Report - ujn.nowsubmission.com/?kw=43588&s1=d8a1267f97a34f6f85a91cb4e332ed3e1e1bf&s2=

Report Overview

Submitted URL
ujn.nowsubmission.com/?kw=43588&s1=d8a1267f97a34f6f85a91cb4e332ed3e1e1bf&s2=
IP
45.77.107.183
ASN
#20473 AS-CHOOPA
Submitted
2023-03-31 19:58:42
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ujn.nowsubmission.com	unknown	2022-06-14T03:33:32Z	2023-03-31T05:09:22Z	912 B	1.7 kB	45.77.107.183
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	127 B	44.230.121.34
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	2.1 kB	4.2 kB	142.250.74.131
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-31T21:23:20Z	399 B	34 kB	172.217.21.170
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-31T20:44:48Z	509 B	16 kB	142.250.74.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	3.7 kB	9.8 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	60 kB	34.120.237.76
ujn.loopswiftlinks.com	unknown	2023-03-20T16:40:19Z	2023-03-31T18:52:04Z	10 kB	454 kB	179.61.143.125
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-31T18:13:43Z	378 B	34 kB	69.16.175.42
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-31T20:23:24Z	424 B	630 B	142.250.74.138
pushrev.neptuneadspush.com	160570	2019-02-14T12:19:32Z	2023-03-30T01:58:36Z	461 B	750 B	172.64.129.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-31	medium	ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f	Phishing
2023-03-31	medium	ujn.loopswiftlinks.com/_common/js/service-workers/neptuneads/service-worker.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f	1.5 kB	2023-03-07	2023-11-03
Pretty URL ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f IP 179.61.143.125 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:53 Last Seen2023-11-03 08:13:07 Times Seen205 Hash f9bee39f8fab5c1968a8ee1eea700a07 8db4440fbd23c8ffe925f93a635ae9326e128400 42037e26c90e9b6e7063479a94f42419107c785b42cb2982968f91bf2170b394 Loading...

	ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f	585 B	2023-03-07	2023-11-03
Pretty URL ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f IP 179.61.143.125 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:53 Last Seen2023-11-03 08:13:07 Times Seen205 Hash d403e2ac626e1fd36cddfbba4fe79bae 49e2f56fc6e17b6ed6070544fea1dab2e51e796d 82da2e2b85e9faaab54c4930face8afffed23e92b25b4ad9bf4d87514274e499 Loading...

	ujn.loopswiftlinks.com/o/2XXQ6DLP/6b6af972-cffe-11ed-b3c4-337ad67a54ea/?push=true	1.1 kB	2023-04-01	2023-04-01
Pretty URL ujn.loopswiftlinks.com/o/2XXQ6DLP/6b6af972-cffe-11ed-b3c4-337ad67a54ea/?push=true IP 179.61.143.125 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:07:20 Last Seen2023-04-01 11:07:20 Times Seen1 Hash fb4c4120540b04138a9a81ced8922873 e932ffa7e21e0eb903226ca112625ee90cee8a8e b60b95f83e7f23f17a1abf91a9fefcf412ebfced9861076f254462cfcd027b61 Loading...

	ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f	4.0 kB	2023-04-01	2023-04-01
Pretty URL ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f IP 179.61.143.125 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:07:20 Last Seen2023-04-01 11:07:20 Times Seen1 Hash a2cfa3911d17335da896ccb1d4ed5f40 570b6fde9ff388834b702b81388798261c2d25c8 4873993d469788d7ffa6eaf52d85a702fccac3a1ca5322d157a171f71beac825 Loading...

	ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f	559 B	2023-03-07	2024-02-20
Pretty URL ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f IP 179.61.143.125 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:53 Last Seen2024-02-20 08:43:07 Times Seen225 Hash facb6be6d205d591a961eeb6ae6a6032 cf931260828e3287c5ee540dad6865358f10382d e24c922fce3c989c61a36a1b378d9a0443b441d7bbf2ded71b7d7aa8c0b13dfb Loading...

	code.jquery.com/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-1.11.3.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-04-25 06:07:25 Times Seen10382 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js	93 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 08:42:46 Times Seen16798 Hash e0e0559014b222245deb26b6ae8bd940 e2f3603e23711f6446f278a411d905623d65201e 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Loading...

	ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f	379 B	2023-04-01	2023-04-01
Pretty URL ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f IP 179.61.143.125 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:07:20 Last Seen2023-04-01 11:07:20 Times Seen1 Hash fc26370fd8edcaea59d77f012db76fed 8d148854dcc5f32ff089a61f567c3d7089a495a6 d6de0cc1bbf5bb9d1e9d264591347c64df585e921053c714b9306befde05cfe6 Loading...

	pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true	31 kB	2023-03-07	2024-02-06
Pretty URL pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:05 Last Seen2024-02-06 20:59:50 Times Seen125 Hash 082008cf87ed5081440e78698f3fea4b aba52d0908b5fc28f2e222a601783170505ef688 29372b162335dd10e58c65543b10b6955373688fd2033523ec067616bd335ad4 Loading...

HTTP Transactions (47)

URL IP Response Size

ujn.nowsubmission.com/?kw=43588&s1=d8a1267f97a34f6f85a91cb4e332ed3e1e1bf&s2=

45.77.107.183

301 Moved Permanently

0 B

URL HTTP/1.1
ujn.nowsubmission.com/?kw=43588&s1=d8a1267f97a34f6f85a91cb4e332ed3e1e1bf&s2=
IP
45.77.107.183:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?kw=43588&s1=d8a1267f97a34f6f85a91cb4e332ed3e1e1bf&s2= HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://ujn.nowsubmission.com/?kw=43588&s1=d8a1267f97a34f6f85a91cb4e332ed3e1e1bf&s2=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9265
Expires: Fri, 31 Mar 2023 22:32:57 GMT
Date: Fri, 31 Mar 2023 19:58:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6247
Expires: Fri, 31 Mar 2023 21:42:39 GMT
Date: Fri, 31 Mar 2023 19:58:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 19:16:12 GMT
content-type: application/json
age: 2540
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
374c9e295a804e605c402f48ae7e2446
967394b36ecdff2dd32842f878887f061024c6b3
7652dfcb9e2d620ce1d033be8ecc53166d2881154c15decd60899415e5ac2706

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7652DFCB9E2D620CE1D033BE8ECC53166D2881154C15DECD60899415E5AC2706"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20199
Expires: Sat, 01 Apr 2023 01:35:11 GMT
Date: Fri, 31 Mar 2023 19:58:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: kjvoxTXu4LOP8KQW7z8zB0DVvSo1hF/5C3+i+IkWyPyxMtpgxJucoSJ2y6CEIIb7a+HSwWuoJII=
x-amz-request-id: FBD8M07Y38TM5J3J
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 19:03:27 GMT
age: 3305
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 19:58:32 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
628d1c2fba6051ddae23b3dbd01ab843
ea408d9b83258c8bbdeb64490cf6985d5929e767
d9e11bd564e3e5d4b88d4f28f887f3c93d6d314a2617f9813b26fc51703ad9a5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9E11BD564E3E5D4B88D4F28F887F3C93D6D314A2617F9813B26FC51703AD9A5"
Last-Modified: Thu, 30 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Sat, 01 Apr 2023 01:57:47 GMT
Date: Fri, 31 Mar 2023 19:58:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Expires, Cache-Control, Content-Length, Retry-After, Last-Modified, Pragma, ETag, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 19:14:39 GMT
age: 2633
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3df8c73360b4239af64e11f9d2388be
dc5463ff26615b40e4eab388052790d6c30ea5e6
877b23d16abf2e0e9f649f53747e82af0b75e8595abd71728254e612847cfdb6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "877B23D16ABF2E0E9F649F53747E82AF0B75E8595ABD71728254E612847CFDB6"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13838
Expires: Fri, 31 Mar 2023 23:49:10 GMT
Date: Fri, 31 Mar 2023 19:58:32 GMT
Connection: keep-alive

push.services.mozilla.com/

44.230.121.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.230.121.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZtkTIFB4LGS0R+4CytKXag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lD77quj4Y2n4JT8BDGMCR0qAkU4=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4866
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 19:58:34 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4866
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 19:58:34 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4866
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 19:58:34 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4866
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 19:58:34 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4866
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 19:58:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6380 bytes)
Hash
8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: L6tgzFrj9t69Rnfd9bziAPiROAX0tvcj9Kcg8sXkto8qRFeKqiwkpg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:17:06 GMT
age: 78088
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10271 bytes)
Hash
424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:48:08 GMT
age: 79826
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 10:41:48 GMT
age: 33406
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10490 bytes)
Hash
0530376e431b6563796e4abb0db0bc4e
6921f4bd83a806e1ea8247854ad4c045fa7ee298
d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnTEztoAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jl5cQc_Zqq5xNDMcs5jRHb3HBIjuucl-JHF126hInXrOfv_CG-UqSg==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:18:02 GMT
age: 78032
etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11061 bytes)
Hash
39bdd16276747b1445a79e674a2a3347
d0676f63738484298a78b7abf7e4934c3d256065
67aa526299060c2a39c4baa10fd03f121497dccd5e765676639ed73ac529c34b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11061
x-amzn-requestid: 428128ec-c441-4ff7-9c84-880a01672b00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVFnFf0IAMFTvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260223-185c48300f161931310fa35f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: gc77o7y-moH1HuMEZFe9-00DVAda9baa-5VEPlMA4SIZDJNzQ8jUlA==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
etag: "d0676f63738484298a78b7abf7e4934c3d256065"
content-type: image/jpeg
age: 79844
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5806 bytes)
Hash
8600e41520408df4865627256a0a0736
dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef
9163d80d7b6087b804e6682a50d4f66339d339894cf1c5808f2e5c2e0b3de930

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5806
x-amzn-requestid: cee5b166-592b-405e-b5f1-e36eb249ec59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllFFooAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-01840fa47177285667bca060;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: WnrfQr57EWYnXt1xJt9tr5XCuM3gPYULlDdEVpv2Q2kz7MDIPxSPKA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
age: 79844
etag: "dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ujn.nowsubmission.com/?kw=43588&s1=d8a1267f97a34f6f85a91cb4e332ed3e1e1bf&s2=

45.77.107.183

302 Found

722 B

URL HTTP/1.1
ujn.nowsubmission.com/?kw=43588&s1=d8a1267f97a34f6f85a91cb4e332ed3e1e1bf&s2=
IP
45.77.107.183:0
ASN
#20473 AS-CHOOPA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
722 B (722 bytes)
Hash
15fdf59528d6b060ac9f5476920379c1
a8fe112c982cdc42c32026c6761725f5e3af58c1
94ec677d4c065891509763ca9f47e7403b8f8a4a9a6a908f08ac9e6834b661b3

HTTP Headers

GET /?kw=43588&s1=d8a1267f97a34f6f85a91cb4e332ed3e1e1bf&s2= HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
date: Fri, 31 Mar 2023 19:58:34 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
x-redir: true
set-cookie: yredir_session=eyJpdiI6InFEL0VEQ0FLQ2s4VVQxaHFIMVhyQWc9PSIsInZhbHVlIjoiNzlNK1hkcE5oVGNRVDVCMEI4c1hkV3NzY1hqUXZFeldUWGw0bW82RktvZTJFUzFxUXh6c2ZsV2dHdTd6TjUzMlJmd1FRMDdjMWxnUjVuclI0Z25FajhFRGRsMHJ1WmRNU0R3anB3NXowWS9leXNnSDZpR1V4Z2IrelB3WVpSbnIiLCJtYWMiOiI2OWJjNzk1M2IwNGQ3YWU0M2IwMjViOWE5MmM1N2Q3MmY5Nzg1ODFiZWIzNGFkYzRmYzYzMDlkNjE4ZTBjNmIzIiwidGFnIjoiIn0%3D; expires=Fri, 31-Mar-2023 21:58:34 GMT; path=/; httponly; samesite=lax
server: swoole-http-server
strict-transport-security: max-age=15768000

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4548ea859c2eaf32f612ae60101b8fdc
37545f5b3d1573079f38008c708ccc9bb39e9606
4577f541b079bec5c362d2b5fd4d8e011f43e770c42095188e4d9882d8949d94

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4577F541B079BEC5C362D2B5FD4D8E011F43E770C42095188E4D9882D8949D94"
Last-Modified: Fri, 31 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Sat, 01 Apr 2023 01:58:05 GMT
Date: Fri, 31 Mar 2023 19:58:35 GMT
Connection: keep-alive

ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f

179.61.143.125

200 OK

14 kB

URL HTTP/1.1
ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (738)
Size
14 kB (14068 bytes)
Hash
1329391e6c6d38fccc20209d91e9ca0e
32f41601c802ec196a7a96da4e8b47b34cb1967c
0af9f53a7b8499cfd0e98b3fce2bfb7c9235271dfaa0133cb6c629ecc5080838

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Fri, 31 Mar 2023 19:58:35 GMT
x-redir: true
set-cookie: yredir_session=eyJpdiI6IkpHME1KT3lrSnQvVWNvb3NxN3NBdlE9PSIsInZhbHVlIjoic2xsV3cxT2VrdFYxdHFKaE5kWTVoMkFaQStYcEtScXdQSktLVXFjOEtncHg2ZFdrcEhXa0NMMnU4M1pvTWNmakpUaUJuSGxsK3RNdW50bXcrMkZqdG5zVEphSi8zTHFMemVwdHljT1d6bWhCTm1jL1FiUDZZeUdoTUdUNE1DdjUiLCJtYWMiOiJmN2I1Yzc1NzQxN2JiYjdkZTJmYWNmY2RkYThhOTQ2NzlmZDRiMzViZTM3ZmNhYmIyM2IxMGRmNzAzNjFmZDMyIiwidGFnIjoiIn0%3D; expires=Fri, 31-Mar-2023 21:58:35 GMT; path=/; httponly; samesite=lax
transfer-encoding: chunked
strict-transport-security: max-age=15768000

code.jquery.com/jquery-1.11.3.min.js

69.16.175.42

200 OK

33 kB

URL HTTP/2
code.jquery.com/jquery-1.11.3.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32038)
Size
33 kB (33261 bytes)
Hash
1c8acbf5f411ace3b76578a1fd1a603e
b1bbee9db24d885c25afd2e5a7720e4f79b6b991
e37464521b5447580a641b775ddb258a76f3bc7a3ca5a34eb452b12908b350a9

HTTP Headers

GET /jquery-1.11.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 19:58:35 GMT
content-encoding: gzip
content-length: 33261
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-176d5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680292715.dop001.sk1.t,1680292715.cds247.sk1.hn,1680292715.cds216.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e2d5e4593c830bd9a297e9d820fce16b
a48bacab5839fbc2a379e0e1f8703da462f3c31d
c273a26e5fb94b4aa7c494bd09daf02419f99307f90de3891951535ae93e8028

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 19:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e2d5e4593c830bd9a297e9d820fce16b
a48bacab5839fbc2a379e0e1f8703da462f3c31d
c273a26e5fb94b4aa7c494bd09daf02419f99307f90de3891951535ae93e8028

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 19:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

172.217.21.170

200 OK

33 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32072)
Size
33 kB (32954 bytes)
Hash
d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd

HTTP Headers

GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 11:27:19 GMT
expires: Wed, 27 Mar 2024 11:27:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 289876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ac29d7d71ef6c0cc7547974c8c4f7b
29108a8370757ef63f347d1fd2ae696f5842342c
3371093d6dab54c7c3b612e3774435f0a592bee4e40fbcc2edd55d29d7715c26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 19:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/css/style.css

179.61.143.125

200 OK

25 kB

URL HTTP/1.1
ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/css/style.css
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
ASCII text
Size
25 kB (25401 bytes)
Hash
bc84bd3caee9a7b227a5054179477e02
bc1b53ceedb9b91f4d4bec2037126b4d05c20912
d86b239f3ad7fc29593df1655848824493b2299a203c9be2f67adae10f94309e

HTTP Headers

GET /templates/templates/spin-casino_MASTER/css/style.css HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
Cookie: yredir_session=eyJpdiI6IkpHME1KT3lrSnQvVWNvb3NxN3NBdlE9PSIsInZhbHVlIjoic2xsV3cxT2VrdFYxdHFKaE5kWTVoMkFaQStYcEtScXdQSktLVXFjOEtncHg2ZFdrcEhXa0NMMnU4M1pvTWNmakpUaUJuSGxsK3RNdW50bXcrMkZqdG5zVEphSi8zTHFMemVwdHljT1d6bWhCTm1jL1FiUDZZeUdoTUdUNE1DdjUiLCJtYWMiOiJmN2I1Yzc1NzQxN2JiYjdkZTJmYWNmY2RkYThhOTQ2NzlmZDRiMzViZTM3ZmNhYmIyM2IxMGRmNzAzNjFmZDMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Mon, 27 Mar 2023 19:20:41 GMT
last-modified: Mon, 27 Mar 2023 19:03:27 GMT
etag: "bc84bd3caee9a7b227a5054179477e02"
x-amz-server-side-encryption: AES256
content-type: text/css
content-length: 25401
x-varnish: 3668222 163848
age: 347874
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ac29d7d71ef6c0cc7547974c8c4f7b
29108a8370757ef63f347d1fd2ae696f5842342c
3371093d6dab54c7c3b612e3774435f0a592bee4e40fbcc2edd55d29d7715c26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 19:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ujn.loopswiftlinks.com/o/2XXQ6DLP/6b6af972-cffe-11ed-b3c4-337ad67a54ea/?push=true

179.61.143.125

302 Found

818 B

URL HTTP/1.1
ujn.loopswiftlinks.com/o/2XXQ6DLP/6b6af972-cffe-11ed-b3c4-337ad67a54ea/?push=true
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325)
Size
818 B (818 bytes)
Hash
e978e87cd89a8c171f72a335158fccbb
43e12fb070561f16119e8371361293e5822efe23
4687a09ec8254e9a8b08b289a5ebff0338cb57e723e9546630da5045387d1290

HTTP Headers

GET /o/2XXQ6DLP/6b6af972-cffe-11ed-b3c4-337ad67a54ea/?push=true HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
Cookie: yredir_session=eyJpdiI6IkpHME1KT3lrSnQvVWNvb3NxN3NBdlE9PSIsInZhbHVlIjoic2xsV3cxT2VrdFYxdHFKaE5kWTVoMkFaQStYcEtScXdQSktLVXFjOEtncHg2ZFdrcEhXa0NMMnU4M1pvTWNmakpUaUJuSGxsK3RNdW50bXcrMkZqdG5zVEphSi8zTHFMemVwdHljT1d6bWhCTm1jL1FiUDZZeUdoTUdUNE1DdjUiLCJtYWMiOiJmN2I1Yzc1NzQxN2JiYjdkZTJmYWNmY2RkYThhOTQ2NzlmZDRiMzViZTM3ZmNhYmIyM2IxMGRmNzAzNjFmZDMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
cache-control: no-cache, private
date: Fri, 31 Mar 2023 19:58:35 GMT
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=6c071e9c-cffe-11ed-8737-5355934b8cd1&&push=true
content-type: text/html; charset=UTF-8
x-redir: true
set-cookie: yredir_session=eyJpdiI6IlJ2M3VQZ3R2UGRpOHhrS3BjZW5tRVE9PSIsInZhbHVlIjoiZFh3SG4xVDdDZDFpVG51aHljM3pKZU5nUytyWm1XaERFb0c0MmVrVnkvS3p3dTZDYmRvTjJEUlZWOWZ2VkRGbElOWjZaVEpaRnJiRXBGVTYwTE9BeHVaeG1OR0YvNXd2eUQzbDIvNWszL28vemxHYnpBVFRNdmdkVVVPYVNRQnUiLCJtYWMiOiJiYjFiMjc2YWQwZTFjYjU5NjE4ZjAwNWNlODJhMDllMjE4ZjI2NjZiODlkMjQyNjE0ODM1ODc2OTE2N2I1MTZhIiwidGFnIjoiIn0%3D; expires=Fri, 31-Mar-2023 21:58:35 GMT; path=/; httponly; samesite=lax
transfer-encoding: chunked
strict-transport-security: max-age=15768000

ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/loader.gif

179.61.143.125

200 OK

2.9 kB

URL HTTP/1.1
ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/loader.gif
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
GIF image data, version 89a, 128 x 15\012- data
Size
2.9 kB (2892 bytes)
Hash
35de537ece3bfee3ab3f7af4c19e2151
9139201df5d36e1b2b9a8a6566683c95a49e0006
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/loader.gif HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
Cookie: yredir_session=eyJpdiI6IkpHME1KT3lrSnQvVWNvb3NxN3NBdlE9PSIsInZhbHVlIjoic2xsV3cxT2VrdFYxdHFKaE5kWTVoMkFaQStYcEtScXdQSktLVXFjOEtncHg2ZFdrcEhXa0NMMnU4M1pvTWNmakpUaUJuSGxsK3RNdW50bXcrMkZqdG5zVEphSi8zTHFMemVwdHljT1d6bWhCTm1jL1FiUDZZeUdoTUdUNE1DdjUiLCJtYWMiOiJmN2I1Yzc1NzQxN2JiYjdkZTJmYWNmY2RkYThhOTQ2NzlmZDRiMzViZTM3ZmNhYmIyM2IxMGRmNzAzNjFmZDMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Mon, 27 Mar 2023 19:20:40 GMT
last-modified: Mon, 27 Mar 2023 19:03:28 GMT
etag: "35de537ece3bfee3ab3f7af4c19e2151"
x-amz-server-side-encryption: AES256
content-type: image/gif
content-length: 2892
x-varnish: 3693712 163845
age: 347876
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/overlay2.png

179.61.143.125

200 OK

19 kB

URL HTTP/1.1
ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/overlay2.png
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
PNG image data, 300 x 325, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18646 bytes)
Hash
90f8155b00c6e9ec624a12e8a67bd264
fbf3b21af8cc2c2d44879f19f5893dbe696113f1
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/overlay2.png HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
Cookie: yredir_session=eyJpdiI6IkpHME1KT3lrSnQvVWNvb3NxN3NBdlE9PSIsInZhbHVlIjoic2xsV3cxT2VrdFYxdHFKaE5kWTVoMkFaQStYcEtScXdQSktLVXFjOEtncHg2ZFdrcEhXa0NMMnU4M1pvTWNmakpUaUJuSGxsK3RNdW50bXcrMkZqdG5zVEphSi8zTHFMemVwdHljT1d6bWhCTm1jL1FiUDZZeUdoTUdUNE1DdjUiLCJtYWMiOiJmN2I1Yzc1NzQxN2JiYjdkZTJmYWNmY2RkYThhOTQ2NzlmZDRiMzViZTM3ZmNhYmIyM2IxMGRmNzAzNjFmZDMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Mon, 27 Mar 2023 19:20:43 GMT
last-modified: Mon, 27 Mar 2023 19:03:28 GMT
etag: "90f8155b00c6e9ec624a12e8a67bd264"
x-amz-server-side-encryption: AES256
content-type: image/png
content-length: 18646
x-varnish: 3966344 196614
age: 347873
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/overlay.png

179.61.143.125

200 OK

19 kB

URL HTTP/1.1
ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/overlay.png
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
PNG image data, 300 x 325, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18661 bytes)
Hash
a3f2c95451c2201b26033d755a0164c9
f150487dacf8607e49c31abebaf034e34ef8e8aa
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/overlay.png HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
Cookie: yredir_session=eyJpdiI6IkpHME1KT3lrSnQvVWNvb3NxN3NBdlE9PSIsInZhbHVlIjoic2xsV3cxT2VrdFYxdHFKaE5kWTVoMkFaQStYcEtScXdQSktLVXFjOEtncHg2ZFdrcEhXa0NMMnU4M1pvTWNmakpUaUJuSGxsK3RNdW50bXcrMkZqdG5zVEphSi8zTHFMemVwdHljT1d6bWhCTm1jL1FiUDZZeUdoTUdUNE1DdjUiLCJtYWMiOiJmN2I1Yzc1NzQxN2JiYjdkZTJmYWNmY2RkYThhOTQ2NzlmZDRiMzViZTM3ZmNhYmIyM2IxMGRmNzAzNjFmZDMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Mon, 27 Mar 2023 19:20:42 GMT
last-modified: Mon, 27 Mar 2023 19:03:28 GMT
etag: "a3f2c95451c2201b26033d755a0164c9"
x-amz-server-side-encryption: AES256
content-type: image/png
content-length: 18661
x-varnish: 3811839 163855
age: 347874
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/spin1.png

179.61.143.125

200 OK

85 kB

URL HTTP/1.1
ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/spin1.png
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
PNG image data, 639 x 479, 8-bit/color RGBA, non-interlaced\012- data
Size
85 kB (85123 bytes)
Hash
827076646858c6cc499ec675c45b147d
4b6bf3459af50ba8db76d31f9dc3876b50a4c5fe
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/spin1.png HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
Cookie: yredir_session=eyJpdiI6IkpHME1KT3lrSnQvVWNvb3NxN3NBdlE9PSIsInZhbHVlIjoic2xsV3cxT2VrdFYxdHFKaE5kWTVoMkFaQStYcEtScXdQSktLVXFjOEtncHg2ZFdrcEhXa0NMMnU4M1pvTWNmakpUaUJuSGxsK3RNdW50bXcrMkZqdG5zVEphSi8zTHFMemVwdHljT1d6bWhCTm1jL1FiUDZZeUdoTUdUNE1DdjUiLCJtYWMiOiJmN2I1Yzc1NzQxN2JiYjdkZTJmYWNmY2RkYThhOTQ2NzlmZDRiMzViZTM3ZmNhYmIyM2IxMGRmNzAzNjFmZDMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Mon, 27 Mar 2023 19:20:43 GMT
last-modified: Mon, 27 Mar 2023 19:03:28 GMT
etag: "827076646858c6cc499ec675c45b147d"
x-amz-server-side-encryption: AES256
content-type: image/png
content-length: 85123
x-varnish: 3668223 65547
age: 347873
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5ac54bb3628890e12111d64757053dac
882c767217269bad8ce48c525f3fc09b0b463524
c1ad6c172550ea4fe7b49ec5f913099a74b95f887cb31bfde78e4895b016bc01

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 19:58:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png

179.61.143.125

200 OK

171 kB

URL HTTP/1.1
ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
PNG image data, 142 x 7733, 8-bit colormap, non-interlaced\012- data
Size
171 kB (171408 bytes)
Hash
276c26514be610b5c6fa413756b33671
43c532ff2dc2ce6ed8360fc5d05116b222036e4b
453150bf90ff9debe217f3734a4d3cf4bf6ed9017635d4f2d867096132ad4e28

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
Cookie: yredir_session=eyJpdiI6IkpHME1KT3lrSnQvVWNvb3NxN3NBdlE9PSIsInZhbHVlIjoic2xsV3cxT2VrdFYxdHFKaE5kWTVoMkFaQStYcEtScXdQSktLVXFjOEtncHg2ZFdrcEhXa0NMMnU4M1pvTWNmakpUaUJuSGxsK3RNdW50bXcrMkZqdG5zVEphSi8zTHFMemVwdHljT1d6bWhCTm1jL1FiUDZZeUdoTUdUNE1DdjUiLCJtYWMiOiJmN2I1Yzc1NzQxN2JiYjdkZTJmYWNmY2RkYThhOTQ2NzlmZDRiMzViZTM3ZmNhYmIyM2IxMGRmNzAzNjFmZDMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Mon, 27 Mar 2023 19:44:51 GMT
last-modified: Mon, 27 Mar 2023 19:03:28 GMT
etag: "276c26514be610b5c6fa413756b33671"
x-amz-server-side-encryption: AES256
content-type: image/png
content-length: 171408
x-varnish: 3878426 1288
age: 346425
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/spin2.png

179.61.143.125

200 OK

88 kB

URL HTTP/1.1
ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/spin2.png
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
PNG image data, 639 x 479, 8-bit/color RGBA, non-interlaced\012- data
Size
88 kB (88130 bytes)
Hash
f12f850a9ec2daa0b2dbb07e11252122
012a03ac053a0367ef9cdb76685a77d61f3d8a22
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/spin2.png HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
Cookie: yredir_session=eyJpdiI6IkpHME1KT3lrSnQvVWNvb3NxN3NBdlE9PSIsInZhbHVlIjoic2xsV3cxT2VrdFYxdHFKaE5kWTVoMkFaQStYcEtScXdQSktLVXFjOEtncHg2ZFdrcEhXa0NMMnU4M1pvTWNmakpUaUJuSGxsK3RNdW50bXcrMkZqdG5zVEphSi8zTHFMemVwdHljT1d6bWhCTm1jL1FiUDZZeUdoTUdUNE1DdjUiLCJtYWMiOiJmN2I1Yzc1NzQxN2JiYjdkZTJmYWNmY2RkYThhOTQ2NzlmZDRiMzViZTM3ZmNhYmIyM2IxMGRmNzAzNjFmZDMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Mon, 27 Mar 2023 19:20:43 GMT
last-modified: Mon, 27 Mar 2023 19:03:28 GMT
etag: "f12f850a9ec2daa0b2dbb07e11252122"
x-amz-server-side-encryption: AES256
content-type: image/png
content-length: 88130
x-varnish: 3598552 98314
age: 347873
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size
16 kB (15700 bytes)
Hash
3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

HTTP Headers

GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ujn.loopswiftlinks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:32:57 GMT
expires: Wed, 27 Mar 2024 10:32:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
age: 293139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif

179.61.143.125

200 OK

23 kB

URL HTTP/1.1
ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
GIF image data, version 89a, 500 x 150\012- data
Size
23 kB (23095 bytes)
Hash
f79f189bde401dfac7723f7c963d0ef8
83530e9d6248767d661c4996c14414621c857ed6
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/templates/templates/spin-casino_MASTER/css/style.css
Cookie: yredir_session=eyJpdiI6IlJ2M3VQZ3R2UGRpOHhrS3BjZW5tRVE9PSIsInZhbHVlIjoiZFh3SG4xVDdDZDFpVG51aHljM3pKZU5nUytyWm1XaERFb0c0MmVrVnkvS3p3dTZDYmRvTjJEUlZWOWZ2VkRGbElOWjZaVEpaRnJiRXBGVTYwTE9BeHVaeG1OR0YvNXd2eUQzbDIvNWszL28vemxHYnpBVFRNdmdkVVVPYVNRQnUiLCJtYWMiOiJiYjFiMjc2YWQwZTFjYjU5NjE4ZjAwNWNlODJhMDllMjE4ZjI2NjZiODlkMjQyNjE0ODM1ODc2OTE2N2I1MTZhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Mon, 27 Mar 2023 19:20:41 GMT
last-modified: Mon, 27 Mar 2023 19:03:27 GMT
etag: "f79f189bde401dfac7723f7c963d0ef8"
x-amz-server-side-encryption: AES256
content-type: image/gif
content-length: 23095
x-varnish: 3598553 65542
age: 347876
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5ac54bb3628890e12111d64757053dac
882c767217269bad8ce48c525f3fc09b0b463524
c1ad6c172550ea4fe7b49ec5f913099a74b95f887cb31bfde78e4895b016bc01

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 19:58:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ujn.loopswiftlinks.com/_common/js/service-workers/neptuneads/service-worker.js

179.61.143.125

200 OK

90 B

URL HTTP/1.1
ujn.loopswiftlinks.com/_common/js/service-workers/neptuneads/service-worker.js
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
ASCII text, with no line terminators
Size
90 B (90 bytes)
Hash
1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6IlJ2M3VQZ3R2UGRpOHhrS3BjZW5tRVE9PSIsInZhbHVlIjoiZFh3SG4xVDdDZDFpVG51aHljM3pKZU5nUytyWm1XaERFb0c0MmVrVnkvS3p3dTZDYmRvTjJEUlZWOWZ2VkRGbElOWjZaVEpaRnJiRXBGVTYwTE9BeHVaeG1OR0YvNXd2eUQzbDIvNWszL28vemxHYnpBVFRNdmdkVVVPYVNRQnUiLCJtYWMiOiJiYjFiMjc2YWQwZTFjYjU5NjE4ZjAwNWNlODJhMDllMjE4ZjI2NjZiODlkMjQyNjE0ODM1ODc2OTE2N2I1MTZhIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=1e93d008-f6a8-5009-5f6b-bffc2b033af6
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Mon, 27 Mar 2023 19:20:38 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 3966345 3
age: 347878
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.loopswiftlinks.com/favicon.ico

179.61.143.125

403 Forbidden

243 B

URL HTTP/1.1
ujn.loopswiftlinks.com/favicon.ico
IP
179.61.143.125:0
ASN
#61317 Ipxo Uk Limited

File type
XML 1.0 document text\012- XML document, ASCII text
Size
243 B (243 bytes)
Hash
9704275905e2b760f8f66331c8622a45
b040e944fae1e38350ce7bc79d37356f57eaf317
add14751fefaa3e2216aa72c6077d1ee1fcfdc4d729b25214ed15eb2b2aff10f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ujn.loopswiftlinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/t/8f0d93c8664e/6b6af972-cffe-11ed-b3c4-337ad67a54ea/6b701aa6-cffe-11ed-be2c-354000e1c91f
Cookie: yredir_session=eyJpdiI6IlJ2M3VQZ3R2UGRpOHhrS3BjZW5tRVE9PSIsInZhbHVlIjoiZFh3SG4xVDdDZDFpVG51aHljM3pKZU5nUytyWm1XaERFb0c0MmVrVnkvS3p3dTZDYmRvTjJEUlZWOWZ2VkRGbElOWjZaVEpaRnJiRXBGVTYwTE9BeHVaeG1OR0YvNXd2eUQzbDIvNWszL28vemxHYnpBVFRNdmdkVVVPYVNRQnUiLCJtYWMiOiJiYjFiMjc2YWQwZTFjYjU5NjE4ZjAwNWNlODJhMDllMjE4ZjI2NjZiODlkMjQyNjE0ODM1ODc2OTE2N2I1MTZhIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=1e93d008-f6a8-5009-5f6b-bffc2b033af6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 403 Forbidden
content-type: application/xml
date: Mon, 27 Mar 2023 19:20:43 GMT
x-varnish: 3811842 131081
age: 347872
via: 1.1 varnish (Varnish/7.0)
content-length: 243
strict-transport-security: max-age=15768000

fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700

142.250.74.138

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto+Condensed%7COpen+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.loopswiftlinks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 31 Mar 2023 19:58:35 GMT
date: Fri, 31 Mar 2023 19:58:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=6c071e9c-cffe-11ed-8737-5355934b8cd1&&push=true

172.64.129.25

200 OK

0 B

URL HTTP/2
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=6c071e9c-cffe-11ed-8737-5355934b8cd1&&push=true
IP
172.64.129.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=6c071e9c-cffe-11ed-8737-5355934b8cd1&&push=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujn.loopswiftlinks.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 19:58:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Fri, 31 Mar 2023 19:58:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GP2IN5fhYpo9Hm2WGZ7LeNUcRZwKmd7a0CXIMnxYUs41BsYUOYnF9jgY%2FyiuLdwFjey8frSSzsmc8dV6x%2BMBBigmHseyyER9hTE6CrghWDMw3JvA3Ns178EALvoIefZUowekdhFgSafR%2F7ilsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0b2b03e9e788c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML