Report - cddtsecure.com/?a=43588&c=318080&co=91932&mt=18&s2=UVq2ApBmJjSwS22raDTHrx

Report Overview

Submitted URL
cddtsecure.com/?a=43588&c=318080&co=91932&mt=18&s2=UVq2ApBmJjSwS22raDTHrx
IP
54.154.212.179
ASN
#16509 AMAZON-02
Submitted
2023-03-25 23:08:27
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ujn.nowsubmission.com	unknown	2022-06-14T03:33:32Z	2023-03-29T05:11:06Z	13 kB	631 kB	179.61.143.121
pushrev.neptuneadspush.com	160570	2019-02-14T12:19:32Z	2023-03-28T12:55:52Z	460 B	758 B	172.64.129.25
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	423 B	1.9 kB	172.217.21.170
pushlite.neptuneadspush.com	15613	2019-03-08T13:45:39Z	2023-03-29T17:59:18Z	388 B	738 B	172.64.129.25
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
cddtsecure.com	unknown	2021-12-09T12:53:46Z	2023-03-29T05:10:56Z	404 B	4.4 kB	54.154.212.179
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-29T05:20:03Z	377 B	34 kB	69.16.175.42
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	1.7 kB	3.5 kB	216.58.211.3
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	34.213.220.137
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-29T10:10:07Z	398 B	34 kB	216.58.207.202
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	508 B	16 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	51 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-25	medium	ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a	Phishing
2023-03-25	medium	ujn.nowsubmission.com/o/2XXQ6DLP/ed86755e-cb61-11ed-bbbe-930271cc50b9/?push=true	Phishing
2023-03-25	medium	ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js	Phishing
2023-03-25	medium	ujn.nowsubmission.com/livewire/livewire.js?id=90730a3b0e7144480175	Phishing
2023-03-25	medium	ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a	559 B	2023-03-07	2024-02-20
Pretty URL ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a IP 179.61.143.121 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:53 Last Seen2024-02-20 08:43:07 Times Seen225 Hash facb6be6d205d591a961eeb6ae6a6032 cf931260828e3287c5ee540dad6865358f10382d e24c922fce3c989c61a36a1b378d9a0443b441d7bbf2ded71b7d7aa8c0b13dfb Loading...

	pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true	31 kB	2023-03-07	2024-02-06
Pretty URL pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:05 Last Seen2024-02-06 20:59:50 Times Seen125 Hash 082008cf87ed5081440e78698f3fea4b aba52d0908b5fc28f2e222a601783170505ef688 29372b162335dd10e58c65543b10b6955373688fd2033523ec067616bd335ad4 Loading...

	ujn.nowsubmission.com/livewire/livewire.js?id=90730a3b0e7144480175	175 kB	2023-03-25	2024-04-18
Pretty URL ujn.nowsubmission.com/livewire/livewire.js?id=90730a3b0e7144480175 IP 179.61.143.121 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:43:16 Last Seen2024-04-18 13:59:21 Times Seen1066 Hash 0e377e741f7d57da94c0d5aed41693cd f2619196a61c34b00491f62774a84f778134b974 38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be Loading...

	code.jquery.com/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-04-19
Pretty URL code.jquery.com/jquery-1.11.3.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-04-19 12:06:59 Times Seen10300 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js	93 kB	2023-03-07	2024-04-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 13:22:04 Times Seen16763 Hash e0e0559014b222245deb26b6ae8bd940 e2f3603e23711f6446f278a411d905623d65201e 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Loading...

	ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a	1.5 kB	2023-03-07	2023-11-03
Pretty URL ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a IP 179.61.143.121 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:53 Last Seen2023-11-03 08:13:07 Times Seen205 Hash f9bee39f8fab5c1968a8ee1eea700a07 8db4440fbd23c8ffe925f93a635ae9326e128400 42037e26c90e9b6e7063479a94f42419107c785b42cb2982968f91bf2170b394 Loading...

	ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a	4.0 kB	2023-03-29	2023-03-29
Pretty URL ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a IP 179.61.143.121 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:39:07 Last Seen2023-03-29 22:39:07 Times Seen1 Hash 2d0af68d7f1ce386afa6ac851893310e 8d9c19c8ec4bc7f7d8f245d94e5a505b8351a052 d03858f42fd31162c753c58921390455a5a717e5be00aa5d7b825d50ba6a4f71 Loading...

	ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a	585 B	2023-03-07	2023-11-03
Pretty URL ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a IP 179.61.143.121 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:53 Last Seen2023-11-03 08:13:07 Times Seen205 Hash d403e2ac626e1fd36cddfbba4fe79bae 49e2f56fc6e17b6ed6070544fea1dab2e51e796d 82da2e2b85e9faaab54c4930face8afffed23e92b25b4ad9bf4d87514274e499 Loading...

	ujn.nowsubmission.com/o/2XXQ6DLP/ed86755e-cb61-11ed-bbbe-930271cc50b9/?push=true	1.1 kB	2023-03-29	2023-03-29
Pretty URL ujn.nowsubmission.com/o/2XXQ6DLP/ed86755e-cb61-11ed-bbbe-930271cc50b9/?push=true IP 179.61.143.121 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:39:07 Last Seen2023-03-29 22:39:07 Times Seen1 Hash c09e366811a2e833d60d832518d342d9 ba0c679cd7b4f7ea3fdcdea99187b455ddbf6c52 19b6ab8fab169b6f7ccbfd159f3b2bb09db8c13cf3a249f2872c2e6de2d30cba Loading...

	ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a	379 B	2023-03-29	2023-03-29
Pretty URL ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a IP 179.61.143.121 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:39:07 Last Seen2023-03-29 22:39:07 Times Seen1 Hash d56f22164d1798a87cfc6651d2fdedcf b0fd2674ba5bff021ebe86757a501ed1e720b179 25741c484cf935a9d85a7df67003c1f298d6ab308562f7f84142f9610f1e68bc Loading...

	ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a	539 B	2023-03-29	2023-03-29
Pretty URL ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a IP 179.61.143.121 ASN #61317 Ipxo Uk Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:39:07 Last Seen2023-03-29 22:39:07 Times Seen1 Hash 60fb1cc6b34d31eb815fd636ac2c45c2 0ffb07b6bb7d0eb918ca0ab86e41ac71d28a6efd 4a6eadf51baee1f3b58673051c517ed0f638e2b19ccf5087202ad2343c7f4fbd Loading...

HTTP Transactions (46)

URL IP Response Size

cddtsecure.com/?a=43588&c=318080&co=91932&mt=18&s2=UVq2ApBmJjSwS22raDTHrx

54.154.212.179

302 Found

243 B

URL HTTP/1.1
cddtsecure.com/?a=43588&c=318080&co=91932&mt=18&s2=UVq2ApBmJjSwS22raDTHrx
IP
54.154.212.179:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
243 B (243 bytes)
Hash
e972885a14b7ea26669141f79e0c5576
70736772b48dc20f9388e0904e36248efa129425
893cd376518a5018acfb98ff267f0fa04be3bc92b2393cd20454aff082f46a12

HTTP Headers

GET /?a=43588&c=318080&co=91932&mt=18&s2=UVq2ApBmJjSwS22raDTHrx HTTP/1.1
Host: cddtsecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sat, 25 Mar 2023 23:08:16 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: gdm_click_freq_v2_1_001=bfK8z5UDo04kDjzc8YCbxhsnK2uYnJ94WwQuiD3K6E/WFKh1nFt5UuKL7bh54ap1; Domain=.cddtsecure.com; Expires=Fri, 23-Jun-2023 23:08:16 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=E3VPKVLDB0p+gPYCS5pFhusfrhdjykEgczpjqnR40vASbFI0E/kB0i7L/rwCmh8G; Domain=.cddtsecure.com; Expires=Fri, 23-Jun-2023 23:08:16 GMT; Path=/; Secure; SameSite=None
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cddtsecure.com; Expires=Fri, 23-Jun-2023 23:08:16 GMT; Path=/; Secure; SameSite=None
gdm_uid_v1_1_001=E3VPKVLDB0p+gPYCS5pFhusfrhdjykEgczpjqnR40vASbFI0E/kB0i7L/rwCmh8G; Domain=.cddtsecure.com; Expires=Fri, 23-Jun-2023 23:08:16 GMT; Path=/
gdm_click_adv_freq_v2_1_001=B6XtSNf0/Fok3GcB4BTdMugTHIwyUV4LI3Iekd0LeU0RvqfLLQn7tvTROWD8euZn; Domain=.cddtsecure.com; Expires=Fri, 23-Jun-2023 23:08:16 GMT; Path=/; Secure; SameSite=None
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cddtsecure.com; Expires=Fri, 23-Jun-2023 23:08:16 GMT; Path=/
gdm_click_adv_freq_v1_1_001=B6XtSNf0/Fok3GcB4BTdMugTHIwyUV4LI3Iekd0LeU0RvqfLLQn7tvTROWD8euZn; Domain=.cddtsecure.com; Expires=Fri, 23-Jun-2023 23:08:16 GMT; Path=/
gdm_sid_v2_3_001=UmDgq9nG8+xJktCQuknlu+WFieZn+YyYztCCcBmrMvyXUyoUEHV0J3H1MLtdVX1phZUA/mxFz+ec4qWO0wsuKNhk6O7ZpMX6VFshFHMZHsCx1McvbYcDPGsi6mEvuYleqepghvCgQnWTE6ZkSClpB1Ff3hzwqtql6li3ARLhD/SXxgwBDQvQLQ4KkVSEgGwJU5agYr1SPBwexiSB5Ah7exk8NopZBkFMXQWrRpFyCbJxJHGhX4n78fA4z3nE70ZSWoQo9/xCHwIGR2XF/1Kxn71ip1dFs4S2A2fzw2ewedDIQlsCrP3Tdq7LIlO5dHSPkcsLwFcB4ACXB5J+RN8/MVcBr2Yev4Cp/KV2gnGlfVk1DYg4UvjPL2aPNYR8P6jTPBMfCd1H5mteG2HKthVYaGejHB3YJvQATGDlF9WLNObWOSYFXqbBpTEJJVUZh+GFJ37PzfweudjOxFPpWMVZoaUhMZDD7khzjzHaQ+yXQ+qA9Z1AtiSaiRpi5AtQ+lGqE/lmxk4gAA/CfEAIoKTYtIUrzXcrzaZBAmp+LOHYV82b2jeb6LNNI+syz5hrlgWCmk5jc2Sh9KRCCxhqcaGlhameaIMl5VOHqv1WYjKad8wNiLUtfDQRt6US97g5Yz+BSom6IIvzqEzY+BkIqHZyzjeJKGvLWNOmqNKbKvDgRFKV0evhBV/VI0VOh+dN/S6815fhAvlSOThlYkqbwi2vg2VpjJWvjdhL02ufXR1rjsMc3Nkc/coVIyd/Rw5Nn3iGzh2+Z/nchkxx4w9YbKte7Ta2I95jYik1lLJ4qV+ai2Q0KG5nduvrkDq5JCL7Cod9bWxEAo5GggdqtWoZ1kdoL5MD2AtYXrgjTzdHZMMYCP8pg90mQG3TRW89aYhn9BSFXr/94QcbtQ061C3UvnbQG1uSy1+223yownOPWycHUbGTYi6V09zupPJ78PtqcmOgQt213SWhSzotNwyq0eiLdaGN5Ju36K1Cv9unJj7LOtPEZ1BPrva5s07wLa8gWmHFkvkW2rm1BECPutGuaOgyRQ==; Domain=.cddtsecure.com; Expires=Fri, 23-Jun-2023 23:08:16 GMT; Path=/; Secure; SameSite=None
gdm_sid_v1_3_001=UmDgq9nG8+xJktCQuknlu+WFieZn+YyYztCCcBmrMvyXUyoUEHV0J3H1MLtdVX1phZUA/mxFz+ec4qWO0wsuKNhk6O7ZpMX6VFshFHMZHsCx1McvbYcDPGsi6mEvuYleqepghvCgQnWTE6ZkSClpB1Ff3hzwqtql6li3ARLhD/SXxgwBDQvQLQ4KkVSEgGwJU5agYr1SPBwexiSB5Ah7exk8NopZBkFMXQWrRpFyCbJxJHGhX4n78fA4z3nE70ZSWoQo9/xCHwIGR2XF/1Kxn71ip1dFs4S2A2fzw2ewedDIQlsCrP3Tdq7LIlO5dHSPkcsLwFcB4ACXB5J+RN8/MVcBr2Yev4Cp/KV2gnGlfVk1DYg4UvjPL2aPNYR8P6jTPBMfCd1H5mteG2HKthVYaGejHB3YJvQATGDlF9WLNObWOSYFXqbBpTEJJVUZh+GFJ37PzfweudjOxFPpWMVZoaUhMZDD7khzjzHaQ+yXQ+qA9Z1AtiSaiRpi5AtQ+lGqE/lmxk4gAA/CfEAIoKTYtIUrzXcrzaZBAmp+LOHYV82b2jeb6LNNI+syz5hrlgWCmk5jc2Sh9KRCCxhqcaGlhameaIMl5VOHqv1WYjKad8wNiLUtfDQRt6US97g5Yz+BSom6IIvzqEzY+BkIqHZyzjeJKGvLWNOmqNKbKvDgRFKV0evhBV/VI0VOh+dN/S6815fhAvlSOThlYkqbwi2vg2VpjJWvjdhL02ufXR1rjsMc3Nkc/coVIyd/Rw5Nn3iGzh2+Z/nchkxx4w9YbKte7Ta2I95jYik1lLJ4qV+ai2Q0KG5nduvrkDq5JCL7Cod9bWxEAo5GggdqtWoZ1kdoL5MD2AtYXrgjTzdHZMMYCP8pg90mQG3TRW89aYhn9BSFXr/94QcbtQ061C3UvnbQG1uSy1+223yownOPWycHUbGTYi6V09zupPJ78PtqcmOgQt213SWhSzotNwyq0eiLdaGN5Ju36K1Cv9unJj7LOtPEZ1BPrva5s07wLa8gWmHFkvkW2rm1BECPutGuaOgyRQ==; Domain=.cddtsecure.com; Expires=Fri, 23-Jun-2023 23:08:16 GMT; Path=/
gdm_click_freq_v1_1_001=bfK8z5UDo04kDjzc8YCbxhsnK2uYnJ94WwQuiD3K6E/WFKh1nFt5UuKL7bh54ap1; Domain=.cddtsecure.com; Expires=Fri, 23-Jun-2023 23:08:16 GMT; Path=/
Location: https://ujn.nowsubmission.com//?kw=43588&s1=b5e6d255448e4cabbf1f7c51cbd13dcd1e1bf&s2=
Content-Language: en-US
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8007
Expires: Sun, 26 Mar 2023 01:21:44 GMT
Date: Sat, 25 Mar 2023 23:08:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12573
Expires: Sun, 26 Mar 2023 02:37:50 GMT
Date: Sat, 25 Mar 2023 23:08:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 22:15:29 GMT
content-type: application/json
age: 3168
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7146
Expires: Sun, 26 Mar 2023 01:07:23 GMT
Date: Sat, 25 Mar 2023 23:08:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: RhR5yG/0AwaHaVElzKiw0Vx/OtU6sQe5rxgjsakDHDy7SOEhfhXPN/aLP0hqSGSFYC/WRvrpOuk=
x-amz-request-id: H140BNQCD8R4EK5S
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 22:55:05 GMT
age: 792
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:08:17 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
196e1ba22c141dd9db08033b5a80e517
2dc3ca029793606fa473aecc154b3bd3d4fd1d6f
9fc2d4766db6381a817eb75d197abc777b51b2ebc9947a95f457eaf96f96c3f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FC2D4766DB6381A817EB75D197ABC777B51B2EBC9947A95F457EAF96F96C3F1"
Last-Modified: Sat, 25 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20237
Expires: Sun, 26 Mar 2023 04:45:34 GMT
Date: Sat, 25 Mar 2023 23:08:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 22:14:33 GMT
age: 3224
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ujn.nowsubmission.com//?kw=43588&s1=b5e6d255448e4cabbf1f7c51cbd13dcd1e1bf&s2=

179.61.143.121

302 Found

718 B

URL HTTP/1.1
ujn.nowsubmission.com//?kw=43588&s1=b5e6d255448e4cabbf1f7c51cbd13dcd1e1bf&s2=
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
718 B (718 bytes)
Hash
ce66af5082e5c653a84757103ad63272
dee6740c83cb8a9bdeaa4f021174acd321a4a17e
cf397ee484cd9ec9808b31fd6b04674308cea697b98d9c00ae5bf51a9e672229

HTTP Headers

GET //?kw=43588&s1=b5e6d255448e4cabbf1f7c51cbd13dcd1e1bf&s2= HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
cache-control: no-cache, private
date: Sat, 25 Mar 2023 23:08:17 GMT
location: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
content-type: text/html; charset=UTF-8
x-redir: true
set-cookie: yredir_session=eyJpdiI6Iks3aWVNVHhsTCtnaDBvTXJ4bzRleVE9PSIsInZhbHVlIjoibnprbWkrOUlaT3lXM0dRcmhnandnMm9KSFloNlN2V0thK1Noc25FaDIrdlF1b1VJeE1oQXBaOWxpOVM1Q1FtSWFpdG9NV0pjTW9YSmZhclowNnVoVjA1ZU0rTlo3cEx0WlJSc3krSVNLN1hjc3VoeG5JbjBWNngxZTBZMlZjN28iLCJtYWMiOiI4NTU0YmI3NGI1Y2QwN2E5OWJiZjNiM2VlYjFiMDQzMzBiNTI2ZWEwZTBkZGMwNGFiNzBlZGVjYzY1YmYzM2FmIiwidGFnIjoiIn0%3D; expires=Sun, 26-Mar-2023 01:08:17 GMT; path=/; httponly; samesite=lax
transfer-encoding: chunked
strict-transport-security: max-age=15768000

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2230
Expires: Sat, 25 Mar 2023 23:45:27 GMT
Date: Sat, 25 Mar 2023 23:08:17 GMT
Connection: keep-alive

ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a

179.61.143.121

200 OK

15 kB

URL HTTP/1.1
ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (738)
Size
15 kB (14807 bytes)
Hash
57708f4cfc58ddea257d2e4e6612bd4b
a09e00791c45969d571ffe4e77a07ada656aa58e
33bf6d5fbdd7e5cfb0a6fa7add14e72f639ffe243e463f4e559fe4c4cf48b460

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6Iks3aWVNVHhsTCtnaDBvTXJ4bzRleVE9PSIsInZhbHVlIjoibnprbWkrOUlaT3lXM0dRcmhnandnMm9KSFloNlN2V0thK1Noc25FaDIrdlF1b1VJeE1oQXBaOWxpOVM1Q1FtSWFpdG9NV0pjTW9YSmZhclowNnVoVjA1ZU0rTlo3cEx0WlJSc3krSVNLN1hjc3VoeG5JbjBWNngxZTBZMlZjN28iLCJtYWMiOiI4NTU0YmI3NGI1Y2QwN2E5OWJiZjNiM2VlYjFiMDQzMzBiNTI2ZWEwZTBkZGMwNGFiNzBlZGVjYzY1YmYzM2FmIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Sat, 25 Mar 2023 23:08:17 GMT
x-redir: true
set-cookie: yredir_session=eyJpdiI6Im8rK2M4cnFNMldTaWt3YkhmNHhnMEE9PSIsInZhbHVlIjoiNlUwZUdOeG9RcVZwYlNUNFFmYnBJUGV2WWo3SWl0SUd0L09VZmhPZXgvY0o5N1k1eXhFVjdjZGhNR0JNaGtnNVh2UURYa1ZZWHY1dGNYWUJVc0VSNDczVWExNjc0UTdrYWpTbzdOa0w2Q1NmbWN6cmVwTHU1d0RKRkdDLzhpckgiLCJtYWMiOiJjNzM0OGY4ZmVhNTJhZDNjOWQ3MzdkOTA3ZWY1ODkzZmNlMzVlNmU4NGEyZWY0ZWE2MGI2N2VmNTAzNzQ3NmI1IiwidGFnIjoiIn0%3D; expires=Sun, 26-Mar-2023 01:08:17 GMT; path=/; httponly; samesite=lax
transfer-encoding: chunked
strict-transport-security: max-age=15768000

code.jquery.com/jquery-1.11.3.min.js

69.16.175.42

200 OK

33 kB

URL HTTP/2
code.jquery.com/jquery-1.11.3.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32038)
Size
33 kB (33261 bytes)
Hash
1c8acbf5f411ace3b76578a1fd1a603e
b1bbee9db24d885c25afd2e5a7720e4f79b6b991
e37464521b5447580a641b775ddb258a76f3bc7a3ca5a34eb452b12908b350a9

HTTP Headers

GET /jquery-1.11.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 23:08:18 GMT
content-encoding: gzip
content-length: 33261
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-176d5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1679785698.dop225.sk1.t,1679785698.cds235.sk1.hn,1679785698.cds216.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 23:08:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 23:08:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.213.220.137

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.220.137:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J+tBLG13tqXXjxkBv0wLXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tCmVsbwPRGebFu0EaFf/AAy60Yw=

ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

216.58.207.202

200 OK

33 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32072)
Size
33 kB (32954 bytes)
Hash
d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd

HTTP Headers

GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Mar 2023 17:43:11 GMT
expires: Mon, 18 Mar 2024 17:43:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 537907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ujn.nowsubmission.com/o/2XXQ6DLP/ed86755e-cb61-11ed-bbbe-930271cc50b9/?push=true

179.61.143.121

302 Found

818 B

URL HTTP/1.1
ujn.nowsubmission.com/o/2XXQ6DLP/ed86755e-cb61-11ed-bbbe-930271cc50b9/?push=true
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325)
Size
818 B (818 bytes)
Hash
26c9f7d3a2a3f839d0410684d73b57fb
d90a16cafbad12ea47f02627b5f958dbd1fd244b
e03f133a1680f17a30f8fa5d81f43e7c0b3d4485777f4d025965f1149bd34286

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /o/2XXQ6DLP/ed86755e-cb61-11ed-bbbe-930271cc50b9/?push=true HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
Cookie: yredir_session=eyJpdiI6Im8rK2M4cnFNMldTaWt3YkhmNHhnMEE9PSIsInZhbHVlIjoiNlUwZUdOeG9RcVZwYlNUNFFmYnBJUGV2WWo3SWl0SUd0L09VZmhPZXgvY0o5N1k1eXhFVjdjZGhNR0JNaGtnNVh2UURYa1ZZWHY1dGNYWUJVc0VSNDczVWExNjc0UTdrYWpTbzdOa0w2Q1NmbWN6cmVwTHU1d0RKRkdDLzhpckgiLCJtYWMiOiJjNzM0OGY4ZmVhNTJhZDNjOWQ3MzdkOTA3ZWY1ODkzZmNlMzVlNmU4NGEyZWY0ZWE2MGI2N2VmNTAzNzQ3NmI1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
cache-control: no-cache, private
date: Sat, 25 Mar 2023 23:08:18 GMT
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=edd95eae-cb61-11ed-9808-4be2f9827d22&&push=true
content-type: text/html; charset=UTF-8
x-redir: true
set-cookie: yredir_session=eyJpdiI6IkppVkZNcnZuUTdERHlUTFQrcStJbEE9PSIsInZhbHVlIjoieXpJSTBhcE1YbFZrMk5DNWRIMzA0UGpwM0F4WlRDdGpZMk9zUTVySGwrOFRiRk0raHFRU0tYelZ1VE5XdUtxR2U2aE5SNW5oZG5kR3ZvSy9TcWpNSWdiaVB1R0t2bHlwZlczTUNEeDc4ejJGbWRrSlZMSVJTbUNMTCswdEdCTDAiLCJtYWMiOiJkZWQxZjM4YTk3NjQ1NGEyMzk4NDBhMDQ5OTc5ZTdjZDY5ZGM1NGI3OTBiY2I0ZmI4MjI5YWE5ZWRjMDY3YzZlIiwidGFnIjoiIn0%3D; expires=Sun, 26-Mar-2023 01:08:18 GMT; path=/; httponly; samesite=lax
transfer-encoding: chunked
strict-transport-security: max-age=15768000

fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700

172.217.21.170

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1229 bytes)
Hash
7ebfa27fd8b2929cbfbd0903ff5464e4
0909c41cc073ee9ff39fde2ba6ff059e56775f3a
c8862e32218c654b94e8a45b2472257c3ba13e529d06713a5fe91adb07ebedcc

HTTP Headers

GET /css?family=Roboto+Condensed%7COpen+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 23:08:18 GMT
date: Sat, 25 Mar 2023 23:08:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 23:08:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/css/style.css

179.61.143.121

200 OK

25 kB

URL HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/css/style.css
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
ASCII text
Size
25 kB (25401 bytes)
Hash
bc84bd3caee9a7b227a5054179477e02
bc1b53ceedb9b91f4d4bec2037126b4d05c20912
d86b239f3ad7fc29593df1655848824493b2299a203c9be2f67adae10f94309e

HTTP Headers

GET /templates/templates/spin-casino_MASTER/css/style.css HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
Cookie: yredir_session=eyJpdiI6Im8rK2M4cnFNMldTaWt3YkhmNHhnMEE9PSIsInZhbHVlIjoiNlUwZUdOeG9RcVZwYlNUNFFmYnBJUGV2WWo3SWl0SUd0L09VZmhPZXgvY0o5N1k1eXhFVjdjZGhNR0JNaGtnNVh2UURYa1ZZWHY1dGNYWUJVc0VSNDczVWExNjc0UTdrYWpTbzdOa0w2Q1NmbWN6cmVwTHU1d0RKRkdDLzhpckgiLCJtYWMiOiJjNzM0OGY4ZmVhNTJhZDNjOWQ3MzdkOTA3ZWY1ODkzZmNlMzVlNmU4NGEyZWY0ZWE2MGI2N2VmNTAzNzQ3NmI1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 15:59:18 GMT
last-modified: Wed, 22 Mar 2023 20:46:16 GMT
etag: "bc84bd3caee9a7b227a5054179477e02"
x-amz-server-side-encryption: AES256
content-type: text/css
content-length: 25401
x-varnish: 1724361 163854
age: 198540
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 23:08:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size
16 kB (15700 bytes)
Hash
3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

HTTP Headers

GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ujn.nowsubmission.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:49 GMT
expires: Sat, 23 Mar 2024 10:26:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
age: 132089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay2.png

179.61.143.121

200 OK

19 kB

URL HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay2.png
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
PNG image data, 300 x 325, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18646 bytes)
Hash
90f8155b00c6e9ec624a12e8a67bd264
fbf3b21af8cc2c2d44879f19f5893dbe696113f1
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/overlay2.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
Cookie: yredir_session=eyJpdiI6Im8rK2M4cnFNMldTaWt3YkhmNHhnMEE9PSIsInZhbHVlIjoiNlUwZUdOeG9RcVZwYlNUNFFmYnBJUGV2WWo3SWl0SUd0L09VZmhPZXgvY0o5N1k1eXhFVjdjZGhNR0JNaGtnNVh2UURYa1ZZWHY1dGNYWUJVc0VSNDczVWExNjc0UTdrYWpTbzdOa0w2Q1NmbWN6cmVwTHU1d0RKRkdDLzhpckgiLCJtYWMiOiJjNzM0OGY4ZmVhNTJhZDNjOWQ3MzdkOTA3ZWY1ODkzZmNlMzVlNmU4NGEyZWY0ZWE2MGI2N2VmNTAzNzQ3NmI1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 15:59:02 GMT
last-modified: Wed, 22 Mar 2023 20:46:16 GMT
etag: "90f8155b00c6e9ec624a12e8a67bd264"
x-amz-server-side-encryption: AES256
content-type: image/png
content-length: 18646
x-varnish: 1724363 51
age: 198557
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 23:08:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay.png

179.61.143.121

200 OK

19 kB

URL HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay.png
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
PNG image data, 300 x 325, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18661 bytes)
Hash
a3f2c95451c2201b26033d755a0164c9
f150487dacf8607e49c31abebaf034e34ef8e8aa
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/overlay.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
Cookie: yredir_session=eyJpdiI6Im8rK2M4cnFNMldTaWt3YkhmNHhnMEE9PSIsInZhbHVlIjoiNlUwZUdOeG9RcVZwYlNUNFFmYnBJUGV2WWo3SWl0SUd0L09VZmhPZXgvY0o5N1k1eXhFVjdjZGhNR0JNaGtnNVh2UURYa1ZZWHY1dGNYWUJVc0VSNDczVWExNjc0UTdrYWpTbzdOa0w2Q1NmbWN6cmVwTHU1d0RKRkdDLzhpckgiLCJtYWMiOiJjNzM0OGY4ZmVhNTJhZDNjOWQ3MzdkOTA3ZWY1ODkzZmNlMzVlNmU4NGEyZWY0ZWE2MGI2N2VmNTAzNzQ3NmI1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 15:59:01 GMT
last-modified: Wed, 22 Mar 2023 20:46:16 GMT
etag: "a3f2c95451c2201b26033d755a0164c9"
x-amz-server-side-encryption: AES256
content-type: image/png
content-length: 18661
x-varnish: 1724364 46
age: 198558
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/loader.gif

179.61.143.121

200 OK

2.9 kB

URL HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/loader.gif
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
GIF image data, version 89a, 128 x 15\012- data
Size
2.9 kB (2892 bytes)
Hash
35de537ece3bfee3ab3f7af4c19e2151
9139201df5d36e1b2b9a8a6566683c95a49e0006
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/loader.gif HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
Cookie: yredir_session=eyJpdiI6Im8rK2M4cnFNMldTaWt3YkhmNHhnMEE9PSIsInZhbHVlIjoiNlUwZUdOeG9RcVZwYlNUNFFmYnBJUGV2WWo3SWl0SUd0L09VZmhPZXgvY0o5N1k1eXhFVjdjZGhNR0JNaGtnNVh2UURYa1ZZWHY1dGNYWUJVc0VSNDczVWExNjc0UTdrYWpTbzdOa0w2Q1NmbWN6cmVwTHU1d0RKRkdDLzhpckgiLCJtYWMiOiJjNzM0OGY4ZmVhNTJhZDNjOWQ3MzdkOTA3ZWY1ODkzZmNlMzVlNmU4NGEyZWY0ZWE2MGI2N2VmNTAzNzQ3NmI1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 15:59:05 GMT
last-modified: Wed, 22 Mar 2023 20:46:16 GMT
etag: "35de537ece3bfee3ab3f7af4c19e2151"
x-amz-server-side-encryption: AES256
content-type: image/gif
content-length: 2892
x-varnish: 2816022 98329
age: 198554
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin2.png

179.61.143.121

200 OK

88 kB

URL HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin2.png
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
PNG image data, 639 x 479, 8-bit/color RGBA, non-interlaced\012- data
Size
88 kB (88130 bytes)
Hash
f12f850a9ec2daa0b2dbb07e11252122
012a03ac053a0367ef9cdb76685a77d61f3d8a22
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/spin2.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
Cookie: yredir_session=eyJpdiI6Im8rK2M4cnFNMldTaWt3YkhmNHhnMEE9PSIsInZhbHVlIjoiNlUwZUdOeG9RcVZwYlNUNFFmYnBJUGV2WWo3SWl0SUd0L09VZmhPZXgvY0o5N1k1eXhFVjdjZGhNR0JNaGtnNVh2UURYa1ZZWHY1dGNYWUJVc0VSNDczVWExNjc0UTdrYWpTbzdOa0w2Q1NmbWN6cmVwTHU1d0RKRkdDLzhpckgiLCJtYWMiOiJjNzM0OGY4ZmVhNTJhZDNjOWQ3MzdkOTA3ZWY1ODkzZmNlMzVlNmU4NGEyZWY0ZWE2MGI2N2VmNTAzNzQ3NmI1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 15:59:04 GMT
last-modified: Wed, 22 Mar 2023 20:46:16 GMT
etag: "f12f850a9ec2daa0b2dbb07e11252122"
x-amz-server-side-encryption: AES256
content-type: image/png
content-length: 88130
x-varnish: 1202988 98321
age: 198555
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin1.png

179.61.143.121

200 OK

85 kB

URL HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin1.png
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
PNG image data, 639 x 479, 8-bit/color RGBA, non-interlaced\012- data
Size
85 kB (85123 bytes)
Hash
827076646858c6cc499ec675c45b147d
4b6bf3459af50ba8db76d31f9dc3876b50a4c5fe
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/spin1.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
Cookie: yredir_session=eyJpdiI6Im8rK2M4cnFNMldTaWt3YkhmNHhnMEE9PSIsInZhbHVlIjoiNlUwZUdOeG9RcVZwYlNUNFFmYnBJUGV2WWo3SWl0SUd0L09VZmhPZXgvY0o5N1k1eXhFVjdjZGhNR0JNaGtnNVh2UURYa1ZZWHY1dGNYWUJVc0VSNDczVWExNjc0UTdrYWpTbzdOa0w2Q1NmbWN6cmVwTHU1d0RKRkdDLzhpckgiLCJtYWMiOiJjNzM0OGY4ZmVhNTJhZDNjOWQ3MzdkOTA3ZWY1ODkzZmNlMzVlNmU4NGEyZWY0ZWE2MGI2N2VmNTAzNzQ3NmI1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 15:59:02 GMT
last-modified: Wed, 22 Mar 2023 20:46:16 GMT
etag: "827076646858c6cc499ec675c45b147d"
x-amz-server-side-encryption: AES256
content-type: image/png
content-length: 85123
x-varnish: 1724365 98317
age: 198556
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif

179.61.143.121

200 OK

23 kB

URL HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
GIF image data, version 89a, 500 x 150\012- data
Size
23 kB (23095 bytes)
Hash
f79f189bde401dfac7723f7c963d0ef8
83530e9d6248767d661c4996c14414621c857ed6
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/css/style.css
Cookie: yredir_session=eyJpdiI6IkppVkZNcnZuUTdERHlUTFQrcStJbEE9PSIsInZhbHVlIjoieXpJSTBhcE1YbFZrMk5DNWRIMzA0UGpwM0F4WlRDdGpZMk9zUTVySGwrOFRiRk0raHFRU0tYelZ1VE5XdUtxR2U2aE5SNW5oZG5kR3ZvSy9TcWpNSWdiaVB1R0t2bHlwZlczTUNEeDc4ejJGbWRrSlZMSVJTbUNMTCswdEdCTDAiLCJtYWMiOiJkZWQxZjM4YTk3NjQ1NGEyMzk4NDBhMDQ5OTc5ZTdjZDY5ZGM1NGI3OTBiY2I0ZmI4MjI5YWE5ZWRjMDY3YzZlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 15:59:08 GMT
last-modified: Wed, 22 Mar 2023 20:46:16 GMT
etag: "f79f189bde401dfac7723f7c963d0ef8"
x-amz-server-side-encryption: AES256
content-type: image/gif
content-length: 23095
x-varnish: 1202992 65571
age: 198551
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js

179.61.143.121

200 OK

90 B

URL HTTP/1.1
ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
ASCII text, with no line terminators
Size
90 B (90 bytes)
Hash
1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6IkppVkZNcnZuUTdERHlUTFQrcStJbEE9PSIsInZhbHVlIjoieXpJSTBhcE1YbFZrMk5DNWRIMzA0UGpwM0F4WlRDdGpZMk9zUTVySGwrOFRiRk0raHFRU0tYelZ1VE5XdUtxR2U2aE5SNW5oZG5kR3ZvSy9TcWpNSWdiaVB1R0t2bHlwZlczTUNEeDc4ejJGbWRrSlZMSVJTbUNMTCswdEdCTDAiLCJtYWMiOiJkZWQxZjM4YTk3NjQ1NGEyMzk4NDBhMDQ5OTc5ZTdjZDY5ZGM1NGI3OTBiY2I0ZmI4MjI5YWE5ZWRjMDY3YzZlIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=396528c7-a362-9646-6f92-41c07915c9d2
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 15:58:50 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 2816023 65542
age: 198569
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png

179.61.143.121

200 OK

171 kB

URL HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
PNG image data, 142 x 7733, 8-bit colormap, non-interlaced\012- data
Size
171 kB (171408 bytes)
Hash
276c26514be610b5c6fa413756b33671
43c532ff2dc2ce6ed8360fc5d05116b222036e4b
453150bf90ff9debe217f3734a4d3cf4bf6ed9017635d4f2d867096132ad4e28

HTTP Headers

GET /templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
Cookie: yredir_session=eyJpdiI6Im8rK2M4cnFNMldTaWt3YkhmNHhnMEE9PSIsInZhbHVlIjoiNlUwZUdOeG9RcVZwYlNUNFFmYnBJUGV2WWo3SWl0SUd0L09VZmhPZXgvY0o5N1k1eXhFVjdjZGhNR0JNaGtnNVh2UURYa1ZZWHY1dGNYWUJVc0VSNDczVWExNjc0UTdrYWpTbzdOa0w2Q1NmbWN6cmVwTHU1d0RKRkdDLzhpckgiLCJtYWMiOiJjNzM0OGY4ZmVhNTJhZDNjOWQ3MzdkOTA3ZWY1ODkzZmNlMzVlNmU4NGEyZWY0ZWE2MGI2N2VmNTAzNzQ3NmI1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 17:09:40 GMT
last-modified: Wed, 22 Mar 2023 20:46:16 GMT
etag: "276c26514be610b5c6fa413756b33671"
x-amz-server-side-encryption: AES256
content-type: image/png
content-length: 171408
x-varnish: 1630791 69150
age: 194319
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9897
Expires: Sun, 26 Mar 2023 01:53:16 GMT
Date: Sat, 25 Mar 2023 23:08:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9897
Expires: Sun, 26 Mar 2023 01:53:16 GMT
Date: Sat, 25 Mar 2023 23:08:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9897
Expires: Sun, 26 Mar 2023 01:53:16 GMT
Date: Sat, 25 Mar 2023 23:08:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde451a1a-fcba-44c0-b885-cf9daa6d2ff8.jpeg

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde451a1a-fcba-44c0-b885-cf9daa6d2ff8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9290 bytes)
Hash
d54efd2b1b21530d0da6f7a622ea898e
656849322a4885c98f1f06600f3c4680522d78d0
88d941b88e10152a49bd5e07bb6d7f31a1e3b2841562985d1869f5eea6aacf7b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde451a1a-fcba-44c0-b885-cf9daa6d2ff8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9290
x-amzn-requestid: ea6a8cc6-98ee-4d42-9cb7-73087027dde2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1soGZRIAMF0-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-32b521b073af557b282cb6b4;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: amzRKsV1FYQWrlBPncqtBdU6rnpKISHPETSvZQSE6VPULbYEmGW_CQ==
via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:51:27 GMT
age: 4612
etag: "656849322a4885c98f1f06600f3c4680522d78d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbfc8880-7788-4d8c-a59c-c048b787b772.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7823 bytes)
Hash
9b21b2c60279839939b60afd83d047fa
544c243fe2d69156f50eec156a62de127128a028
091a59214cfc0af90b4cb820bb521577ae63e862ec10160b8f64c9a9e593630d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbfc8880-7788-4d8c-a59c-c048b787b772.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7823
x-amzn-requestid: c528eae7-69b4-4669-8c15-2b306586b84b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kWHx5IAMFlEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-340c77491ea4440b340e3822;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: L_VF003IBR5rwk7Dkcc5BLDFTR4sUCzXvgD3mcLML1bzNatBZjW-Cg==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:49:34 GMT
age: 4725
etag: "544c243fe2d69156f50eec156a62de127128a028"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4000 bytes)
Hash
85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ncagzm12kJaHQtYhhjUUhcfXVfbwMdonoNYqpK-QXEmLfyyENgFnFA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 08:51:06 GMT
age: 51433
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9124 bytes)
Hash
8dc799aaa2f69ef1109501a605dbdcfd
58cefa986d580ee408fbca288e3e45ba86fb97ac
54fa967d6b96b456416c62140a4eb9b6cda29b80d5083b5d1321b1fb89b3455f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9124
x-amzn-requestid: 30a39bb7-d3cc-473a-a5f9-4921367832c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kUESiIAMFVEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-6c9bb97512fc3c8a3ecedc43;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _4VxID1v_auG0Vuzp87FJoPbgJovhYYYa1fpzQZze51I6HwFKbja6w==
via: 1.1 6af36c6902a46beec743522a9bbb3ab0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:50:36 GMT
age: 4663
etag: "58cefa986d580ee408fbca288e3e45ba86fb97ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a195fab-643a-48cc-8f4e-51e27511b474.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5424 bytes)
Hash
c8a2437b3c9ab01cd0e2327d4be5c61a
33573e5a6b6c1912702040c6d880c362baf0c3db
2556646c122f89bfce8467d13bf05e68f735373c8c18a33f7258f37f602673cf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a195fab-643a-48cc-8f4e-51e27511b474.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5424
x-amzn-requestid: b03169ca-0cc0-49f5-b785-5e29d70048cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kWGCnIAMFf7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-679415d416cf3b666ec128be;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: HJYBgmjUNbjdPrncK3FAPRUykhg3R25vwcbN6jA4K23HPwRUVDCdpA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:51:29 GMT
age: 4610
etag: "33573e5a6b6c1912702040c6d880c362baf0c3db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080fe5e4-bfa3-4b7e-bc7b-ea9d3348e6c4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
9.0 kB (9026 bytes)
Hash
8e481637282a51b5b27f673bf8f3ae67
e0df43bf1110d8576187040cc39fe4fb851ddab7
bef9e0ab9d9e0f1928ea18f2179290a71f26ff6994438a44759b6a8f109c0e13

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080fe5e4-bfa3-4b7e-bc7b-ea9d3348e6c4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: dd142563-f3de-4390-816b-192fc44c480d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kWHjMIAMF9xA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-5dee56692bbe2f35034c9178;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnX7AJMV_qcEeF6TG2tsNkiw3kUbCI6rskIb8IPuw-8VMg9raFUjA==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:51:25 GMT
age: 4614
etag: "42e3c97cb72a824d50de5b49e92731a7678c4e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ujn.nowsubmission.com/livewire/livewire.js?id=90730a3b0e7144480175

179.61.143.121

200 OK

175 kB

URL HTTP/1.1
ujn.nowsubmission.com/livewire/livewire.js?id=90730a3b0e7144480175
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with very long lines (53585)
Size
175 kB (174819 bytes)
Hash
0e377e741f7d57da94c0d5aed41693cd
f2619196a61c34b00491f62774a84f778134b974
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /livewire/livewire.js?id=90730a3b0e7144480175 HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
Cookie: yredir_session=eyJpdiI6Im8rK2M4cnFNMldTaWt3YkhmNHhnMEE9PSIsInZhbHVlIjoiNlUwZUdOeG9RcVZwYlNUNFFmYnBJUGV2WWo3SWl0SUd0L09VZmhPZXgvY0o5N1k1eXhFVjdjZGhNR0JNaGtnNVh2UURYa1ZZWHY1dGNYWUJVc0VSNDczVWExNjc0UTdrYWpTbzdOa0w2Q1NmbWN6cmVwTHU1d0RKRkdDLzhpckgiLCJtYWMiOiJjNzM0OGY4ZmVhNTJhZDNjOWQ3MzdkOTA3ZWY1ODkzZmNlMzVlNmU4NGEyZWY0ZWE2MGI2N2VmNTAzNzQ3NmI1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
content-type: application/javascript; charset=utf-8
expires: Mon, 25 Mar 2024 23:08:19 GMT
cache-control: max-age=31536000, public
last-modified: Fri, 03 Mar 2023 20:12:38 GMT
date: Sat, 25 Mar 2023 23:08:19 GMT
content-length: 174819
accept-ranges: bytes
strict-transport-security: max-age=15768000

ujn.nowsubmission.com/favicon.ico

179.61.143.121

403 Forbidden

243 B

URL HTTP/1.1
ujn.nowsubmission.com/favicon.ico
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type
XML 1.0 document text\012- XML document, ASCII text
Size
243 B (243 bytes)
Hash
14bb79749415fe51af1ed3ab150ed09e
321461bef74c788f0c2be1b8130e5f0d9263a288
58d5c4189cb032a869f0fe60476b8af04c0f490fb9ea04353d7a5a8421159692

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/ed86755e-cb61-11ed-bbbe-930271cc50b9/ed8be14c-cb61-11ed-a87c-6d5796b1174a
Cookie: yredir_session=eyJpdiI6IkppVkZNcnZuUTdERHlUTFQrcStJbEE9PSIsInZhbHVlIjoieXpJSTBhcE1YbFZrMk5DNWRIMzA0UGpwM0F4WlRDdGpZMk9zUTVySGwrOFRiRk0raHFRU0tYelZ1VE5XdUtxR2U2aE5SNW5oZG5kR3ZvSy9TcWpNSWdiaVB1R0t2bHlwZlczTUNEeDc4ejJGbWRrSlZMSVJTbUNMTCswdEdCTDAiLCJtYWMiOiJkZWQxZjM4YTk3NjQ1NGEyMzk4NDBhMDQ5OTc5ZTdjZDY5ZGM1NGI3OTBiY2I0ZmI4MjI5YWE5ZWRjMDY3YzZlIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=396528c7-a362-9646-6f92-41c07915c9d2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 403 Forbidden
content-type: application/xml
date: Thu, 23 Mar 2023 15:59:05 GMT
x-varnish: 2816025 65566
age: 198554
via: 1.1 varnish (Varnish/7.0)
content-length: 243
strict-transport-security: max-age=15768000

ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js

179.61.143.121

304 Not Modified

0 B

URL HTTP/1.1
ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js
IP
179.61.143.121:0
ASN
#61317 Ipxo Uk Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6IkppVkZNcnZuUTdERHlUTFQrcStJbEE9PSIsInZhbHVlIjoieXpJSTBhcE1YbFZrMk5DNWRIMzA0UGpwM0F4WlRDdGpZMk9zUTVySGwrOFRiRk0raHFRU0tYelZ1VE5XdUtxR2U2aE5SNW5oZG5kR3ZvSy9TcWpNSWdiaVB1R0t2bHlwZlczTUNEeDc4ejJGbWRrSlZMSVJTbUNMTCswdEdCTDAiLCJtYWMiOiJkZWQxZjM4YTk3NjQ1NGEyMzk4NDBhMDQ5OTc5ZTdjZDY5ZGM1NGI3OTBiY2I0ZmI4MjI5YWE5ZWRjMDY3YzZlIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=396528c7-a362-9646-6f92-41c07915c9d2
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 20 May 2022 14:50:35 GMT
If-None-Match: "1060884cf64d39c3fb28309d83ead97c"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
date: Thu, 23 Mar 2023 15:58:50 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
service-worker-allowed: /
x-varnish: 2816027 65542
age: 198571
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000

pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=edd95eae-cb61-11ed-9808-4be2f9827d22&&push=true

172.64.129.25

200 OK

0 B

URL HTTP/2
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=edd95eae-cb61-11ed-9808-4be2f9827d22&&push=true
IP
172.64.129.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=edd95eae-cb61-11ed-9808-4be2f9827d22&&push=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujn.nowsubmission.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 23:08:18 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Sat, 25 Mar 2023 23:08:18 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKv%2Bvwhs3XS7GrtKqEWOID%2BVPltd4iGLVCa57oX5wogmMQ4xSYzDqYJFq2Z%2Bx5hmBxZBpVcTd8Z%2Fr%2FTtqTWELr05mN97I0raImyLWaMX5xBBAMtA%2F4pcDG%2FniKQ7uVV9dswo8ezefFfkRt1OSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7adad0a69d9d48ce-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pushlite.neptuneadspush.com/javascripts/service_worker.js?v=2.01

172.64.129.25

200 OK

0 B

URL HTTP/2
pushlite.neptuneadspush.com/javascripts/service_worker.js?v=2.01
IP
172.64.129.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /javascripts/service_worker.js?v=2.01 HTTP/1.1
Host: pushlite.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 23:08:21 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 13:48:28 GMT
etag: W/"63d7caac-260a"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 5244
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iigRnMfDGlHm9Mg%2BuIh67zQS0pwvTGJBwavQq2nR3Pw40QgI%2FS2j3yCp491KjYwvj7H75zar2QoTvi7hLlO9cXbC0Vby%2Bh5umq0zxVl4G3MqjvQEH5HwCTg7725oVixb0HCAAn9smY%2BFJ6C5C48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adad0baab8d496a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML