HTTP Hunt Lottery

Try your luck! You have a 1 in 1000 chance of winning a prize. Use Caido's HTTP History to inspect the requests and responses to understand what's happening behind the scenes.

🎰 Play the Lottery

Click the button below to try your luck. You might win a prize!

Checking your luck...

🔍 Lab Instructions (Click to reveal)

  1. Start Caido and begin recording HTTP traffic
  2. Click the "Try Your Luck!" button above
  3. Open Caido's HTTP History to see all the requests made
  4. Look for the lottery check request and examine its response
  5. Notice how the response contains a prize claim link even when you "lose"
  6. Try accessing that prize claim link directly from the HTTP History
  7. Use the "CLAIM PRIZE" button to complete the lab

Learning Objective: This lab demonstrates how HTTP History can reveal hidden information in responses that isn't displayed to users, and how you can use that information to access functionality that wasn't intended to be directly accessible.