cddtsecure.com/?a=43588&c=318080&co=91932&mt=18&s2=SQPRXsQJB41TBFGBAyccoC
63.34.237.166302 Found 243 B URL HTTP/1.1 cddtsecure.com/?a=43588&c=318080&co=91932&mt=18&s2=SQPRXsQJB41TBFGBAyccoC
IP 63.34.237.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d900d607e933d48104eb747b6cc95184
af00bf015c4064865b9961dfc59eb9a47a183761
618e4e3590bd11d411b30cbc689b93af06b715686e21b576ef39e367022cc542
GET /?a=43588&c=318080&co=91932&mt=18&s2=SQPRXsQJB41TBFGBAyccoC HTTP/1.1
Host: cddtsecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 06 Feb 2023 06:45:38 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: gdm_sid_v2_3_001=LeX0MXvT7fByCE79vsWVh2D0jFeVJSd8/9JZ+iER8A/wxEsKaxEIFNV9wdsuN+wSpJL5qzr1oodTo/V5A17+h0D+4ZZ7mIPUq87/aZRlGDgbkQoWdv0rUEdjKZXcm734Y06+EKO8nb90bdewUCsli/ClEE7MHlZNyRKgdp7Pla71XX0usz74P/SKOJOxssPMmhxUdK+eceaf+MhtWrhPItqBtpC5meYZSDILCMCMARYYVDnn7O1z2So7L4h6OIkcTPgfCL6AMqAc5oALA6nsxxVoyIPxfIxbY55+GPmdqGJFjrB/Kyaa2nF4sE7mrgqVui3KNmVqs1kyEwL0asz4ZnBT2hNhEmSaIiYamGHBU/GDEeg0xTAl+We9EG68IDIe+2OFnbB1XoNWC6ingRb4bh3RUntjiCh+ZKBf94hqtlbAKOeCiWC1X8dk8FL6tJT75xJL0xdPE/HzobeVcdFRQeKFPIeXh8awitJPmxPlF5u7bHVQC/sVzu70qkcCFoSa7gD8fDYiHTgKn8pFLnOIDwrwa0RWBZAnfmAfvru6vrxGdIoc/oedd1fgjVZtxpStn7PQjBcezVZJbVID1qPUJ/hDYXSDyOc+wP76ywRIEtVxH2hGTq4iIrEOGk5jt8sz2Yp8c3+fV1xckDJcrcMlZtB6T8y5D+eZOlNJmUsiYcgQPOO7thM4TqtAYMzlCIDyVrKRx8c/hrnVqfRPFFrGPTp+QZYt/PLxlbvhwGgVp5H2jv3WZ6VF9SD1euKSbMePF9rkfkbTQhpMG32Tdynoe7+MQmgdqiWuOcbfWSwX9EU32ABeXxSGS4CiDjHoDHjXGb7sgLjAVle1Dtpu0xCb9ZCLXQRUcb4ibzacqNiBc0CvHwi4GIlmKZNmybjGwI4ygbex7/enk/HhpgRKWA7VZe2X+2H+TKf3T3GINR/FOkD7WxUGuEQ94G55hFUkZOrADiluaQJ+beOOXOumD29rtGq/KyMKcFGrH00Z4KIHxrfNpEYBvBmSeFzkwSCXsEboLX7Isbp0HYI62YxcjOsWvg==; Domain=.cddtsecure.com; Expires=Sun, 07-May-2023 06:45:38 GMT; Path=/; Secure; SameSite=None
gdm_click_freq_v2_1_001=bfK8z5UDo04kDjzc8YCbxltN601zE2zWcXVn/tYmHUZX9GrjVXdtwZSJLABVOmAR; Domain=.cddtsecure.com; Expires=Sun, 07-May-2023 06:45:38 GMT; Path=/; Secure; SameSite=None
gdm_click_freq_v1_1_001=bfK8z5UDo04kDjzc8YCbxltN601zE2zWcXVn/tYmHUZX9GrjVXdtwZSJLABVOmAR; Domain=.cddtsecure.com; Expires=Sun, 07-May-2023 06:45:38 GMT; Path=/
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cddtsecure.com; Expires=Sun, 07-May-2023 06:45:38 GMT; Path=/; Secure; SameSite=None
gdm_uid_v1_1_001=MYl93ebv1TIlnJJoAF5eERU5CJCjO5c8+A7hBOTNL8L0XhRDkQmd+fXyNzUB1s7P; Domain=.cddtsecure.com; Expires=Sun, 07-May-2023 06:45:38 GMT; Path=/
gdm_sid_v1_3_001=LeX0MXvT7fByCE79vsWVh2D0jFeVJSd8/9JZ+iER8A/wxEsKaxEIFNV9wdsuN+wSpJL5qzr1oodTo/V5A17+h0D+4ZZ7mIPUq87/aZRlGDgbkQoWdv0rUEdjKZXcm734Y06+EKO8nb90bdewUCsli/ClEE7MHlZNyRKgdp7Pla71XX0usz74P/SKOJOxssPMmhxUdK+eceaf+MhtWrhPItqBtpC5meYZSDILCMCMARYYVDnn7O1z2So7L4h6OIkcTPgfCL6AMqAc5oALA6nsxxVoyIPxfIxbY55+GPmdqGJFjrB/Kyaa2nF4sE7mrgqVui3KNmVqs1kyEwL0asz4ZnBT2hNhEmSaIiYamGHBU/GDEeg0xTAl+We9EG68IDIe+2OFnbB1XoNWC6ingRb4bh3RUntjiCh+ZKBf94hqtlbAKOeCiWC1X8dk8FL6tJT75xJL0xdPE/HzobeVcdFRQeKFPIeXh8awitJPmxPlF5u7bHVQC/sVzu70qkcCFoSa7gD8fDYiHTgKn8pFLnOIDwrwa0RWBZAnfmAfvru6vrxGdIoc/oedd1fgjVZtxpStn7PQjBcezVZJbVID1qPUJ/hDYXSDyOc+wP76ywRIEtVxH2hGTq4iIrEOGk5jt8sz2Yp8c3+fV1xckDJcrcMlZtB6T8y5D+eZOlNJmUsiYcgQPOO7thM4TqtAYMzlCIDyVrKRx8c/hrnVqfRPFFrGPTp+QZYt/PLxlbvhwGgVp5H2jv3WZ6VF9SD1euKSbMePF9rkfkbTQhpMG32Tdynoe7+MQmgdqiWuOcbfWSwX9EU32ABeXxSGS4CiDjHoDHjXGb7sgLjAVle1Dtpu0xCb9ZCLXQRUcb4ibzacqNiBc0CvHwi4GIlmKZNmybjGwI4ygbex7/enk/HhpgRKWA7VZe2X+2H+TKf3T3GINR/FOkD7WxUGuEQ94G55hFUkZOrADiluaQJ+beOOXOumD29rtGq/KyMKcFGrH00Z4KIHxrfNpEYBvBmSeFzkwSCXsEboLX7Isbp0HYI62YxcjOsWvg==; Domain=.cddtsecure.com; Expires=Sun, 07-May-2023 06:45:38 GMT; Path=/
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cddtsecure.com; Expires=Sun, 07-May-2023 06:45:38 GMT; Path=/
gdm_click_adv_freq_v2_1_001=B6XtSNf0/Fok3GcB4BTdMhxNPOjmIKL4AI8pIpyeuq6DTRbBM91jxZjrLb7BKP7i; Domain=.cddtsecure.com; Expires=Sun, 07-May-2023 06:45:38 GMT; Path=/; Secure; SameSite=None
gdm_click_adv_freq_v1_1_001=B6XtSNf0/Fok3GcB4BTdMhxNPOjmIKL4AI8pIpyeuq6DTRbBM91jxZjrLb7BKP7i; Domain=.cddtsecure.com; Expires=Sun, 07-May-2023 06:45:38 GMT; Path=/
gdm_uid_v2_1_001=MYl93ebv1TIlnJJoAF5eERU5CJCjO5c8+A7hBOTNL8L0XhRDkQmd+fXyNzUB1s7P; Domain=.cddtsecure.com; Expires=Sun, 07-May-2023 06:45:38 GMT; Path=/; Secure; SameSite=None
Location: https://ujn.nowsubmission.com//?kw=43588&s1=e3cafacdc3cb435d808f294a31a2d4721e1bf&s2=
Content-Language: en-US
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17526
Expires: Mon, 06 Feb 2023 11:37:44 GMT
Date: Mon, 06 Feb 2023 06:45:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3159
Expires: Mon, 06 Feb 2023 07:38:17 GMT
Date: Mon, 06 Feb 2023 06:45:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 06:36:27 GMT
content-type: application/json
age: 551
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9224
Expires: Mon, 06 Feb 2023 09:19:22 GMT
Date: Mon, 06 Feb 2023 06:45:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CDdlaWITnndIbWo1rkzlibHkpTTMyLRLLIZSi2qcSQIBpmroFFUC5tsHfGSKCX7pK33fa2WIrnw=
x-amz-request-id: HSHV3HGF77DRTDG2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 06:24:50 GMT
age: 1248
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 06:45:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ca48fe3f4b906619f2023ba7e57cc12
56cd653988ae3c4a352743b0fa11ae991f550e60
cd75b994b7cdb9a0c02e292f639f5f40471ad33af2c5aab589be6db72fd045df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD75B994B7CDB9A0C02E292F639F5F40471AD33AF2C5AAB589BE6DB72FD045DF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14227
Expires: Mon, 06 Feb 2023 10:42:46 GMT
Date: Mon, 06 Feb 2023 06:45:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 05:51:19 GMT
age: 3260
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11623
Expires: Mon, 06 Feb 2023 09:59:22 GMT
Date: Mon, 06 Feb 2023 06:45:39 GMT
Connection: keep-alive
push.services.mozilla.com/
35.161.188.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.188.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +Ost2SJe+joFYBkRAAP3Tw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: awZ3DLwU6peOpZ3zV0Eu3bo1APY=
ujn.nowsubmission.com//?kw=43588&s1=e3cafacdc3cb435d808f294a31a2d4721e1bf&s2=
179.61.143.121302 Found 718 B URL HTTP/1.1 ujn.nowsubmission.com//?kw=43588&s1=e3cafacdc3cb435d808f294a31a2d4721e1bf&s2=
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dd258b2711142e63a9cae7e6c5a87be4
6b97b80635af0e3a322d3d168bed165a3b73636c
bd35b9776c434f328c4f6528f74fa9822cc6940d7e20025219459eb3e9958250
GET //?kw=43588&s1=e3cafacdc3cb435d808f294a31a2d4721e1bf&s2= HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
date: Mon, 06 Feb 2023 06:45:40 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
x-redir: true
set-cookie: yredir_session=eyJpdiI6IkpXRDVtcmFLRldLZEVDVElWWWpyOHc9PSIsInZhbHVlIjoibms2VUt1T3Nib0tGc0dMNWhyclh4TDV4enVzdzFDbHNiZmY4dmFDK1FLT2pjaWtacTFmeVI1M01ZNGRpNWdSUmNqZkpCcnBVK3hNUTB6RGgrNmIvSTAvZWRNRzBTZnA4bjZZcHJLSmROZE9wN0tBVi93Q0N1d1MzaHZNSVZja3QiLCJtYWMiOiIwMDYyZjVjODg2OTFjNjNlNTU2NDI0NjIyZjFkOGY5YjcwZGZiYTFjZjQ4MTAxN2MyY2Y4ZmZlZTczNDk1ZWNlIiwidGFnIjoiIn0%3D; expires=Mon, 06 Feb 2023 08:45:40 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3449
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 06:45:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3449
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 06:45:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3449
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 06:45:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F-bdQPU-zYhIlXtxcW_TiqE8ifPg3i0cg8gFuvJSfwoMDTe-Hqy1jg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:47 GMT
age: 31373
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f54c8725e5dab88b12d42876fa61b12
89c734d690981e30f9d566a7763a1870724d65aa
b8cc5148ae01e1a1fe32f56bdce71de086da320cdd8a55a746609c9773fdaf77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9809
x-amzn-requestid: 60ff8265-45f4-445b-bf49-e0f1ba4cc3da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzRVKFf7IAMF9hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfc20-3390f67342da01416e720af6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:33:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3ven3rHNpHQ94K0pntkthMllzUZIpGAGGNe_-zGTmYTtIhuQ3tZ7rQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 17:57:59 GMT
age: 46061
etag: "89c734d690981e30f9d566a7763a1870724d65aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 000cb25b2cb4fa30ce745582dafbab99
a5227f79e64bcab8d8f03822e6d408400a03a23e
7f6a2a99bff95672d34b41489d0dd1132ab8654b745e728e15ed95e987b7ed62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10582
x-amzn-requestid: e18bacd8-6d0e-4957-93ab-97def7442f8c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okSFKKIAMFlUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214e-05486d9b283cedc008cba781;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: p1ToWLG__PFWEMRxlPZcouvOTijPoUcMr7ubDCNcy2wMwgusbBjGPA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:34 GMT
etag: "a5227f79e64bcab8d8f03822e6d408400a03a23e"
content-type: image/jpeg
age: 30726
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 32137
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 32131
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea463f7a06fe1403c18c8ce8781244a1
fbbe4b97e4b39983b36340030f6b40adc69cd485
93a12a85886512e3336d027c889a2276087976b1c9106356cc81596b88087042
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b1baa973-5b7c-4daa-af2e-e9f0b3c6a604
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzViwFG1IAMF4qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de02de-4a0c9cf45c1a20083bb838dc;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:01:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7EshPvVIwmQebOuznRkbCUTYaedh_e4PPsNWC2iyExQ942_leuLkSQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 07:31:09 GMT
age: 83671
etag: "fbbe4b97e4b39983b36340030f6b40adc69cd485"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
179.61.143.121200 OK 5.7 kB URL HTTP/1.1 ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2df6a85ed6f5c239962e7b198dee0d62
18c23bd1e5b185450f5d8dc89c323411bed0346d
fb9538bd1a5345d299263a69bf7e19e3eb4b4c5be2a51a436a7d10e9e2af85a8
Analyzer Verdict Alert fortinet Phishing
GET /t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6IkpXRDVtcmFLRldLZEVDVElWWWpyOHc9PSIsInZhbHVlIjoibms2VUt1T3Nib0tGc0dMNWhyclh4TDV4enVzdzFDbHNiZmY4dmFDK1FLT2pjaWtacTFmeVI1M01ZNGRpNWdSUmNqZkpCcnBVK3hNUTB6RGgrNmIvSTAvZWRNRzBTZnA4bjZZcHJLSmROZE9wN0tBVi93Q0N1d1MzaHZNSVZja3QiLCJtYWMiOiIwMDYyZjVjODg2OTFjNjNlNTU2NDI0NjIyZjFkOGY5YjcwZGZiYTFjZjQ4MTAxN2MyY2Y4ZmZlZTczNDk1ZWNlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Mon, 06 Feb 2023 06:45:40 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
service-worker-allowed: /
cache-control: no-cache, private
x-redir: true
set-cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D; expires=Mon, 06 Feb 2023 08:45:40 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:45:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 03:22:46 GMT
expires: Mon, 05 Feb 2024 03:22:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 98575
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/css/style.css
179.61.143.121200 OK 5.6 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/css/style.css
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type assembler source, ASCII text
Hash 0e0958d51ded34cd4de26a9e461a837e
99bd77585368d1d074744dd9391ca4a3fb120a18
27a276e80a16de7fe575cc4d28c1a1a8656bd4774fd5c4927da2cd9283e1f656
GET /templates/templates/gbrand-survey_MASTER_MULTI/css/style.css HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:12 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "0e0958d51ded34cd4de26a9e461a837e"
content-type: text/css
content-length: 5568
x-varnish: 5944816 3
age: 550409
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:45:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ujn.nowsubmission.com/templates/dates/returnDate.en.js
179.61.143.121200 OK 1.4 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/dates/returnDate.en.js
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
Hash 7aff4dc745ab3f7939c7650d994ae3ae
22d1a5e8ef72f0c8104e9e7f6ba91c3c796f9e8a
7dfeca971a7fceb39cd2d8f1596546c4a60b1e6964aa20b8b9ab09f461bde18d
Analyzer Verdict Alert fortinet Phishing
GET /templates/dates/returnDate.en.js HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Wed, 25 Jan 2023 21:31:41 GMT
etag: "7aff4dc745ab3f7939c7650d994ae3ae"
content-type: application/javascript
content-length: 1382
service-worker-allowed: /
x-varnish: 5794495 32771
age: 550409
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/o/2XXQ6DLP/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/?push=true
179.61.143.121302 Found 818 B URL HTTP/1.1 ujn.nowsubmission.com/o/2XXQ6DLP/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/?push=true
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325)
Hash 2ca8bc4f5e17f0475e2719eb9d20c309
6d18d9136111aa27ee69ff57ec72ccdd458e0c74
b8391e49deab07408e1cd2d21510e85e04f664077832678b87ba3e5bfc7cbaa5
Analyzer Verdict Alert fortinet Phishing
GET /o/2XXQ6DLP/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/?push=true HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
date: Mon, 06 Feb 2023 06:45:41 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=df8e859c-a5e9-11ed-a024-8d70be6deaa3&&push=true
x-redir: true
set-cookie: yredir_session=eyJpdiI6IjF6SDhzOTVUb0d0OXEzaXZVR2VhS2c9PSIsInZhbHVlIjoiKzhyTjlWdVZ2VUVJSU0xTE1oeGk5eVdPbWtRYjVESGt1cldLZElpUVdldGZpcXc4UUVnc3A1NDJuZEhrUmMwaTVEa2xNR1FKVW93eFNISU5mZFRYcjJuN3k2VkoyNWpKY1NRN29hY1VoTnpZSXdQYWtJWWFHUkxDM1RRSitGZDEiLCJtYWMiOiJmNDFlNTY4MjUwNmZjNzM5YzQwMTY1YTk3YjA5NDRjMzcyMDAyNzkxMDY1YmFhOWFmMDMxOWNhNjQ0ODYwY2VkIiwidGFnIjoiIn0%3D; expires=Mon, 06 Feb 2023 08:45:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3d1f911b4c17f08d5f1a71cfd6d57196
aef54906719ebf1652cbec6ca1ccc4e7ae2bc614
d23957a45e03a7b65fef24aca0859e20aa71d1f743016c0b21cf3e2b609363f8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 262
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:45:41 GMT
Etag: "63dee7ed-116"
Last-Modified: Mon, 06 Feb 2023 06:41:19 GMT
Server: ECS (amb/6BA2)
X-Cache: HIT
Content-Length: 280
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female2-min.jpg
179.61.143.121200 OK 1.1 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female2-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 0794d94f802b6df4a503a36dd30b1b49
88f41b569ba1bdb1c68b1aca65d3bec37a76657f
030ab7588cc14efd6625654c00ff326d6602091f4fae946265ad29f9fee370d9
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/female2-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "0794d94f802b6df4a503a36dd30b1b49"
content-type: image/jpeg
content-length: 1102
x-varnish: 5794496 163854
age: 550404
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female4-min.jpg
179.61.143.121200 OK 1.2 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female4-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 9c0405fd9e4d3b488c3d9ccf0f7094fc
741c5b681855426bfbdec095ebcab5c89537eec0
f2ccdeb441553c02c3e536e7cc0d266ff8db7db4217d7117a860bfa259f21bb2
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/female4-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "9c0405fd9e4d3b488c3d9ccf0f7094fc"
content-type: image/jpeg
content-length: 1204
x-varnish: 6030925 131086
age: 550404
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female3-min.jpg
179.61.143.121200 OK 1.6 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female3-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 0abe78ea1873bc889025a46db4e6899d
d450f884aa79f7044155bad242c921da865a9ea7
d3167dff1bc974c9638243617a4aa43ae0889b44eb3d0d0039db034ed2aec8ff
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/female3-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "0abe78ea1873bc889025a46db4e6899d"
content-type: image/jpeg
content-length: 1570
x-varnish: 5944817 65555
age: 550404
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male1-min.jpg
179.61.143.121200 OK 1.6 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male1-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 7c87417985d39d54edfe8c84005668c5
9ef9beb0a8546e319b0e4e79543566ecf44995ab
17c1074c13199c387f264bf85324f2555d89c4221fae93a175d69973453f0cb4
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/male1-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "7c87417985d39d54edfe8c84005668c5"
content-type: image/jpeg
content-length: 1559
x-varnish: 5886787 196610
age: 550405
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male2-min.jpg
179.61.143.121200 OK 1.4 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male2-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 5170cc950871a79361acd06bc10ab09c
78176973a41a99af57b538ed95f32c6540b8eb56
20a470a2a8efcfc0f3f4a9ef9024d5e43594c7b82d0e88ad68e5c846be3b9eef
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/male2-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "5170cc950871a79361acd06bc10ab09c"
content-type: image/jpeg
content-length: 1415
x-varnish: 5720239 229379
age: 550404
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male3-min.jpg
179.61.143.121200 OK 1.1 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male3-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 9c2e86ea3c24bf83b78361d150a27abb
fbf849c5bf8ee98881135e3154ed39f18d1e9559
e22cdb3b53b481625f52a6a75461e9fd7a01e92f77d9da7381067ec7b5e0c8a2
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/male3-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "9c2e86ea3c24bf83b78361d150a27abb"
content-type: image/jpeg
content-length: 1136
x-varnish: 5662770 11
age: 550404
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=df8e859c-a5e9-11ed-a024-8d70be6deaa3&&push=true
172.64.128.25200 OK 780 B URL HTTP/2 pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=df8e859c-a5e9-11ed-a024-8d70be6deaa3&&push=true
IP 172.64.128.25:0
File type ASCII text, with CRLF line terminators
Hash c0b86f46324f8b7ca4951eb380200038
6cb5a932329939f72de6e737439990fcdbbbdf71
2401844b1671257be329cdf491873516be645868dcfe039e154c1255021a6dde
GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=df8e859c-a5e9-11ed-a024-8d70be6deaa3&&push=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujn.nowsubmission.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:45:41 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 06:45:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15zWHSTpPmkAaI8x1%2F5%2FWHNetZju9BqOkIDwbD7%2FTmq8AJ6zksuQ76Y3eIt1ODrggWgpeaVbu3iLRlcEF%2BljYQVCpfBCTAAZWVjhmEp5ccfwLRG8HHgCh3LmxVNIt3N6qhzGlsC%2FvfUTHrpUJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7951eca7a842719f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female5-min.jpg
179.61.143.121200 OK 1.4 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female5-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash ef0096a20db337c11b5e8f38b5d6bb74
60d814ad51c07471282c900a2d06766c790f1988
96da34eac319184af9e5f588fb0452ec1167c675102d8a7069afa3e76eea1d9b
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/female5-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:18 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "ef0096a20db337c11b5e8f38b5d6bb74"
content-type: image/jpeg
content-length: 1377
x-varnish: 5662771 229382
age: 550404
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/fb-check-min.jpg
179.61.143.121200 OK 662 B URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/fb-check-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 25x22, components 3\012- data
Hash 647f83a6bea8989234822fccfaaf1172
c5ceb9a12a3e855b384a2790ab7a6628375f54a3
897400118f15478b414250c5c4a07412d32f414c8683274996f1917ac79d882e
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/fb-check-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "647f83a6bea8989234822fccfaaf1172"
content-type: image/jpeg
content-length: 662
x-varnish: 5720240 65551
age: 550405
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female6-min.jpg
179.61.143.121200 OK 1.4 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female6-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 87df438b53e4bf2c6dbaeaf9a3f3fe23
db7a57b1e5dbfd1c9e82794d04fdc9c165808586
6e30d9a2d54a07c9400a814532e2c1d638467c58f24e0ec7f631f629022be87d
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/female6-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:18 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "87df438b53e4bf2c6dbaeaf9a3f3fe23"
content-type: image/jpeg
content-length: 1401
x-varnish: 5944818 65557
age: 550404
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/sub2-min.png
179.61.143.121200 OK 503 B URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/sub2-min.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 125 x 32, 8-bit grayscale, non-interlaced\012- data
Hash 17b195295195777b7415a91b5bfe4e40
6381d3fafffb4db3439a2e2e529e1495e3d2d043
424c21017d352a097502d212564a602f036cada202fa55247ef2b2a276f03f59
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/sub2-min.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:16 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "17b195295195777b7415a91b5bfe4e40"
content-type: image/png
content-length: 503
x-varnish: 5886788 65546
age: 550406
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/loading.gif
179.61.143.121200 OK 2.9 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/loading.gif
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type GIF image data, version 89a, 25 x 25\012- data
Hash 57853c90b8506907affe703e96d0184c
da22e6ad39a588f38c058091404a245cd4aeb821
61a5b75bd3a5d8370fd543e656a9223bf98035cb0e9931849b2a78c94b7134db
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/loading.gif HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "57853c90b8506907affe703e96d0184c"
content-type: image/gif
content-length: 2873
x-varnish: 5794497 65549
age: 550405
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/media/prizes/macbook2.png
179.61.143.121200 OK 38 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/media/prizes/macbook2.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 65601e39390008cb1fab24b661dbfb9f
cb1ba3693de85c53ebf0336bc7023b2348ffc6df
cfc14f5db37a2f1ef657cb9fbcd68b17e9295521b0966cf466be378c6da9cef6
GET /templates/media/prizes/macbook2.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:48 GMT
last-modified: Wed, 25 Jan 2023 21:31:47 GMT
etag: "65601e39390008cb1fab24b661dbfb9f"
content-type: image/png
content-length: 37747
x-varnish: 6030926 98357
age: 550374
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/media/template-images/iphone-13-blue-pink/300x200.jpg
179.61.143.121200 OK 8.3 kB URL HTTP/1.1 ujn.nowsubmission.com/media/template-images/iphone-13-blue-pink/300x200.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 200x200, components 3\012- data
Hash f6d434edf9003bf1c90b9673e4a27403
8c8ae8b80aef34450aee2d3bf9581d2643b806c2
6970807f8001bd5ccfe483120e5d95dfb9ad73aae1ee468dc3b6dabb67b71511
GET /media/template-images/iphone-13-blue-pink/300x200.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Tue, 17 May 2022 15:08:40 GMT
etag: "f6d434edf9003bf1c90b9673e4a27403"
content-type: image/jpeg
content-length: 8337
x-varnish: 5794498 163852
age: 550405
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js
179.61.143.121200 OK 90 B URL HTTP/1.1 ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type ASCII text, with no line terminators
Hash 1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123
Analyzer Verdict Alert fortinet Phishing
GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6IjF6SDhzOTVUb0d0OXEzaXZVR2VhS2c9PSIsInZhbHVlIjoiKzhyTjlWdVZ2VUVJSU0xTE1oeGk5eVdPbWtRYjVESGt1cldLZElpUVdldGZpcXc4UUVnc3A1NDJuZEhrUmMwaTVEa2xNR1FKVW93eFNISU5mZFRYcjJuN3k2VkoyNWpKY1NRN29hY1VoTnpZSXdQYWtJWWFHUkxDM1RRSitGZDEiLCJtYWMiOiJmNDFlNTY4MjUwNmZjNzM5YzQwMTY1YTk3YjA5NDRjMzcyMDAyNzkxMDY1YmFhOWFmMDMxOWNhNjQ0ODYwY2VkIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=ff84c240-af61-a83d-1390-7bd6aab0e4db
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 5886789 8
age: 550409
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/favicon.ico
179.61.143.121403 Forbidden 243 B URL HTTP/1.1 ujn.nowsubmission.com/favicon.ico
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type XML 1.0 document text\012- XML document, ASCII text
Hash f32f16b6b8675138da65d215cde75d7f
4d4b92e9af571e5781f6683cdee06e95fbc80fba
ef05fab47ab573c0c0736f0dfc33352ac33ef6eada75b7f4bbd9e3119a0cc029
GET /favicon.ico HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjF6SDhzOTVUb0d0OXEzaXZVR2VhS2c9PSIsInZhbHVlIjoiKzhyTjlWdVZ2VUVJSU0xTE1oeGk5eVdPbWtRYjVESGt1cldLZElpUVdldGZpcXc4UUVnc3A1NDJuZEhrUmMwaTVEa2xNR1FKVW93eFNISU5mZFRYcjJuN3k2VkoyNWpKY1NRN29hY1VoTnpZSXdQYWtJWWFHUkxDM1RRSitGZDEiLCJtYWMiOiJmNDFlNTY4MjUwNmZjNzM5YzQwMTY1YTk3YjA5NDRjMzcyMDAyNzkxMDY1YmFhOWFmMDMxOWNhNjQ0ODYwY2VkIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=ff84c240-af61-a83d-1390-7bd6aab0e4db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 403 Forbidden
content-type: application/xml
date: Mon, 30 Jan 2023 21:52:12 GMT
x-varnish: 5794499 163845
age: 550408
via: 1.1 varnish (Varnish/7.0)
content-length: 243
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/media/prizes/ipadpro2.png
179.61.143.121200 OK 58 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/media/prizes/ipadpro2.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 226 x 223, 8-bit/color RGBA, non-interlaced\012- data
Hash e84a3b1f4ab81c1369c00b20e7e76f3e
a7149c064176ef35c04ca6b0396f67f4d5641f92
fa444460c52cc7ae67baaea642ad355ef489491cc3014f074162a565437af50b
GET /templates/media/prizes/ipadpro2.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/df19fb96-a5e9-11ed-9269-cfe6250b2bd5/df1e086c-a5e9-11ed-a64f-6fa41b2a0fab
Cookie: yredir_session=eyJpdiI6IjlqNi9kQmhFSjJHQnJiam5MNGFvVkE9PSIsInZhbHVlIjoiZnd4WS9NbzlEcURQb0JaQSs3LzdRbGVCTk9qV05udzRGQk9GdWhzVGhyU3lEQ1dkOVBzYVlpL0FGV3B1UjNVY3NkRjA2K0wybUhKMk5INngvSmdJRDIxbDEzd1NRdUM5U2JUQUpVUHdYcUVWK1NpaXhmamFLS3NUMGVSVmdhdHYiLCJtYWMiOiIwMDE0YzUzZGM1NTNjYzUzZDA2NDc5YmNjOGQ3MWZkZDFhMGVhNmJhMmY5Y2E5ZjY1Mjg0YjY2ZTIzZDMzNDMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:49 GMT
last-modified: Wed, 25 Jan 2023 21:31:46 GMT
etag: "e84a3b1f4ab81c1369c00b20e7e76f3e"
content-type: image/png
content-length: 58468
x-varnish: 5944819 294940
age: 550374
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
172.64.128.25200 OK 0 B URL HTTP/2 pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
IP 172.64.128.25:0
GET /javascripts/trackpush-v2-vapid.js?v=1&custom=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:45:41 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 5383
last-modified: Mon, 06 Feb 2023 05:15:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6QwCuPRNqc6dzzCJirNl%2FIZKjpuOW487nIKkO1%2F8GtGq%2B0dVBg8DLjdq%2B2EurcxPHEe%2BlHvigbAGI5IYJrdl68Zm4%2Buhtt%2FEbHN%2FuDrCrZ%2BG5%2FujpZDqJ9XOK%2BQLE53uPCfMfN3dLWz3Coucg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7951eca96981719f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2