amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
104.21.30.84200 OK 10 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
IP 104.21.30.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3561)
Hash 9da041cc2d7dff4e63963098dd804f76
c27276baba5572990b7a9f0093d3b6ff0152c284
c331b9c156a415e0e1f79b02d7ca4ef2f36d29ca507b91ede756e24b652179a1
Analyzer Verdict Alert fortinet Phishing
GET /cp/amzn_crsms_1000/gb/index.html HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:35 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjaWZG2VYNaAgnzl%2Fsw0F7E3Xe0WBBWmuUxiQg38dOgfaMPJEkDOcIodjBzTJ4GEq2EalyFkXruoiCpaTCbZALtIOpXUUraLrFfhIt5qokH8EqmatJyJwAg%2FPCCUNV3cxvF5xfof%2FvEw%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f97f86d9f40b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9826
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 09:53:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2205
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:53:36 GMT
Last-Modified: Fri, 25 Nov 2022 09:16:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2670
Expires: Fri, 25 Nov 2022 10:38:06 GMT
Date: Fri, 25 Nov 2022 09:53:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 09:19:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2072
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fbYjAxFV0AmfnQ+0qWWMv52riV5kB2MN8IpRRXxanpMLyerMHCVP78lPpFoTyGVDN7kCFZBBV5zmnwIWfA+6TQ==
x-amz-request-id: Y1X5ZD3X7XQY0871
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 09:43:47 GMT
age: 589
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 09:53:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
amazon.quiztionnaire.uk/cp/_assets/css/main.css
104.21.30.84200 OK 1.5 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/css/main.css
IP 104.21.30.84:0
Hash f0c4ead20215eaff39dd2c8879b29937
cfbeb5bc9b6270ddfaefcc00010e246862772552
c8265b8cdf3fef96bae1694edea3018d1ea979d304e570d3afc0363d7ea79e94
GET /cp/_assets/css/main.css HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-170f"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54JF1x%2Fi2CphgwYd%2FKBBqr5CPCO9h%2FUheF54FIO0v%2BfKIi2JeZE9FzHFcBfB%2Bhoed69y6iMSuhHRwTozYFFoHvLvZbrA0OwtrJRyckI%2FClAKqJEFs4L%2Bu5hWiQLC0Ecr3YGFhyoa%2FmRoZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f898d420b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash 1753c16688d0d51f0b3dc7ed7d4dbc4d
6a4842b3dc99394c6584c203175570ff8737c777
a61044d56003744699349a1ffbd6f85e0c62d4ac59b50d185363dd85d755b5c9
GET /npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 09:53:36 GMT
age: 7739548
x-served-by: cache-fra19170-FRA, cache-bma1677-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23046
X-Firefox-Spdy: h2
amazon.quiztionnaire.uk/cp/_assets/css/site-console.css
104.21.30.84200 OK 480 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/css/site-console.css
IP 104.21.30.84:0
Hash a3bcd153e49cc4106ef44e60927a0708
e2e377ff4cad0581db616ef8e50f146476788c88
7f9b44bf056814cb09662f8946024949f84573459b9e349c0aa1a3522daf0b36
GET /cp/_assets/css/site-console.css HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-55d"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOr6CNZsHl08euC6gbbuE6Zag4lZAoxq7Rj7EI0Uj65QmTv0pUXZfIWPocs0rk4mx3PjylzrEfaro1aAq993585Yht78d7JBl1DRUpcZ38KAs6ZKCzQFd%2BQAdS7aAni9D0z5ZMW8UypyOA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8999250b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/css/form.css
104.21.30.84200 OK 1.9 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/css/form.css
IP 104.21.30.84:0
Hash f773a163760fbb818024a00bfba23288
bc70b7125735332f0af79c1192d529d38af26baf
818ff6cd7ad72632be18a37935f8d73e078b2c64322bb96762b1ba11bc68283f
GET /cp/_assets/css/form.css HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-2b30"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8J7Oi9Wm7qv%2FZ2Un6Or4fxQ9FOZLTIztxxtswOGl3bbdt91SdyTEa4ZWwBkzc3fIj2LB2kHC4Rz3zETIUMqaxkn%2BcA4ndRSdSSxicyXTVhADzebn4LQgMGW8cAUj1rkDMIqn0da4OJxWA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8999cdb50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/css/fonts.css
104.21.30.84200 OK 601 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/css/fonts.css
IP 104.21.30.84:0
File type ASCII text, with very long lines (661)
Hash b10a03fef4815d4386cf9a3fc5e0fcf5
a841008307c4ae626229e437eb532da27903b69a
755315e0913bf7dde84cd00b478d4c6289caabe6f9cd5723457b0ddf74edd63a
GET /cp/_assets/css/fonts.css HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-12c5"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYlRaBnn9GksoOJqMg93u0qg6x6gqAir2r6NiwhvskyOcNDytkeOunFwfOgZfC2UrkwZLwWvUg7RL2Im0Kd1OjAGI6d%2BXjiU1b6vga0u5%2F%2Bn0PUwpPywQ3IY19F1HP0npDEnh0djZr%2FL8A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f899d0db4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
151.101.85.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash 57a992194d8a5b4bbd4ade561fd348bb
bb66f00fe168c6df50af51abdededdfceb15c59f
be95ec6ab71f5fa87401a698cb9566490258fa9012bb0e8467920b0f74163a0a
GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 09:53:36 GMT
age: 18172172
x-served-by: cache-fra19136-FRA, cache-bma1677-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23938
X-Firefox-Spdy: h2
amazon.quiztionnaire.uk/cp/_assets/css/animate.css
104.21.30.84200 OK 940 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/css/animate.css
IP 104.21.30.84:0
Hash f71915998bb2c86bbf4305b957809468
2bd582de860359bff1a860bc6e72cb14a24c92fe
d34ab14901f5110c8f2c72e929bbf78c5a68ba269a513f7cda6a38d6f807ae3d
GET /cp/_assets/css/animate.css HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-1ab5"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdEwijPG8PZTnRFSZ2o2Orq%2F8BX%2Fy8TcF0VifK1jhqQXfEFKJTqvI1zooekNRe%2FsI2q4HqgrcVCJKUBp2I%2BbYv2c4jeOc0MwZcr7zNTxYvzTrYaWrm5jxcmt%2FS%2BIn%2BKi9ETRNqZorhMt7w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8998ccb51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e62367fb5e0af824dd1d11cd8497b3fe
4760db938f2a518eea468ca7e92a87971e663761
3264556e5fe1bc7885248a574915ee05845659b5f0517e7e2ee740206dd051ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4406
Cache-Control: max-age=98800
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:53:36 GMT
Etag: "637f5e5a-1d7"
Expires: Sat, 26 Nov 2022 13:20:16 GMT
Last-Modified: Thu, 24 Nov 2022 12:06:50 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
amazon.quiztionnaire.uk/cp/_assets/css/style.css
104.21.30.84200 OK 3.7 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/css/style.css
IP 104.21.30.84:0
Hash 5ee8ddffb629cf54105ad55d6231ed77
8d3534595035cfec7e86f84497ac0862fd8ba274
37fa1753420e9599b324eadab4932c26ee221c16b7b1ed4ce8818cd3544c33f7
GET /cp/_assets/css/style.css HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-3f02"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVdW8PfgnSekf1V7Cv5IzO39WzKcGoqLIYwhWnUCANrsZbnP8sBmat7tQ%2BrX%2FhVQnER6ki%2FnjUmpKI7sfyDJ0UgdI%2BPKq9QpJUb0hLoFro%2BRkldc8y4I4WNGU1Nx8UTMkaSkGMGrKLtSXg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8999c0b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 407212adfee816365b8fa858c7700fd9
be562cad8e4cba90ca87cda6adbedbd7652e2daf
63a9c82ded17f2f7f3ea8adb52b640ec94f86543159c90b15f1fee4030dc8e09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63A9C82DED17F2F7F3EA8ADB52B640EC94F86543159C90B15F1FEE4030DC8E09"
Last-Modified: Thu, 24 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8401
Expires: Fri, 25 Nov 2022 12:13:37 GMT
Date: Fri, 25 Nov 2022 09:53:36 GMT
Connection: keep-alive
amazon.quiztionnaire.uk/cp/_assets/css/modal.css
104.21.30.84200 OK 873 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/css/modal.css
IP 104.21.30.84:0
Hash 1dd5f6eefa4a392bdf936cafec93e667
fd325fd5c5bfa0002b8b26577b1fcff5ed409d47
776320b1cacb643fc9f4e590a0be04e3277ca3dff4095798251196081e3a567f
GET /cp/_assets/css/modal.css HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-9b7"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNgugM7DBIVC%2B1YUeEVQolkVxm3MOP28L8iBPtOL64DQO22TpXltClmFAFOYNuI7traSXaDGyruePcvMPoL5hoFpkVWfMPNGYms%2BEGEoD3M2UfQht3gIpRqUoep5yAt%2BwDk4NPvHKJ93CA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8a0e490b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash e5b4f0edacb0e1ec14b068b30274304e
88191d1f3d8232666b3bccd8ec8a069ba9cbd1dc
33cfb52b80d5f80c646682f4c8bbe1a14398189794aa58cb0429bb56843e7144
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F89FB34287B2A2B9E834169BA3A0B694F81CC9"
Expires: Fri, 25 Nov 2022 20:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3112
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8a8c4ffab4-OSL
amazon.quiztionnaire.uk/cp/_assets/forms/sweeps/gb/form.js
104.21.30.84200 OK 614 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/forms/sweeps/gb/form.js
IP 104.21.30.84:0
Hash 430f7b3e7853101357ec189030447f25
447c9898f398655f650a77617d36b59bab7947e9
defb456e9735d42dcdfe19da27ad70deda5fc0e77e6ed4d40f9b4ff80e8cca1e
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/forms/sweeps/gb/form.js HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-5ae"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zPFlyXNFK%2FnQM2fAv6egFmp%2BkkWyH7MWYUXin4V0CBST7I8Uo%2BeQAIfHADoFzS8jGJPeSbS5qzN996HTqinh%2FBL%2FcmGhCtxZhJB2vZGn1OuRfJt02wB27bjx1MDtKXhP9LyFE1oKDwTNA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8a1b2ab50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/css/campaign.css
104.21.30.84200 OK 440 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/css/campaign.css
IP 104.21.30.84:0
Hash 3214a621d69098de300dc5007d352e0e
fe9d003e35e150329169b42a72032d465d3e589e
725021ce9c4c5e985d901ed277ff946bd6c03c2186d4c70eb9f8ebdd36dbac8c
GET /cp/amzn_crsms_1000/gb/css/campaign.css HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:31 GMT
ETag: W/"63807967-523"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igJbsdh0XY%2Fx6Uq4Mh%2F3531QOrYER%2Fzb8Mp01Tw3i4py4mKBbqY%2FGSY5P33Ie363mPpRlIo7P3PMgkEADQN9rveYckEJK8NHRDkUizblT7uc9eZtdVB7KEyA%2FVMXVAqpU%2BB5y5IPzzbVqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8a19ad0b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/js/new_overlay_teaser.js
104.21.30.84200 OK 1.4 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/js/new_overlay_teaser.js
IP 104.21.30.84:0
Hash d1b2a296577229e55c98830efe6d6632
551760fad16ab93e850eaa0407637b75fec9b477
016c9e8e8c3c47231fb20f9826a61868e25569b0dd9e9750c39b4b342c470a7e
Analyzer Verdict Alert fortinet Phishing
GET /cp/amzn_crsms_1000/gb/js/new_overlay_teaser.js HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:31 GMT
ETag: W/"63807967-1dc1"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykk7d5xQT4Hc8GTW9aA%2B3VfygbK0lmoNdwhujyp1d8q2UnHs6CYkuowokIp7MWL%2BKQJX%2BijSmtGtPRxYoA0oB3f1ZZ%2F0MLzp35Bdy2ZZD04RTAibm%2FaEcac7CcgneOR9ioexx9%2BTANJjAg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8a2dfab4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/js/responsive.js
104.21.30.84200 OK 449 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/js/responsive.js
IP 104.21.30.84:0
Hash e44958b1ad771e01f1635a12b01ee0ea
b3214bc104f54fd0edb951a7ad148e099bde5c65
bee7886eadef91dc734fa6badafbfd1e3802485ceeb5200a493681ee280ba66c
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/js/responsive.js HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-610"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iTLtNCHOM%2BNzkB5UFXu5J%2Fg6OS8KnlTOJPipwnWyenGAupBuExw9e8KAPODttffibJ7h6JXzCC0p7tbJDuZLS3xlYkd3NPp20PcGuUgZNl98k%2BG4xqJD6ePEI9fyBGPEN8V%2BkfNBocuxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8a29b6b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
content2020.qubiqlabs.com/cp/_assets/css/footer.css
34.78.252.25200 OK 1.7 kB URL HTTP/1.1 content2020.qubiqlabs.com/cp/_assets/css/footer.css
IP 34.78.252.25:0
Hash b8c24be466dd044ddc136be9e2ea477e
d05d66fee34a02d193d045ce48493b438d16a271
998ed2817e3c070e9f2d53a3cdaed41f6d12f3101ac63d6d6a561edb075bc52c
GET /cp/_assets/css/footer.css HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/css
Content-Length: 1652
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: "63807955-674"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
amazon.quiztionnaire.uk/cp/_assets/js/recent_winners.js
104.21.30.84200 OK 838 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/js/recent_winners.js
IP 104.21.30.84:0
Hash 1f3fd5e93c0c312ae0fa7c979726a98e
ed87a30d920cc281babc85a92aff188d22dcd2d2
f927a85de11f64f975e05c407326c9a5f6bb46c70a6e20663fe43823c552a873
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/js/recent_winners.js HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-832"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xk6KRhloUSat1qTD5zn3%2FcG24XI25fmAC0ZY7l6VY6mtj7T6sh%2F5oxnsmBdktBfIVQHu86YfaKJkI7e5SM%2BonbZ%2Fw1PKIjO95rwDdqckM50%2FUGNqBrQ8NNfKlvxvjkBlMf3Az5VT%2Be49Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8aabc4b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/js/jquery.min.js
104.21.30.84200 OK 33 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/js/jquery.min.js
IP 104.21.30.84:0
File type ASCII text, with very long lines (1963)
Hash 594a3feb69c7c103f48fd12541230f70
1cda49275ff0218a95a2d53d3b011d574c26d3ba
78ef04fc551e465f68249cb119cc112eaf08a6917dc080547c96f12a615669d4
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/js/jquery.min.js HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-1b9fc"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yvEZJJsAamDYCyxTqq%2BbWHtjHGRikEZQAA0LgGXxXSnKDDRP33BHvtnkltyDwoDSGeyULyFV8N8OGRyngOCxdZ8PuQWOoPSEzHTsU2b%2BJAisXhyxVXtoLINoyCosKjaV06JxLba%2BOhbeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8a5b1bb503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/js/bootstrap.min.js
104.21.30.84200 OK 15 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/js/bootstrap.min.js
IP 104.21.30.84:0
File type ASCII text, with very long lines (1289)
Hash 95ad0b5f06ccb640d7288036a9c2abdf
52c71e05b4f6ceabcedecdcc10770a6ba6502331
6de5d08db1b547c40759886378f3204bc435c91968a126ad934c399dbc7d58dd
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/js/bootstrap.min.js HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: W/"63807955-f2fc"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ussqH3EvEh5ZaWoQ3MO769NWDSDwhUkccwWUj46%2FphjANo4szLruhkksBNt%2BYfAxFnpkC%2FpsznaXw8dSkIK8v3qLNnog63A9DAhlcUosWFKb%2BiiX8GNHgL2lqidCHLj4ZdiV0lnbbEdI0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8a9f7c0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/images/row_logos/en/footer2.png
104.21.30.84200 OK 1.7 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/images/row_logos/en/footer2.png
IP 104.21.30.84:0
File type PNG image data, 220 x 72, 8-bit colormap, non-interlaced\012- data
Hash 319df60cdffaf14a3a97ba8eb00ff58e
f9120afd9961fd0a80992fdd0a4cbdf01d6653f5
fb296ed0b80dd5e05edb9c30764cb21c232677247f8a5e1d23c2f720bed3c203
GET /cp/_assets/images/row_logos/en/footer2.png HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: image/png
Content-Length: 1722
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: "63807955-6ba"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRUlSuzgG40MwVJblkEp0qEKFPxeZV%2FOCEKTflxbaq6CJE3Ecn1fR9uffVFGkrc%2FQLGtLtaaD8AF8G03tjBRYzYONzAhlHurWX8372OSbl8Dig7%2B4VM%2Fo3R1E1BI%2BbYNhZKeSOYUtONFfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8c1ea6b503-OSL
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/images/row_logos/gb/footer1.png
104.21.30.84200 OK 1.8 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/images/row_logos/gb/footer1.png
IP 104.21.30.84:0
File type PNG image data, 220 x 72, 8-bit colormap, non-interlaced\012- data
Hash 04866b2d462d86c3dc6e5c3a08892afe
75889588c82686745a5ae0db9b72adad6a293678
dc3d94070af4f77dfb97593192683583ad25275199702adec9c15ede34371330
GET /cp/_assets/images/row_logos/gb/footer1.png HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: image/png
Content-Length: 1784
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: "63807955-6f8"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pDBOmpFGuuDLX3C6DmDzOlLUCcw83Cw1JA%2FLp%2BlJl2IhOPE8ElJgj1HZ7ZWPVZtmX0%2B5VNwKWlkgYQS%2FO9WjKPsc8hR8sMV4ZZO3ttFBhcUrMoivoqcvROmQc597UOxitDL4i0Qe8QmAA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8c1b4a0b69-OSL
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/images/logo/logo.png
104.21.30.84200 OK 1.3 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/images/logo/logo.png
IP 104.21.30.84:0
File type PNG image data, 132 x 24, 8-bit colormap, non-interlaced\012- data
Hash 168bade4aaa63e53a51081bd3bd9fe8e
6911585bae75d0ce48cff89adbce6736f59e9762
0a3a38755e7f938e44320b9f68ec600e044fdb892a3f8d46a80697e53014aff4
GET /cp/_assets/images/logo/logo.png HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: image/png
Content-Length: 1320
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: "63807955-528"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGpClz5yI1Vh3mwK0rpBaSKTxooT3hSrJhkSWDwkLXot4F8EchhKsEzF4TJ1RHs0TIro%2BlbVJJn5CDQkKZzxRVLNU2xWmaEJ9kHN%2Fq4VkLI3318l57VHa5F0Y2S5ppuLkRYy3wFFO31flg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8c193ab4f9-OSL
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/prizemob.png
104.21.30.84200 OK 26 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/prizemob.png
IP 104.21.30.84:0
File type PNG image data, 550 x 201, 8-bit colormap, non-interlaced\012- data
Hash af9767ba1dc6af6c42b10cdeb9bf37f9
be79b77063707771626ce1d7b11f00a1fc5506ca
9921e4cfb9ffc9fc7fa72319555fea1f15d7f2674741b8968c6ee08b05cec1d6
GET /cp/amzn_crsms_1000/gb/images/prizemob.png HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: image/png
Content-Length: 25848
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:31 GMT
ETag: "63807967-64f8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6qdGmNz4%2Fhg7lqRVp1FuQCqmtqGGL2iYdvrrAs2HVEDFpmnhafkmZ4QzD7vUhNsru6y6jCE%2Fj1CZwNamV5EFDPepUVXk3%2Fw4hAHr%2FAO%2B7HZDYYpURBWC2Fn6iOH7cZyu68vVs%2BVSQZi3w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8c191b0b49-OSL
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/header.png
104.21.30.84200 OK 15 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/header.png
IP 104.21.30.84:0
File type PNG image data, 1068 x 196, 8-bit colormap, non-interlaced\012- data
Hash d2c9b36187ad758193438aa6fa657e08
506ea133f8a216f316c744a6919ed3d14ceb2162
86cd43f9c31835980faf9810e59920c664cef8a61ce06303a70a986805b54d81
GET /cp/amzn_crsms_1000/gb/images/header.png HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: image/png
Content-Length: 15181
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:31 GMT
ETag: "63807967-3b4d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IN7eWfakCl34s7n5U8JO%2B3GCEWlHAPkhqZOFeqSXY2XtkZc1wGMOP4HwpZP9hYO%2F9H8sKrePgXfH1N5FTDFtadA6FxZcBKw5OYAr4Llog5qksed1VMH5PMp46SyEHWcnDRSWMaihi5cVXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8c1d65b50b-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:08:53 GMT
cache-control: public,max-age=3600
age: 2683
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/title_image.gif
104.21.30.84200 OK 173 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/title_image.gif
IP 104.21.30.84:0
File type GIF image data, version 89a, 180 x 167\012- data
Size 173 kB (173075 bytes)
Hash 0e77615b5a87c2d6e702cfbcafe3a8e8
f622439ab4bf8acff072d844fb122804984fd2fa
00d0a698dfab693ede9007638cdbf23cf51520b036e02e9b16d1d5c41ca96f71
GET /cp/amzn_crsms_1000/gb/images/title_image.gif HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: image/gif
Content-Length: 173075
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:31 GMT
ETag: "63807967-2a413"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbmPCo6PuYdbZMeG4TuKaVTNll4q8hTT3XDfT9UqOxdcVg70wFvCjAb83Godbp%2BxKR41Wq9qle%2Bo9QFosyVqHC0y%2Fd5%2FgBJeg1SdaTDbQ1UjaNCce%2BWJt0763uUlHrNrpTHIJg7mwLRYNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8c1cd9b51d-OSL
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/modals/privacy/gb/header.html
104.21.30.84200 OK 59 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/modals/privacy/gb/header.html
IP 104.21.30.84:0
File type ASCII text, with no line terminators
Hash 4675b802c9dc06beb6c4b7ff4928814d
ac9c4921b47ef5bbc4735f7be9facaa7275bfd32
4399625acf65f8f926fabde068f0067194356e050ea9be737e587887643c75bd
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/modals/privacy/gb/header.html HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAFESeCzwmwuyBxKsLd84Xso0RC772JWQpVE86GeCxi9fcWKPpkXBWTC5opL2GTQOlTSCoiQ27Fbl3ERXVnUfd48AuEEV2KtxIs3PdmjhKHt55%2BGIUyvcEVhsd0fUU42MFVrIJUcN%2FvUnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f97f8d5850b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/modals/unsubscribe/en/index.html
104.21.30.84200 OK 1.8 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/modals/unsubscribe/en/index.html
IP 104.21.30.84:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 693910441731efa24d6e2c55cf926bce
ac941b32df80fd1b29b4cbc5cc5780e076719621
8ae65fc56ae3ad021ff1909047de2d6a5391c4d63c5e7629b640cc8b51f57c7e
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/modals/unsubscribe/en/index.html HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWDLoREujxqXy2FOnZYIGKFDmlpsgwl65cJPPFpyu5jWLYWprEA%2BloT%2Bya5H09t66KtT0DSZHQCFZFNHIadjE8JSmAWEjduotg55zu3V%2B2CqsOXT%2FgUHaYcuHClaVoTDRFIb%2FsPAVegr%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f97f8d6f62b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8508b5aa22877df6a1f7f3235c847258
b0104fdb727086aef07548dbd574dccadf7ce619
04eba681e814e47198be2f992c6fea4f95238b43b5318ae2908a6e97fa95b328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04EBA681E814E47198BE2F992C6FEA4F95238B43B5318AE2908A6E97FA95B328"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5836
Expires: Fri, 25 Nov 2022 11:30:52 GMT
Date: Fri, 25 Nov 2022 09:53:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8508b5aa22877df6a1f7f3235c847258
b0104fdb727086aef07548dbd574dccadf7ce619
04eba681e814e47198be2f992c6fea4f95238b43b5318ae2908a6e97fa95b328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04EBA681E814E47198BE2F992C6FEA4F95238B43B5318AE2908A6E97FA95B328"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5836
Expires: Fri, 25 Nov 2022 11:30:52 GMT
Date: Fri, 25 Nov 2022 09:53:36 GMT
Connection: keep-alive
amazon.quiztionnaire.uk/cp/_assets/modals/terms/sweep-terms/gb/header.html
104.21.30.84200 OK 63 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/modals/terms/sweep-terms/gb/header.html
IP 104.21.30.84:0
File type ASCII text, with no line terminators
Hash 266716a9292478ced2d0f7e665d22bbc
535bb3f5493415b83f5c15de279afa450f8a4c80
6b957e6cf889cbd30bd5de1b527d3fd23fa0843661c8d4568d300471bc4a275a
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/modals/terms/sweep-terms/gb/header.html HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeayOTCIOHMPM8HPpTg73o0vCl00kSFx9O6F9ddg%2FyprpQD9XzRRPxBDxf%2B5X1mLBLXjPsD8O%2FEXxVWuYAMnMjB0B5o9fEAxNGTBGTBqdo3Uqb%2BYhK6R3iBx7mGPvKijy%2FZPopOl22dIkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f97f8d6cac0b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/modals/unsubscribe/en/header.html
104.21.30.84200 OK 56 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/modals/unsubscribe/en/header.html
IP 104.21.30.84:0
File type ASCII text, with no line terminators
Hash fa602e339b97b4d40c4d92f8f7219d73
1cb2aa449e6ccd9d52ddbf1c9f24a7974ea39346
5d3af7df9ae2f05d7df213e7faf15dec0be29e6bc3842764515ebc941212bce2
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/modals/unsubscribe/en/header.html HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wpGvLIZRScRYqBVaER6PM8BGEN8U%2F5idFrZ7WR%2Fa5m00dJXWKWAyBAV57JjCM%2B%2BjB%2BwB%2By4%2BYTkj%2FSGQfQQ8diRWtQWwBd8RuVFYdIOFsDzNP2EoueAvCpl3YsWye%2FO2ErUdJqs0Dcd2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f97f8d6a9b0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/modals/terms/sweep-terms/gb/index.html
104.21.30.84200 OK 2.4 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/modals/terms/sweep-terms/gb/index.html
IP 104.21.30.84:0
Hash afa506ef1556c1e9528a0a6c42e46f08
45eab05f66bd793950f7c77550585a1b7111b748
bdba741af91de5a52fc5792feb97de9453217656341a282bfa4f52344aee14ed
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/modals/terms/sweep-terms/gb/index.html HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjFcvJWLlsJv3TM5W29yCreZ%2BKEi5Dvm%2BFnic3Vb4GqhKpGoYTE%2ByOh3qU18qir%2F%2BFzvPQntYj%2BTI0eEei%2BzuxeCNGL3OE1a4a8jZ0NctN0w73o7CtD2CaRWjMfsL0CQDpcyXi5NFgZMLw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f97f8d6b90b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/modals/gdpr/en/header.html
104.21.30.84200 OK 62 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/modals/gdpr/en/header.html
IP 104.21.30.84:0
File type ASCII text, with no line terminators
Hash 4e6136476d80fd0d5c489abf00e8e3f9
c7091a1226db41bbe4256b1485187151cb0b2359
84139de29feedc93f1ecfa8dc5f9874f550e58c6ab80e5b7a2b45884fade2c3a
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/modals/gdpr/en/header.html HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyHmfaICGDm0HPW8xLm%2BXF3TxfBq5pn1VINwjaXAYdAuiqTQWPfBHZohDvfCPlVYBmgrYRoYL%2Fiu68oW547OjLDXPaNtjGzxPHoKYEPJh%2FsldLQk%2BKJ2Y8e%2FSXHOaVNhkZJACUWek9NuLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f97f8db8c3b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/modals/gdpr/en/index.html
104.21.30.84200 OK 525 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/modals/gdpr/en/index.html
IP 104.21.30.84:0
Hash d500b7a4b288818f71c0e77cbd9ce592
a31be5f57be9d3bf30711be67b88d9b3125a2d40
9265f2129db22426f9b3ac5d3d4880784c9847a7554ebf26d34bace095e64f1c
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/modals/gdpr/en/index.html HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypyiuCh1PWSjoBOAU5ZscZjfTGhA%2Br%2FIyqE2oPwvFJIwZjm4NyekjFi2KmW1KITMS7QVsqSrmr3proDR9sc0NlAwbwU5PgmBxhfMTlRGim%2BJZaxIyPcUsY0cCqDxRo0rO2sYkOxIJ0BrdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f97f8dbfdfb51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/modals/privacy/gb/index.html
104.21.30.84200 OK 14 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/modals/privacy/gb/index.html
IP 104.21.30.84:0
File type exported SGML document, Unicode text, UTF-8 text, with very long lines (397)
Hash 01e11e647849c7f9c6f710b25a2318a9
086572c36a613092e49f943548b0261d8bd847d6
e77a7435995dd9c8ad078b98fcb8baa80d7543fede1c6a6a344a664f351c7b74
Analyzer Verdict Alert fortinet Phishing
GET /cp/_assets/modals/privacy/gb/index.html HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0NQQMbVMZ1X7uXJ%2BbUFcLf%2B7vt8owtaYLakyAe0FkOaKDluHjaAyhu4gQyCNpwaz7qlsZaMsWmZAFiFX0IEFcDcdZ4kXhPh38EL8AsCEr2vKEQqR7ucl2fMn8joYyrFGUIO0KoJUGQacQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f97f8d6f21b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 21df9eaf84285c27f6faf658cfdc7bc6
31f990665e11dfb7b2464caba5bcaf2f564bee7d
c9eda366498eca39dff0b5b8ef3a351507a0f10d8aa351ff5e45ce43fe899cf5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 09:53:36 GMT
Etag: "63800195-1d7"
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yAOqE3S9_ejK-34tGQDGDs33mIg6N8eYVeJtEl7MPcOEA3pIV-eUrg==
ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
172.64.203.28200 OK 78 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
IP 172.64.203.28:0
File type Web Open Font Format (Version 2), TrueType, length 78168, version 331.-31196\012- data
Hash a9fd1225fb2cd32320e2b931dca01089
44ec5c6a868b4ce62350d9f040ed8e18f7a1d128
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
GET /releases/v5.15.4/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:53:37 GMT
content-type: font/woff2
content-length: 78168
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
etag: "a9fd1225fb2cd32320e2b931dca01089"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 3c40a0775e2798dc9f20a237d0225e44.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 8Syl0LZqpMXYFiPovd3HICAm1oK_Ww5cRMg93KDGqN8OlJNPk1fGbg==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7CqTLcx9UxvF7TzPxS9mH783qLhsDUTLa2QbAyUmvDwvYt4GAeqLSC2YvwKi9pALYaeqk7N7zvjaYwX%2FuWNyUNBphBz2EE7SK0LYadoIvLUznhmzR2KarkEWmYO50WiQcHsH1VI%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f97f8e39b07423-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 21df9eaf84285c27f6faf658cfdc7bc6
31f990665e11dfb7b2464caba5bcaf2f564bee7d
c9eda366498eca39dff0b5b8ef3a351507a0f10d8aa351ff5e45ce43fe899cf5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136181
Date: Fri, 25 Nov 2022 09:53:36 GMT
Etag: "63800195-1d7"
Expires: Sat, 26 Nov 2022 23:43:17 GMT
Last-Modified: Thu, 24 Nov 2022 23:43:17 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: omoPein3kutTwa8mB3gg5D1W7JF6Kzv2PvC08TkajVVNYvZJcm0yBQ==
st.formulead.com/assets/img/recent_winners/image-4.png
54.230.111.123200 OK 4.3 kB URL HTTP/2 st.formulead.com/assets/img/recent_winners/image-4.png
IP 54.230.111.123:0
File type PNG image data, 60 x 60, 8-bit colormap, non-interlaced\012- data
Hash 09dcd2453720b66db251a92d9281ada8
e89a15a6ff801f4e9434ab74617726d276c0ccda
510d0ef7c8364b87979fe6bc4d46796e17b6d7953324a36b40e7818146769a10
GET /assets/img/recent_winners/image-4.png HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4320
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
accept-ranges: bytes
access-control-allow-origin: *
date: Thu, 24 Nov 2022 15:15:34 GMT
etag: "6329dbed-10e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0lg9FcjPgdWZbzGl16A7PrVm9Z4I167CMt0af4h4fJRnzNFntUjvwA==
age: 67083
X-Firefox-Spdy: h2
st.formulead.com/assets/img/recent_winners/image-6.png
54.230.111.123200 OK 2.6 kB URL HTTP/2 st.formulead.com/assets/img/recent_winners/image-6.png
IP 54.230.111.123:0
File type PNG image data, 60 x 60, 8-bit colormap, non-interlaced\012- data
Hash 3a887c0893c997f0703c12d6d327f9a8
4ab239fff99577b704090682fef416c3f961a916
233de36aab8f5e3781f652058e801266317964dea9860bdac59806582be31798
GET /assets/img/recent_winners/image-6.png HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2614
server: nginx/1.19.0
date: Fri, 25 Nov 2022 01:37:05 GMT
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
etag: "6329dbed-a36"
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -Aywj9aduj6m3iUJvmNqr_YNHVoqYzPbW7868qdY0W3pCEDHLKKfSA==
age: 29792
X-Firefox-Spdy: h2
st.formulead.com/assets/img/recent_winners/image-5.png
54.230.111.123200 OK 4.2 kB URL HTTP/2 st.formulead.com/assets/img/recent_winners/image-5.png
IP 54.230.111.123:0
File type PNG image data, 60 x 60, 8-bit colormap, non-interlaced\012- data
Hash 606f41c2bb63d01ac1d3370791efeb41
1b5866271279cf2b321d976cd0a7b449d83cf04d
ecc7aaf6a21affac09d882cd2b2711dba766dd634235928d06a417e89358bed3
GET /assets/img/recent_winners/image-5.png HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4227
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
accept-ranges: bytes
access-control-allow-origin: *
date: Thu, 24 Nov 2022 15:38:55 GMT
etag: "6329dbed-1083"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R9XA4wZUVBpR9MmkUpl2vrqNHFFZS2VOTRSi2MdULGpy2lZF9fes4A==
age: 65682
X-Firefox-Spdy: h2
cdn.formulead.com/css/main.min.css
34.78.252.25200 OK 94 kB URL HTTP/1.1 cdn.formulead.com/css/main.min.css
IP 34.78.252.25:0
File type ASCII text, with very long lines (65518)
Hash 47cff21534298308fde67abd81cd499d
7ee3430aea39c1ded2b22b0403f37a2f65b88621
2167f959a425770b49bea9a49a6d46e9541f4ad5d0b46c80376953cfdc3db8ac
GET /css/main.min.css HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Accept-Ranges: bytes
Cache-Control: public, max-age=2678400
Last-Modified: Tue, 15 Nov 2022 14:10:54 GMT
ETag: W/"b2182-1847ba0e9b0"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6531
Cache-Control: max-age=90123
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:53:37 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:55:40 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
st.formulead.com/assets/img/recent_winners/image-1.png
54.230.111.123200 OK 3.8 kB URL HTTP/2 st.formulead.com/assets/img/recent_winners/image-1.png
IP 54.230.111.123:0
File type PNG image data, 60 x 60, 8-bit colormap, non-interlaced\012- data
Hash 3544c46d51af2d7ce7e72def5f1ecd41
174498e2c6f397437cb10ba92ad7a8f5db455eb5
4f9869da0886842314d7e90ac344399b8ecb7a85cf817127139a84806deafaea
GET /assets/img/recent_winners/image-1.png HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3752
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
accept-ranges: bytes
access-control-allow-origin: *
date: Thu, 24 Nov 2022 15:22:50 GMT
etag: "6329dbed-ea8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4cSbjgGLWMEDabmJYD5bS3qhQT8DWhvWNfMiIMdcj8Fr4ZDkgOu6jA==
age: 66647
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 21df9eaf84285c27f6faf658cfdc7bc6
31f990665e11dfb7b2464caba5bcaf2f564bee7d
c9eda366498eca39dff0b5b8ef3a351507a0f10d8aa351ff5e45ce43fe899cf5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136180
Date: Fri, 25 Nov 2022 09:53:37 GMT
Etag: "63800195-1d7"
Expires: Sat, 26 Nov 2022 23:43:17 GMT
Last-Modified: Thu, 24 Nov 2022 23:43:17 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gNSgcj2_GLcCYCUGiiG_SqkQ6iM825sDSdLjL2ocYnbkUK0MPfOK2A==
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 21df9eaf84285c27f6faf658cfdc7bc6
31f990665e11dfb7b2464caba5bcaf2f564bee7d
c9eda366498eca39dff0b5b8ef3a351507a0f10d8aa351ff5e45ce43fe899cf5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136180
Date: Fri, 25 Nov 2022 09:53:37 GMT
Etag: "63800195-1d7"
Expires: Sat, 26 Nov 2022 23:43:17 GMT
Last-Modified: Thu, 24 Nov 2022 23:43:17 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0UuzHbndSwJ6rQju8Fl6sFAJuoIc0n54Z3fHaQLSqdhmtn8_g16uJw==
cdn.formulead.com/p/62663c8eeb14be592d224298/p.js
34.78.252.25200 OK 427 kB URL HTTP/1.1 cdn.formulead.com/p/62663c8eeb14be592d224298/p.js
IP 34.78.252.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 427 kB (426891 bytes)
Hash f312485685ea35ca20ee709d2d100525
199303187d1812f89ad86dd6006535b79f29fca5
57acae6185f992c407ebcd8d0355ca35722c6ce01618f0c226acc25264a20cf9
GET /p/62663c8eeb14be592d224298/p.js HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:36 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
set-cookie: lid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
plc=62663c8eeb14be592d224298; Path=/; Expires=Sun, 24 Nov 2024 09:53:36 GMT; Secure; SameSite=None
qst.sid=s%3AMGK74t8c3LQaBFSlJpAk1rUb2c55mjTk.DYacZtvJV9UDbuSLWpjeG2wB336bg%2B7ByuIPBfi3p0g; Path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
content2020.qubiqlabs.com/fonts/Poppins/poppins-v19-latin-regular.woff2
34.78.252.25200 OK 7.9 kB URL HTTP/1.1 content2020.qubiqlabs.com/fonts/Poppins/poppins-v19-latin-regular.woff2
IP 34.78.252.25:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Poppins/poppins-v19-latin-regular.woff2 HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: application/octet-stream
Content-Length: 7884
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:15:03 GMT
ETag: "63807987-1ecc"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 21df9eaf84285c27f6faf658cfdc7bc6
31f990665e11dfb7b2464caba5bcaf2f564bee7d
c9eda366498eca39dff0b5b8ef3a351507a0f10d8aa351ff5e45ce43fe899cf5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 09:53:37 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ICBhKbpbpiZkamKbk4L6MItShzDrxQtW7qOTakvXOyrf_51Fcjj9dg==
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/header-wap.png
104.21.30.84200 OK 10 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/header-wap.png
IP 104.21.30.84:0
File type PNG image data, 760 x 136, 8-bit colormap, non-interlaced\012- data
Hash a5efe0a3bbc25dba1e53f3299a881f01
a747d904c1a64462a0b5a4e15ad95f1909c820fc
2cd98444236955b471b32a2f86a01776f633fad250966b21e6d70e4bd2da0f0e
GET /cp/amzn_crsms_1000/gb/images/header-wap.png HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: image/png
Content-Length: 10447
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:31 GMT
ETag: "63807967-28cf"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STMvhLjE6icaIPvgo32kETS3nnngSMsKrcfbXl%2Fwk2NREPztedt9%2F%2BVmszBIMLjbkkARtG9RvMFQo0dyrWbt%2BPEThxRj3VE%2FLsfQzBvxzkMpGENa7BvtQg%2Fe1wgQ8FDS%2F%2Bhs1jnRYQLSww%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8f1c2e0b49-OSL
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/bottom_image.png
104.21.30.84200 OK 214 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/bottom_image.png
IP 104.21.30.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 683b34b2ae1ae00e975e3c26ccdab6dc
352651d5212b0cc36cb0816bff6e59a07c17173c
0f071bee0341348224f783d7d3e2dd9a37e33f5924eb4e418a4635e853eaf31f
GET /cp/amzn_crsms_1000/gb/images/bottom_image.png HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Fri, 25 Nov 2022 09:53:37 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBZvN5ChRIDlj4RrbCQ5YUISqA9rQbl9iiJAejhB2CxAeErdGF93m1Z5pXm1GqNO4WJycyU%2BoFNCRkzPMGo8eBsHOzW6P9ZAycVDhRRDo5avZo%2BoJnV91yhqrkvXzSuePELwjrt9SuAwrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8f1aa5b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/_assets/images/row_logos/en/footer3.png
104.21.30.84200 OK 3.7 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/_assets/images/row_logos/en/footer3.png
IP 104.21.30.84:0
File type PNG image data, 220 x 72, 8-bit colormap, non-interlaced\012- data
Hash ca9d54dc3fc866e4d1b3f6426bb1f242
7284ab2178704740c2c3e782a0612cdc54201191
c8b335270a3583d898e18817e8e9b42d8775e214a3994745c48291a50ee040a3
GET /cp/_assets/images/row_logos/en/footer3.png HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: image/png
Content-Length: 3734
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:13 GMT
ETag: "63807955-e96"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RryRn%2B30hZEFua4U6QcP%2BmywIFd%2BnEwbgzxRG2oEXf3H2sTtyH8cCRgNpZs3By9vh%2BsdbDJ80RvJOyMlbQGHWAtKMFPee01cDS%2FKz5tSJnHCl%2BQu7L7kIfRhSwci40on3gakNdC7zT2s%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8f1dfab4f9-OSL
alt-svc: h2=":443"; ma=60
cdn.formulead.com/v/country
34.78.252.25200 OK 51 B URL HTTP/1.1 cdn.formulead.com/v/country
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91440c116c92d75cfc02cd72bd060a82
591d3adc1d1d80e012b0dd0214df1f0438ae37f5
1b35c679adcfb2f8fbf92afcaf9f7a741f3c6273503a54b6c55448e1b2807c80
GET /v/country HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 51
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"33-WR063B0dgOASsN0CFN8fBDiuN/U"
set-cookie: qst.sid=s%3AaokmgDdQpxb8VA8zyT73nmicWsQ8c23e.%2B%2B1qtS59ORd%2Beq0AGlguGKLi8YBNV5uz1DAD8QP33m0; Path=/; HttpOnly
Vary: Accept-Encoding
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/bottom_image.gif
104.21.30.84200 OK 214 B URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/bottom_image.gif
IP 104.21.30.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 683b34b2ae1ae00e975e3c26ccdab6dc
352651d5212b0cc36cb0816bff6e59a07c17173c
0f071bee0341348224f783d7d3e2dd9a37e33f5924eb4e418a4635e853eaf31f
GET /cp/amzn_crsms_1000/gb/images/bottom_image.gif HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Fri, 25 Nov 2022 09:53:37 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0VTuDKGkI8fEuk0LPAPNyY4gzWt7JZxYll5gd02dQM6XU2wdVecMeNcHzcIzdxDOa%2FfwTUGSY7BkOsbHaoVPbiaa03frTLjOr38%2BpoMDKC00GSQMCgcm4haVou5SwLv%2FWunnsMH2uW6sw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8f5c630b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/title_image.png
104.21.30.84200 OK 67 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/title_image.png
IP 104.21.30.84:0
File type PNG image data, 300 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f5620b5c8bae17ed819e013155fa8a8
a7b1e780bef65d79c853fd72d5e5f1b6d242c3f0
480556c3001bb00b37bae56b6cb9893d03adb9f7a3a0da9d0c50e073b7273dd7
GET /cp/amzn_crsms_1000/gb/images/title_image.png HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: image/png
Content-Length: 66765
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:31 GMT
ETag: "63807967-104cd"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkeA20XnC770Rbi04ZH52LSv0Pn5uKrLhGlQr4g9s1BwvmE8AskHMYV6FPjDHJaLgMTRl4ABlEVUfnU7WBsXGJ3wBck6zWlCvbu62mvbStQN6LCbmLwrt2BPE95ziEcJXveIUtIwP9Zq4w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8f1982b50b-OSL
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/prize.png
104.21.30.84200 OK 90 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/prize.png
IP 104.21.30.84:0
File type PNG image data, 580 x 513, 8-bit colormap, non-interlaced\012- data
Hash 0ea8863e115dba8ec3cb568943dea620
89b77fec612c8e2a4bcb419649a0a1dadb7b9357
d96292158139c19e31d081727f53b64ae27d6cfe6818bb13cd4abff3b7d9c597
GET /cp/amzn_crsms_1000/gb/images/prize.png HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: image/png
Content-Length: 90400
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:31 GMT
ETag: "63807967-16120"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZDNhUM5m2iQrfWg8ppwLwehYunbypuGEwpcaSCpo5kXRoUKZYH9zX5TkwitzlAIRy%2BiX%2FlA0nfyTdfxVZdbIXZ6bbDyCrzuEhhVh1gXSGZj411lONVRqEbognvdzrk0DFvkm5SajHN0mw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8f1e980b69-OSL
alt-svc: h2=":443"; ma=60
amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/background.jpg
104.21.30.84200 OK 157 kB URL HTTP/1.1 amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/images/background.jpg
IP 104.21.30.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x1174, components 3\012- data
Size 157 kB (156713 bytes)
Hash c59a86e1f08ffce5b7589f7c982bec96
84c7c977175e3c1e8f1d2bff991913f639582614
da79db22348220e733a7f00b2ac2198ff8a7e6ae4f1af0690b35ea1926974fe1
GET /cp/amzn_crsms_1000/gb/images/background.jpg HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/css/campaign.css
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: image/jpeg
Content-Length: 156713
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:31 GMT
ETag: "63807967-26429"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGOXuIqOl01NqLvcF172cy6L2npJztpy9rkwmmp1D39FXzVoA9NHx38UaD2FSbWaKe6i%2FHoYEBdhmQvUD0Co%2BVKHx%2FuKbx4R5XFHTggvOZMmp2qlsr5Lqx2osFM64E0KnIR%2Bsx1ihiC9eA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f8f1af0b51d-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
52.89.114.252101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.114.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 28Q7SfjOHCFAf2FTD3iSBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +sV06vrW/2E70rkeDsweXieErEI=
amazon.quiztionnaire.uk/favicon.ico
104.21.30.84200 OK 566 B URL HTTP/1.1 amazon.quiztionnaire.uk/favicon.ico
IP 104.21.30.84:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7509350b3ddaf9b4dc8756c61598ac98
f9d27f35d792c36ce4f1ec307563a476c07506ab
bf654afb35dc2ffe110aa8484290126bf5c928e5a66b175b2500e9ba426ec112
GET /favicon.ico HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/amzn_crsms_1000/gb/index.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:15:03 GMT
ETag: W/"63807987-47e"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5D6Y9k%2FtgZXNzd%2FaEsq6D1tnjLdvt6w9Xpg8KQlZQqpinjNmXI55X%2FM%2Fto5flCg7pDV6byGbW9pYgrrnthstuvzCndfTzBzukVbr7UhkZ%2Bw0J%2BvCnEELz7hBjiJIv0MH8yih6AW3vFlFA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f904d66b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.formulead.com/p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=initial
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:53:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 2a1f1b94d15f7574926aaf6b01fd9134
c2ae255da35bd16ba364e83bbdf88d03b64e435c
3cdeb8f735f3a56a71b449ae7f2dcf5e70a6110d16ec6673926da9b373dda90c
GET /recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu- HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 25 Nov 2022 09:53:37 GMT
date: Fri, 25 Nov 2022 09:53:37 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.formulead.com/p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=initial
34.78.252.25200 OK 5.5 kB URL HTTP/1.1 cdn.formulead.com/p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (22983), with no line terminators
Hash 6b32fed1d807946e2563141cfead810a
e7d3df3d7dde152dd1726202030caa1c87e00bfe
e549c1f251fd7f74bbacce15da01bf6c887f9b620823866f805bc98497fa315a
GET /p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk.DYacZtvJV9UDbuSLWpjeG2wB336bg+7ByuIPBfi3p0g
X-Request-Id: d2004467f6b6a4aa8a80a61d
X-iivmxswc: 36898ff70afdbae4aecf2207b6ca61a165f1600d6e90e8173328262880e5e27a
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Cookie: plc=62663c8eeb14be592d224298
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:37 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: stp=1; Path=/; Expires=Sun, 24 Nov 2024 09:53:37 GMT; Secure; SameSite=None
ck_tsp=2022-11-25T09%3A53%3A37.609Z; Path=/; Expires=Sun, 24 Nov 2024 09:53:37 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Sun, 24 Nov 2024 09:53:37 GMT; Secure; SameSite=None
ETag: W/"5a9e-+cxHGgyH34LuKELtp33wrGI3aaI"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:53:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:38 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: d2004467f6b6a4aa8a80a61d
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Cookie: plc=62663c8eeb14be592d224298; stp=1; ck_tsp=2022-11-25T09%3A53%3A37.609Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:38 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
set-cookie: qst.sid=s%3AxhJMuk5JEDmd5225V8WEUU4SjIBdDFgx.YsfGFUiyzWWqvbr8PcIQ8cCIMfdrZVL%2BolRisH57Zrw; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:38 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
content2020.qubiqlabs.com/fonts/myriad-pro/MyriadPro-Regular.woff
34.78.252.25200 OK 52 kB URL HTTP/1.1 content2020.qubiqlabs.com/fonts/myriad-pro/MyriadPro-Regular.woff
IP 34.78.252.25:0
File type Web Open Font Format, CFF, length 51572, version 0.0\012- data
Hash 6a324f29ef3efabd2176f8b697ad71ed
dd696f0c713eb491c6e16bec9fda63f3f23999ba
6d64c461708b8f11e06451c96779d22fc2b8de582214c77493ecc57c32ede06e
Analyzer Verdict Alert fortinet Phishing
GET /fonts/myriad-pro/MyriadPro-Regular.woff HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:38 GMT
Content-Type: application/font-woff
Content-Length: 51572
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:15:03 GMT
ETag: "63807987-c974"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: d2004467f6b6a4aa8a80a61d
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Cookie: plc=62663c8eeb14be592d224298; stp=1; ck_tsp=2022-11-25T09%3A53%3A37.609Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:38 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
set-cookie: qst.sid=s%3A9t8UKSlZCa3oRyOciy3xxJcLnHdKQj1_.Y0%2BG7g%2FKNMPCmqAdoIZC8x2sr%2FqH2%2FXiM0%2B0XQ%2FRMng; Path=/; HttpOnly
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:53:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 08:12:22 GMT
expires: Sat, 25 Nov 2023 08:12:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 6076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:53:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
st.formulead.com/assets/js/dl_modified.js
54.230.111.123200 OK 1.5 kB URL HTTP/2 st.formulead.com/assets/js/dl_modified.js
IP 54.230.111.123:0
Hash 5746f0945d1604fff4e06cf23783f0dc
28ed6653f3db5fa8e29ff753cdff81c2fec0155e
cfd365192f53222fb19d5c5b8a2f450a913fcad97a93442609a370fd1a8a0638
GET /assets/js/dl_modified.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 24 Nov 2022 15:52:45 GMT
etag: W/"6329dbed-132f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QT0AObKlulGJRgqSU9t36xqP0m2-bfk7GdLNjclP1JcHcWjCqc3rpg==
age: 64853
X-Firefox-Spdy: h2
cdn.formulead.com/p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=full
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=full
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:38 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17902
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:53:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17902
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:53:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17902
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:53:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17902
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:53:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17902
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:53:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 43088
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 43133
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 19838
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 42366
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
amazon.quiztionnaire.uk/assets/svg/check/check.svg
104.21.30.84200 OK 182 B URL HTTP/1.1 amazon.quiztionnaire.uk/assets/svg/check/check.svg
IP 104.21.30.84:0
Hash e0401ce86795b1fa17d6eb33f6028164
c7179861f916154fa5853ef7f293a108832b9da9
de3a211f9e9d2213c6ef6fad9f1592394b020b1a5c4a103a307d94ba88a0a242
Analyzer Verdict Alert fortinet Phishing
GET /assets/svg/check/check.svg HTTP/1.1
Host: amazon.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/cp/_assets/css/style.css
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:53:38 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:14:12 GMT
ETag: W/"63807954-fa"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQt3%2Fg8vM7gkxF187riQAU3CZItq1XaoJ5ictqZvDU5AOL8eej0mNeQUfg6sPI0BY3BqLzvHGHj4BnjB8IimpIHQ9xKmVFOivNglUbZUK1SlovGFLvhcy%2FZAblEauBKhKOCIQgYEZXQilQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f97f9809d7b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:35:26 GMT
age: 8292
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d43ec6824d4fdc4d31b8c245bf8c5849
81f85633fca39972d8e0bf9a4ec7cd999e54564f
b0e521b23879af86102f46a9ec412faf6345df31a97a7b58880f63f81fdcd0c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7900
x-amzn-requestid: a9d184b1-3b4a-4ca6-9ad2-ce3aac10f422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB91H2IIAMFjGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38b-5732361f36c023c22c922ee9;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cRreyOCHys8rW4UWA3JSMhtOiiltT6ULxxgi9aLM7sw07UruCXgPkQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:13:14 GMT
age: 42024
etag: "81f85633fca39972d8e0bf9a4ec7cd999e54564f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e5f442b51ded271208739a4b0de61907
53f23792cfdf5a52d4441a2b0f4b0b701303389e
2ec1be792ad0fe7506b0c656602f0ad76bfaa4a58a20311263664b5505632bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5683
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:53:38 GMT
Last-Modified: Fri, 25 Nov 2022 08:18:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
cdn.formulead.com/t/errors
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/t/errors
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/errors HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:38 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/errors
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/t/errors
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/errors HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk.DYacZtvJV9UDbuSLWpjeG2wB336bg+7ByuIPBfi3p0g
Content-Type: application/json
Content-Length: 153
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:38 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
event.trk-consulatu.com/register/event_log/l4ev5zv6g1
172.64.168.3200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/l4ev5zv6g1
IP 172.64.168.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/l4ev5zv6g1 HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:53:38 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://amazon.quiztionnaire.uk
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qtnDeHNGwiY90YdC3Mql%2BeqrCPgszpaAwhkq5yBDlUuJsQHGpfSThNuKL%2Bckc5y1umgLrsUDMNJaLmdhAqWLtHicYteB%2BOUD4m3KxrmDy5yZs5ROixsGcia1j1nRn5e53zn7Fgb%2FubOvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f97f993dda73df-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 508900
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 43642
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/l4ev5zv6g1
172.64.168.3200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/l4ev5zv6g1
IP 172.64.168.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/l4ev5zv6g1 HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://amazon.quiztionnaire.uk/
Content-type: application/json
Origin: http://amazon.quiztionnaire.uk
Content-Length: 103
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:53:39 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://amazon.quiztionnaire.uk
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdmv0MQItd4Em2B9ZHNY1WL%2FDEebiUaw3r9PRlgryV9sep6Hi7yYALWogWhbzix3drmJ36PYeO3CGr9M%2FjqGssZmEH%2FXRE9T7Cj0vRwC2hUNp%2Fwic6QoygSxQ8tzM8Ti7cxW54d2EG8VwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f97f9a7f7c73df-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.formulead.com/t/validator
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/t/validator
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/validator HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:39 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/recaptcha3?token=03AEkXODAkdKpbz7q7dWJFW8RJnow8cp_MR0_78pWaEbD1nLb8u1FoggObvbrjkosRxlidXp6gr9JT3AH5HgI2ywTx1fNnJG9F4CZDOveg23z3kplRf1xlkGrhDBideSvQOoaWvngkZgWT5kvMafX8MTtgxeJfkfHoZyBEj7Dj_w5ug0p6gHEv2xFmjQH4KwRAwaXUOGoQk058FNMzx05pEHFcwBToU92_akVg7hjItAVE9dXDGuCuuqhORVEYe9uEIoWQfLLPPwyQRn3LIDDXnOykxZ1xuGwNS8gJKUCslWq2sP4VvCKE_B9hSMGezGgSq2F9whZE3o03VZWZ25Jgqe_qCCAJhpWGTAjnDr7BiVowFRph7hSvK0GfKv2Sszru28Coo3gHgrHrIcIOYwZDPo5IB8p_9-nmQrt3d9bfc7WhoY-lUjd0X5-4zLonlbVF_wD_t230x_t6wGpF7lDXUZmNkFBh-jBezrexLNBU6AfAtl9VUPcuoysWVJUSFATFYckHaIGbbhp3j-3fREsRU6aYYA_GCmBtQA&step=1
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AEkXODAkdKpbz7q7dWJFW8RJnow8cp_MR0_78pWaEbD1nLb8u1FoggObvbrjkosRxlidXp6gr9JT3AH5HgI2ywTx1fNnJG9F4CZDOveg23z3kplRf1xlkGrhDBideSvQOoaWvngkZgWT5kvMafX8MTtgxeJfkfHoZyBEj7Dj_w5ug0p6gHEv2xFmjQH4KwRAwaXUOGoQk058FNMzx05pEHFcwBToU92_akVg7hjItAVE9dXDGuCuuqhORVEYe9uEIoWQfLLPPwyQRn3LIDDXnOykxZ1xuGwNS8gJKUCslWq2sP4VvCKE_B9hSMGezGgSq2F9whZE3o03VZWZ25Jgqe_qCCAJhpWGTAjnDr7BiVowFRph7hSvK0GfKv2Sszru28Coo3gHgrHrIcIOYwZDPo5IB8p_9-nmQrt3d9bfc7WhoY-lUjd0X5-4zLonlbVF_wD_t230x_t6wGpF7lDXUZmNkFBh-jBezrexLNBU6AfAtl9VUPcuoysWVJUSFATFYckHaIGbbhp3j-3fREsRU6aYYA_GCmBtQA&step=1
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/recaptcha3?token=03AEkXODAkdKpbz7q7dWJFW8RJnow8cp_MR0_78pWaEbD1nLb8u1FoggObvbrjkosRxlidXp6gr9JT3AH5HgI2ywTx1fNnJG9F4CZDOveg23z3kplRf1xlkGrhDBideSvQOoaWvngkZgWT5kvMafX8MTtgxeJfkfHoZyBEj7Dj_w5ug0p6gHEv2xFmjQH4KwRAwaXUOGoQk058FNMzx05pEHFcwBToU92_akVg7hjItAVE9dXDGuCuuqhORVEYe9uEIoWQfLLPPwyQRn3LIDDXnOykxZ1xuGwNS8gJKUCslWq2sP4VvCKE_B9hSMGezGgSq2F9whZE3o03VZWZ25Jgqe_qCCAJhpWGTAjnDr7BiVowFRph7hSvK0GfKv2Sszru28Coo3gHgrHrIcIOYwZDPo5IB8p_9-nmQrt3d9bfc7WhoY-lUjd0X5-4zLonlbVF_wD_t230x_t6wGpF7lDXUZmNkFBh-jBezrexLNBU6AfAtl9VUPcuoysWVJUSFATFYckHaIGbbhp3j-3fREsRU6aYYA_GCmBtQA&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:39 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/validator
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/t/validator
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/validator HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk.DYacZtvJV9UDbuSLWpjeG2wB336bg+7ByuIPBfi3p0g
Content-Type: application/json
Content-Length: 1854
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
cdn.formulead.com/v/recaptcha3?token=03AEkXODAkdKpbz7q7dWJFW8RJnow8cp_MR0_78pWaEbD1nLb8u1FoggObvbrjkosRxlidXp6gr9JT3AH5HgI2ywTx1fNnJG9F4CZDOveg23z3kplRf1xlkGrhDBideSvQOoaWvngkZgWT5kvMafX8MTtgxeJfkfHoZyBEj7Dj_w5ug0p6gHEv2xFmjQH4KwRAwaXUOGoQk058FNMzx05pEHFcwBToU92_akVg7hjItAVE9dXDGuCuuqhORVEYe9uEIoWQfLLPPwyQRn3LIDDXnOykxZ1xuGwNS8gJKUCslWq2sP4VvCKE_B9hSMGezGgSq2F9whZE3o03VZWZ25Jgqe_qCCAJhpWGTAjnDr7BiVowFRph7hSvK0GfKv2Sszru28Coo3gHgrHrIcIOYwZDPo5IB8p_9-nmQrt3d9bfc7WhoY-lUjd0X5-4zLonlbVF_wD_t230x_t6wGpF7lDXUZmNkFBh-jBezrexLNBU6AfAtl9VUPcuoysWVJUSFATFYckHaIGbbhp3j-3fREsRU6aYYA_GCmBtQA&step=1
34.78.252.25200 OK 170 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AEkXODAkdKpbz7q7dWJFW8RJnow8cp_MR0_78pWaEbD1nLb8u1FoggObvbrjkosRxlidXp6gr9JT3AH5HgI2ywTx1fNnJG9F4CZDOveg23z3kplRf1xlkGrhDBideSvQOoaWvngkZgWT5kvMafX8MTtgxeJfkfHoZyBEj7Dj_w5ug0p6gHEv2xFmjQH4KwRAwaXUOGoQk058FNMzx05pEHFcwBToU92_akVg7hjItAVE9dXDGuCuuqhORVEYe9uEIoWQfLLPPwyQRn3LIDDXnOykxZ1xuGwNS8gJKUCslWq2sP4VvCKE_B9hSMGezGgSq2F9whZE3o03VZWZ25Jgqe_qCCAJhpWGTAjnDr7BiVowFRph7hSvK0GfKv2Sszru28Coo3gHgrHrIcIOYwZDPo5IB8p_9-nmQrt3d9bfc7WhoY-lUjd0X5-4zLonlbVF_wD_t230x_t6wGpF7lDXUZmNkFBh-jBezrexLNBU6AfAtl9VUPcuoysWVJUSFATFYckHaIGbbhp3j-3fREsRU6aYYA_GCmBtQA&step=1
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4d3e120c59bcaccc2d221ab4608acc66
c8aa8fe1d1f2e215a1af15f2b75e32ab5f51b88d
d57dff9ba385656f1c54d3bccfe2ccac340904f68a02e7436e5e308998d8cfc9
GET /v/recaptcha3?token=03AEkXODAkdKpbz7q7dWJFW8RJnow8cp_MR0_78pWaEbD1nLb8u1FoggObvbrjkosRxlidXp6gr9JT3AH5HgI2ywTx1fNnJG9F4CZDOveg23z3kplRf1xlkGrhDBideSvQOoaWvngkZgWT5kvMafX8MTtgxeJfkfHoZyBEj7Dj_w5ug0p6gHEv2xFmjQH4KwRAwaXUOGoQk058FNMzx05pEHFcwBToU92_akVg7hjItAVE9dXDGuCuuqhORVEYe9uEIoWQfLLPPwyQRn3LIDDXnOykxZ1xuGwNS8gJKUCslWq2sP4VvCKE_B9hSMGezGgSq2F9whZE3o03VZWZ25Jgqe_qCCAJhpWGTAjnDr7BiVowFRph7hSvK0GfKv2Sszru28Coo3gHgrHrIcIOYwZDPo5IB8p_9-nmQrt3d9bfc7WhoY-lUjd0X5-4zLonlbVF_wD_t230x_t6wGpF7lDXUZmNkFBh-jBezrexLNBU6AfAtl9VUPcuoysWVJUSFATFYckHaIGbbhp3j-3fREsRU6aYYA_GCmBtQA&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: d2004467f6b6a4aa8a80a61d
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Cookie: plc=62663c8eeb14be592d224298; stp=1; ck_tsp=2022-11-25T09%3A53%3A37.609Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 170
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"aa-yKqP4dHy4hWhrxXyt14yq19RuI0"
set-cookie: qst.sid=s%3A3W3Vy6A-9yslgWXapspoXu2wGgY3PPYw.a%2FAEMCDqGoQQyeRjhel48EwHXiOwCQTinEbh9MrMmEA; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/t/page
34.78.252.25200 OK 2 B IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:39 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=full
34.78.252.25200 OK 70 kB URL HTTP/1.1 cdn.formulead.com/p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=full
IP 34.78.252.25:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65223), with no line terminators
Hash f2d5ec64b23e2837c54d358ecdee06a6
315b1fdfc7160ae2892e6a3d2600b6ebe3219ba3
fe5a033dddcc270eff116026d290ddfbddac10fd68df47e419ee6a62640497e9
GET /p/62663c8eeb14be592d224298/feed?sc_domain=amazon.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=62663c8eeb14be592d224298&qb_offer_id=607e975a6e70d9ef7767c232&qb_flow_id=607e975a6e70d9ef7767c232&qb_vendor_id=570e5c924ce290010026cc24&qb_country=GB&ql_session_id=MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk&sc_url=http%3A%2F%2Famazon.quiztionnaire.uk%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fcp%2Famzn_crsms_1000%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Famazon.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Famzn_crsms_1000%2Fgb%2Findex.html&stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk.DYacZtvJV9UDbuSLWpjeG2wB336bg+7ByuIPBfi3p0g
X-Request-Id: d2004467f6b6a4aa8a80a61d
X-iivmxswc: 36898ff70afdbae4aecf2207b6ca61a165f1600d6e90e8173328262880e5e27a
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Cookie: plc=62663c8eeb14be592d224298; stp=1; ck_tsp=2022-11-25T09%3A53%3A37.609Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:41 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: stp=1; Path=/; Expires=Sun, 24 Nov 2024 09:53:38 GMT; Secure; SameSite=None
ck_tsp=2022-11-25T09%3A53%3A38.564Z; Path=/; Expires=Sun, 24 Nov 2024 09:53:38 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Sun, 24 Nov 2024 09:53:38 GMT; Secure; SameSite=None
ETag: W/"40ee7-3ZS4hyeV2sA4DWmiUY48cl0yqhA"
Vary: Accept-Encoding
Content-Encoding: gzip
cdn.formulead.com/t/page
34.78.252.25200 OK 16 B IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:MGK74t8c3LQaBFSlJpAk1rUb2c55mjTk.DYacZtvJV9UDbuSLWpjeG2wB336bg+7ByuIPBfi3p0g
Content-Type: application/json
Content-Length: 116
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Fri, 25 Nov 2022 09:53:43 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://amazon.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
st.formulead.com/assets/img/spinner/puff.svg
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/img/spinner/puff.svg
IP 54.230.111.123:0
GET /assets/img/spinner/puff.svg HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 25 Nov 2022 00:15:58 GMT
etag: W/"6329dbed-5b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hYbiZTPGsOxGQU53UTAi9qRlkLYnrv2htd7mdtvVCo_G-6uwAsHEog==
age: 34659
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108
172.64.203.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108
IP 172.64.203.28:0
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:53:36 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 329cb27be8d7871661ed5a94ecaacb28.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: oZ2wtmQd34D28hwyc7-ge4uvrTvtqgNwJUPm4hzeG-njVzxKtj9h0w==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVJLY8dGEOPwkYlkApf9nWGtpRnW5y852ctMLxTKQLqNjvawR4QsTQeQ3UgLxddvT53VSzvSiOkDF%2FlrqJTn1iJrR8Tr00S4EMipYZGvFPu0QP2dnhkwa0ROtSg9ya6AXPn6RR%2FE%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f97f8d28327423-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
st.formulead.com/assets/css/recent_winners.css
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/css/recent_winners.css
IP 54.230.111.123:0
GET /assets/css/recent_winners.css HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 24 Nov 2022 12:49:16 GMT
etag: W/"6329dbed-461"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FAYR01twAVOV63xPEuEF-S__O0DTgCT3-dsI9sAFVsxZFK-WXAYUBg==
age: 75861
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108
172.64.203.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108
IP 172.64.203.28:0
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:53:36 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: oA-Eq6Nin4Vcv82_MkX2KudvDp30b4A6YeMJlkbHFuWBT-b8sE-IsA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6NVTAemEQBBjGOZMvBE9MPGBq4YYjz32D2mkPo4RP33vHLGSts7iQ8sA%2F2NLFB4262SpboRkgjVq%2B2hFmMiuNfV8ye6jQcZDp5k2Fe1FYsTq1P5ak42xK08hCSY2flPTE4NAvdu5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f97f8d28347423-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=0711a5d108
172.64.203.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=0711a5d108
IP 172.64.203.28:0
GET /releases/v5.15.4/css/free.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://amazon.quiztionnaire.uk/
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:53:36 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 717666fbcd9eb8ed70d0f46dd99d0448.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: -NxHNcqtbFTm-UZrkYARst2wB8NdWSuevUZcBNKOoGdaM9t4iqn4bQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIxQW%2FUsyqE%2BkQaMXjECUo8J5AKKRtp2ewhf1BUmYIMgD3dB1kyutqoD9jbSJ2SiP%2F5f%2BL1KMp7PV9d%2By52wMHXC8KWu1nb0dQ71Fr2xbHKuCHHRlBvt8dWKW2FybhSro9hBVHDuNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f97f8d18297423-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
st.formulead.com/assets/js/bioep.min.js
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/js/bioep.min.js
IP 54.230.111.123:0
GET /assets/js/bioep.min.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 24 Nov 2022 12:43:19 GMT
etag: W/"6329dbed-14c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ipsFm1687TJpQfnQa9wZVJ-FMVopvjoucl_6femiuu38kfFzr4Hdyg==
age: 76218
X-Firefox-Spdy: h2
trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=amazon.quiztionnaire.uk
172.64.168.3200 OK 0 B URL HTTP/2 trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=amazon.quiztionnaire.uk
IP 172.64.168.3:0
GET /scripts/push/script/z75dnkdk4q?url=amazon.quiztionnaire.uk HTTP/1.1
Host: trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:53:38 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upeSF7BqnHNkW2KSlnJ2wKOdSV9xJGKXsVFnhrsoEL0xF9g2%2BX6je6lTqcuJwrNDGvdJdeMnfOxzffz9FVVsRomAicYk7yUi2Uw7tbnktahy5FvXqBxxYL8wI1r4YpwjUTCa4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f97f97c883891e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kit.fontawesome.com/0711a5d108.js
104.18.23.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/0711a5d108.js
IP 104.18.23.52:0
GET /0711a5d108.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://amazon.quiztionnaire.uk
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:53:36 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyrLL3fz3nTiTL8hvbJi
cf-cache-status: MISS
server: cloudflare
cf-ray: 76f97f8a8dcc0b45-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
st.formulead.com/assets/js/helpers.js
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/js/helpers.js
IP 54.230.111.123:0
GET /assets/js/helpers.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://amazon.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 24 Nov 2022 12:15:57 GMT
etag: W/"6329dbed-fefc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aIJ0Eo0NBqmcvrzv9yKjK1V3bPY5MY6Ucl9Rf5Vmqu26cX1BzNaK9g==
age: 77860
X-Firefox-Spdy: h2