJuN3NDaE9VRi9Hc3NXa3RwUmFGTmhtS3Z0bnlCbzQ1RjFpK3VZTGpZajRFVk9Kdzc3Z1JmZndEVVFjbVBhbWIxMThkTFJlOExOMStlTHl4YmpGK0tTbGhlY3NObkV2VksvL01XcnlSWkJVWk1BT2lpQ0pBL1JCTm52NXY4WHhUMUFWek5WSUZkeDU1bWpGOTFRRXM3QVVxYm1BYitzNEhVUS9XSTVvY250eHloZHRoVUVoUWg4YVJFem5Na3BYUFVaVHZuOUpmY25PQ1NSViIsIm1hYyI6ImE3MmY5YmM3NzlmZWI5NmVkZWM1NGUyODI2NDY4NzViOTkyY2I1YzkxNjJhYTc1NWFiMzFkNWU0ODFlZGFiYTUiLCJ0YWciOiIifQ%3D%3D
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 03:57:30 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 19 Jan 2023 15:31:00 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"63c96234-2e42c"
Expires: Sun, 21 Jan 2024 03:57:30 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
www.lottohunts.com/img/offers/easygift/icon-verify.png
94.237.84.54200 OK 649 B URL HTTP/2 www.lottohunts.com/img/offers/easygift/icon-verify.png
IP 94.237.84.54:0
File type PNG image data, 82 x 100, 4-bit colormap, non-interlaced\012- data
Hash b24449b0b43397e9f5bf81efc0a60ff1
8c395eee84b3ab713a1bf8803c66898fe3e81368
dde5c174315af7d82fb4f5922719e29c866c2457e977cee40d53f60980408fdc
GET /img/offers/easygift/icon-verify.png HTTP/1.1
Host: www.lottohunts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lottohunts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 03:57:30 GMT
content-type: image/png
content-length: 649
last-modified: Thu, 19 Jan 2023 15:31:00 GMT
etag: "63c96234-289"
expires: Sun, 21 Jan 2024 03:57:30 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e145b88ffcd0c05e3c6089c19ea536aa
85f37590dcba50f36e25fbc42256669eef8c3977
2a41d5d2b0d08863631436b67de83d90e76a3c8cb98498df78d41c749cb76f04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A41D5D2B0D08863631436B67DE83D90E76A3C8CB98498DF78D41C749CB76F04"
Last-Modified: Sat, 21 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10712
Expires: Sat, 21 Jan 2023 06:56:03 GMT
Date: Sat, 21 Jan 2023 03:57:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3e6292899bb80512ad2e1327acab038f
2c64cacba2b7e1ca0d2b9be0929883ba622406b7
2a1282080bea83f39061d77b2d62a39e8886687f5d40b9f307d12b65786a456c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A1282080BEA83F39061D77B2D62A39E8886687F5D40B9F307D12B65786A456C"
Last-Modified: Wed, 18 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2946
Expires: Sat, 21 Jan 2023 04:46:37 GMT
Date: Sat, 21 Jan 2023 03:57:31 GMT
Connection: keep-alive
www.lottohunts.com/img/offers/easygift/shipping.png
94.237.84.54200 OK 640 B URL HTTP/2 www.lottohunts.com/img/offers/easygift/shipping.png
IP 94.237.84.54:0
File type PNG image data, 74 x 55, 4-bit colormap, non-interlaced\012- data
Hash 60f406c9f573688244e1c212009673d6
8dfb016afb56d4c72ae59693731ce2f395d867e8
f9a28c875a78db3398fafeae2f1a56611408ba6d1e0267756aba95ff37a595dd
GET /img/offers/easygift/shipping.png HTTP/1.1
Host: www.lottohunts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lottohunts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 03:57:31 GMT
content-type: image/png
content-length: 640
last-modified: Thu, 19 Jan 2023 15:31:00 GMT
etag: "63c96234-280"
expires: Sun, 21 Jan 2024 03:57:31 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
www.lottohunts.com/img/offers/easygift/logo.png
94.237.84.54200 OK 768 B URL HTTP/2 www.lottohunts.com/img/offers/easygift/logo.png
IP 94.237.84.54:0
File type PNG image data, 132 x 34, 4-bit colormap, non-interlaced\012- data
Hash 57ea8aa224f0687d6c058d10b56949a5
21e37e07a4c24bd576999c323a0ec72b2c0f1e8f
22e11ac82d12c15639b06d088cc7651962b251a214f612738642ad7b1ab3cb4f
GET /img/offers/easygift/logo.png HTTP/1.1
Host: www.lottohunts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lottohunts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 03:57:31 GMT
content-type: image/png
content-length: 768
last-modified: Thu, 19 Jan 2023 15:31:00 GMT
etag: "63c96234-300"
expires: Sun, 21 Jan 2024 03:57:31 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
www.lottohunts.com/img/offers/easygift/confetti.png
94.237.84.54200 OK 7.1 kB URL HTTP/1.1 www.lottohunts.com/img/offers/easygift/confetti.png
IP 94.237.84.54:0
File type PNG image data, 375 x 292, 8-bit colormap, non-interlaced\012- data
Hash 431734d981e4f07e49423a3d45da20a7
2e74722c0e2adb8faee9bfbc71d4f361ba8b29f7
f8d17882c44cc448f78c81b26daaa48ffc3e3cf9a52568ae769d37c6f0a1bd01
GET /img/offers/easygift/confetti.png HTTP/1.1
Host: www.lottohunts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lottohunts.com/css/offers/easygift/app.css?id=71a27d441492b80782e563847c6c0e53
Cookie: XSRF-TOKEN=eyJpdiI6IkUxUDFVbWhYZ05tNGxKdCtsZ2FsRUE9PSIsInZhbHVlIjoiblJQU0RWZEVEUG9sa2gyb2lOWHh3TnEwNTUyVlNWN0ljTmNEeXdIS2lVTVNzd0w0T2VyOW12UGtwSnV6UmNzZUs0S0doWEcvQU1xb0c5T05Pa0h4VHdCUWMyZnA5UlpBOXdsNUIzK3grdEJ2UGo4eEFhc0NhNjRabXZJeU5ORWsiLCJtYWMiOiIzNzYyYmQyY2EzZjFhYjYxN2IzNjg3N2NiODk2MmE2MGNjMzNkMzc0NGIyZTJmODkzZDE2NGRjOWFjZjMxMWYzIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6IlBVbHk3NlZMTzBlQ295akErSG1DRWc9PSIsInZhbHVlIjoiaTkyTHJaam9ESXhhbUMrTWpSTnF1ZFFvQU9SY25UQVFLU0pTcnRlU2YvdzNQNS80WE9xOU1EZS9USU1QelVVbWNXeXIxNHpjUTFsM0VpNm5KaDliUXAwWFkybFkyYTFSQ0JaODM0NDh5c2l2aFdmWXRVN3A2eTRSTk91cDd5cDUiLCJtYWMiOiJjYTEwNTZhZDVlMmU1NzQ2NmQyYTAxNjFhOTBkMjVjOWY0YjczNmNmZjljZWY4Mzg1NDIwYTNiMGJiZjA4NDc0IiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6ImZscGljL3hLNEZuYlVCOXYwN090Vnc9PSIsInZhbHVlIjoiVVJSdUVUT3dLc1NXc2IrZ0pUK0dFWTB0VUxXeFpnZE1Ea3dZc0JYak5oVjVFcER5YWk0UXJNcmVUTzJOQUJVak1PWDJmb2dWb2RWQ2xnRDJXRUkvMWpOd3cvU3FRNVR6ZjJzQXJHMXdhTTNkOTlUNzJjS1VDMmxNUXBCWkduaks2YU0wRmdCV3Z3N2c4NE5IbTBrbEQ4RmxzaXo0TFRJdjI3NWxxRmIrcmhyNXYwR1NjZFc4K2U5dmppSDIzODA2L3JncVpScCtWR1JRL2JqaytFSXpmbFRHQmFRbkIvc0U2Q0w4VGVsN2JrL3VLT1dBSVFRdE1DaDFTNy80TjgvRUhyZVNHVDJQUGxITUFDd3JHa0w4WXJrUEhOYWYxYTYvMUl4ZWc0eTgxMTIxZGZSemtYeVFiQzE4b3pRSWM0WkxNdUFpYXFpeFJHQmV3Y2N0SEZjbEd3PT0iLCJtYWMiOiJmMjY3MmNmMjQ0NTA3ZWViNDgwYzAzY2Y2NmE2MTMxMzVjYTQwMGUwYzE3M2E5ZmUwNTM4Y2Y4YTU0YzU0OGI5IiwidGFnIjoiIn0%3D; visit=eyJpdiI6Iml4Wm1KcWswbTNVb1o1elJCMGNzbWc9PSIsInZhbHVlIjoiejZsSms4SXYzWkw3MHl2QXdSa0hMbnlpbnRUR0VEaFZMVWkya1M4UWtvaFN2a3pXYi9hbThrTmg2RjlHMGNnQyIsIm1hYyI6IjkxZmE5Y2Y0YjhiZjczNWI5Y2EzNDk4ODMwOWNmZWE2YzFmOTg5N2U2M2E4YmNkZjNmMWRmNDQ1OTk2NTJmOTMiLCJ0YWciOiIifQ%3D%3D; CX63eIqEpVbaqhiprkNg9eM5TR9j8FAUlj8f5LTB=eyJpdiI6IjJuNjhxWkZIOTBwa3Z0aXlOKy9PNUE9PSIsInZhbHVlIjoicm1QRjRPYTJHY3oraVR0MngrQTdhRlFhYjNRYkNhYzJFVllEWVErUGo1ZDBIZlVxN2doNHR4MjM0VElMQkZBZVVwZlM3OWthQ2JZTzI1ZSs1ME92d1ZwSldTRzdDSnJoR1RXVFNIcnVnNVFqeW05SG1ZWVlGa0N6MFE5c1AvSUdhdzFQWVZJMElhQlBiOSt1Q2c0ejZsa2JFMFRuUzNWYWowZkwvME1LNjYzWUllaEMvMjFmc0I5aG5ERFVNeU5tZDczY1NlbmU1eXVrZm81clVjc0V3ZjQ3OXY4bGNsTkowM2NYT3h2TktxZWRjN3VYK3pwZUFVSXAyTk5nV0krdFM4RjAxWEsxUHh4TWFJb3QyakhhaHZRdWhMcUVJNS9MYmcwYUVJN01aZHJYTEtLdHRKanRsVXNmVkQyY1pZUHVIVTh5dlYyNW5mVFdWNC85dUVpdHZ5UnRyVUxUYm5ncVZ2ZmZqbVdWcFZ4TkFhRlA1SlVkQ2FFWm1BYXc3VkpCSnppMjVsUWRWSjlsc0VlR3p2VG5DbHdOdW1ZYnAxckE5Uk1jYnI2RDhVdnRpVGQwSlJuN3NDaE9VRi9Hc3NXa3RwUmFGTmhtS3Z0bnlCbzQ1RjFpK3VZTGpZajRFVk9Kdzc3Z1JmZndEVVFjbVBhbWIxMThkTFJlOExOMStlTHl4YmpGK0tTbGhlY3NObkV2VksvL01XcnlSWkJVWk1BT2lpQ0pBL1JCTm52NXY4WHhUMUFWek5WSUZkeDU1bWpGOTFRRXM3QVVxYm1BYitzNEhVUS9XSTVvY250eHloZHRoVUVoUWg4YVJFem5Na3BYUFVaVHZuOUpmY25PQ1NSViIsIm1hYyI6ImE3MmY5YmM3NzlmZWI5NmVkZWM1NGUyODI2NDY4NzViOTkyY2I1YzkxNjJhYTc1NWFiMzFkNWU0ODFlZGFiYTUiLCJ0YWciOiIifQ%3D%3D
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 03:57:31 GMT
Content-Type: image/png
Content-Length: 7128
Last-Modified: Thu, 19 Jan 2023 15:31:00 GMT
ETag: "63c96234-1bd8"
Expires: Sun, 21 Jan 2024 03:57:31 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f64b66c4679627aaf1fe164af76049de
7f285371def787265d5108bc93c5afcf804e5c56
bb2720e2edfe914dec52079f32f58045a7b5f5b2e9029066929f61f6e025dc3b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB2720E2EDFE914DEC52079F32F58045A7B5F5B2E9029066929F61F6E025DC3B"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Sat, 21 Jan 2023 06:49:41 GMT
Date: Sat, 21 Jan 2023 03:57:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 03:48:58 GMT
age: 513
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
s3ntry.net/api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7
162.55.168.249200 OK 2 B URL HTTP/1.1 s3ntry.net/api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7
IP 162.55.168.249:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7 HTTP/1.1
Host: s3ntry.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.lottohunts.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://www.lottohunts.com
Content-Length: 434
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 03:57:31 GMT
Content-Type: application/json
Content-Length: 2
Connection: close
access-control-allow-origin: http://www.lottohunts.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
vary: Origin
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdb8a13dfce39d6e151a9ef185a772a1
037a680510f9dbce3c7cc3c0f9115fd587dbcd1d
98c8b7f269b9aad73b73fd946788ebfd7a4d7afbdd5347b56c67f73b947f5ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3169
Cache-Control: max-age=108133
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 03:57:31 GMT
Etag: "63ca59af-1d7"
Expires: Sun, 22 Jan 2023 09:59:44 GMT
Last-Modified: Fri, 20 Jan 2023 09:06:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.200.117.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.117.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UjOLgerZS0sgIYyx2UUPxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NypG4KCVQ/Ydw418vFEUjSanXeU=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5562
Expires: Sat, 21 Jan 2023 05:30:15 GMT
Date: Sat, 21 Jan 2023 03:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5562
Expires: Sat, 21 Jan 2023 05:30:15 GMT
Date: Sat, 21 Jan 2023 03:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5562
Expires: Sat, 21 Jan 2023 05:30:15 GMT
Date: Sat, 21 Jan 2023 03:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5562
Expires: Sat, 21 Jan 2023 05:30:15 GMT
Date: Sat, 21 Jan 2023 03:57:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a43120101d55af4d7d2cb93aa3f81560
2c1443887c1e4a85ad794f463fc947a97486e091
055cd52ec7c883a67e521fba820e80cbbf8ecb59343f6d48ba5e5d9b22bfddcc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7895
x-amzn-requestid: 3ae300df-5e6c-4c70-a8ed-1475b7580b9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlxaEz2IAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21cd5-1b0ce13023f3ada1112870db;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:09:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xg1Y5GDscYzE6WqYp2jk6lkLoJLBwOHf2vb0k5W3TpytZqDwCI29sg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:07 GMT
age: 22646
etag: "2c1443887c1e4a85ad794f463fc947a97486e091"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88829ea0-64fb-483f-aec7-5aee09f32f6e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88829ea0-64fb-483f-aec7-5aee09f32f6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ad9f2fef16aac849a0d465c88cfacd3
4e001905147530e41f22cbe575a75f10b6d741b3
0f1f68768230140ea96b26d8d343fc63a2d0fcfc1da6bbd86826f02757339171
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88829ea0-64fb-483f-aec7-5aee09f32f6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10880
x-amzn-requestid: 7e20a469-9620-4c2c-bc94-aa62c7c22419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6wWGE55IAMFn_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c760f3-3e00d645794ca28d5f3cd1b0;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:01:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DZGZpALHmtzvW30UYCwkwRYc_nWGJ3C0cDoh2JC4XHA9BI7qcqjvhw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 13:33:54 GMT
age: 51819
etag: "4e001905147530e41f22cbe575a75f10b6d741b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:24:48 GMT
age: 1965
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cd49e5e-faeb-493d-836c-cc9113b8b9b0.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cd49e5e-faeb-493d-836c-cc9113b8b9b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee8a3f0217d169adf3c115d9d86e3da
933229226281a0284ffa0d069a64241fc0efacf4
2a7945dd444dfaef88f2c6d86ff57ab39e921b3fe83cc8df17369285c28b0fa6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cd49e5e-faeb-493d-836c-cc9113b8b9b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10921
x-amzn-requestid: b85aa52c-1dd3-43a5-9f04-90186bbde581
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-W6kHFfIAMFukg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8d1dd-5c9dcaf26e66e0764c708c31;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 05:15:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8muHyow7Iv7xQKCkbRJLBsCtDaEc3LefkQypsnaEoid1_gsOTefoGg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:03 GMT
age: 22650
etag: "933229226281a0284ffa0d069a64241fc0efacf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f99971c-1473-40a1-8c51-d03ce30e94e6.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f99971c-1473-40a1-8c51-d03ce30e94e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 868be33d3c4e2c509093599072ce6dc7
50d61f7462a41c8afe83f0beb00eb12d6d09bc5f
d698c324af46805e945d7d7a8a991ed032bfafa4014962edbb7b1d6a30eee4fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f99971c-1473-40a1-8c51-d03ce30e94e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11158
x-amzn-requestid: eb39cc3a-823d-4531-9e6e-491a88e82db8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4CPqHlMoAMF3Dw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c64a64-4edbe26264c966fc6ec49fee;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:12:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HOZB3tHDBu_dUR5DnuYllS2tz8E_e586E7oFVJuzXYQzCD0mSczRMA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 04:53:14 GMT
age: 83059
etag: "50d61f7462a41c8afe83f0beb00eb12d6d09bc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 893ea518ea7c11ec06ffea60b2ee7921
34675a13bbac6abd1b087e546425e141215cf072
675ec12ed5803fad5036cedc1a3b66229316836bb321b4ad3a34aab56a100ca7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8698
x-amzn-requestid: 97c3bd04-2d8a-447e-85cb-376ea44b283c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K85GOQIAMFbPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-5b6517906d2f8bad6488e6f8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yqCw_c7tiFbJHxXvh65YuXnDX8bXdnsBupUJQXXfF141ODP-SBm48A==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 08:28:37 GMT
age: 70136
etag: "34675a13bbac6abd1b087e546425e141215cf072"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.lottohunts.com/img/offers/easygift/service.png
94.237.84.54200 OK 0 B URL HTTP/2 www.lottohunts.com/img/offers/easygift/service.png
IP 94.237.84.54:0
GET /img/offers/easygift/service.png HTTP/1.1
Host: www.lottohunts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lottohunts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 03:57:30 GMT
content-type: image/png
content-length: 780
last-modified: Thu, 19 Jan 2023 15:31:00 GMT
etag: "63c96234-30c"
expires: Sun, 21 Jan 2024 03:57:30 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2