cddtsecure.com/?a=43588&c=318080&co=91932&mt=18&s2=JPbGV7BK712gW3PrL8VcBO
63.34.237.166302 Found 243 B URL HTTP/1.1 cddtsecure.com/?a=43588&c=318080&co=91932&mt=18&s2=JPbGV7BK712gW3PrL8VcBO
IP 63.34.237.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash eb6d202c9125603e8f7a72f0bc6d2346
aa43823fb652d448774a1c573c10b3ff96302cdd
50aaeb8b3b9546a2efa7f42c82101560a6f1def0d24c11cc8bb96c00d53f6ed0
GET /?a=43588&c=318080&co=91932&mt=18&s2=JPbGV7BK712gW3PrL8VcBO HTTP/1.1
Host: cddtsecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 21 Jan 2023 20:06:11 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: gdm_click_adv_freq_v2_1_001=B6XtSNf0/Fok3GcB4BTdMqNvSmDy9GzHogNxpq3XZ3x7kBY82w+iffP0TJFnrsUo; Domain=.cddtsecure.com; Expires=Fri, 21-Apr-2023 20:06:10 GMT; Path=/; Secure; SameSite=None
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cddtsecure.com; Expires=Fri, 21-Apr-2023 20:06:10 GMT; Path=/
gdm_click_freq_v2_1_001=bfK8z5UDo04kDjzc8YCbxo+85gJByaeEKnPezzmYJ+nu/aKMFUNVx3HDzyZmJ6fQ; Domain=.cddtsecure.com; Expires=Fri, 21-Apr-2023 20:06:10 GMT; Path=/; Secure; SameSite=None
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cddtsecure.com; Expires=Fri, 21-Apr-2023 20:06:10 GMT; Path=/; Secure; SameSite=None
gdm_uid_v1_1_001=naPxrhIlfa6HhRA0y9Bxf+GyLQMIsGJVucW1NPrb9Bxa4TkEwfoiGVjMxyOGBxfR; Domain=.cddtsecure.com; Expires=Fri, 21-Apr-2023 20:06:10 GMT; Path=/
gdm_sid_v1_3_001=0sB2JMiVkGzLLt3W8OZdm7JoObegFtGMQSHWzk3OJVoBMoDf7b1MFjul0/34xsaIj9OiPsOdcakTrxClT30xzU77iZQDfdNsxjRsESsJ5RgT7DavnpdnG45iHfQ1D8+Mk6+jrN7qZb5Z6XPQVggL2VcuCzAzkzFx9N+ilV82Q0FDfD1Ktxkd8qr0TrecUiQROzYawQniowaWFkWWghlst5fpnee6qk9uRsMGlPsQnAeYHtqT8TFz0rr20MsyQO45pJhDpOuMag/8Ab4OktORY9BwgN+s77hdqpVRsyWgw/2EHg6fAQj/GdI+6OI3TZRfOhcNUGF9A2mzZCBd4wPsZEwdCRikoUziJySZf2k31dIhT+i5UOyHQUzNrut8lHwQxx39xdqOtZRXNGGzeqswFLgij9mdXuJoEFqP6hXvq9UvElL0AXKjTrHhOFJvycoKecjSiRIOJ9M05nptG1R+lh70vqz2AySgSF+PUY6Y+4DKfEAz7vQa4A9XgQh84/irdfia7rfHxcLLL3YPNCPjuCNavVFlB1Dii7ffS2gV5vbopusC8Y0xITXNOKAEX/7mVuUxRo7MZhs6KZtk0GnxdhynEocwQFDdahAEzwYm+LicQfUq9G//wawAZkKDUFIW4al4vhc3/hm/qg1SxQMYX76BiX8jGTTuNRviv2NG5lui+zNZlN9Y+2OqW/WmNyTq+ioDxkNLGNi6HADy5lgNX5Zs3fmvIsqnZMM2fWqUoFX1U9kOGlaBVHPCdmo04jH/ZUjTuadtok+yJeNMzAx2yOpxE+OqDBM0KZksrCLiNq5UwYE5lAfG1mWbYS8P+UcMSaS+slWO19bu3z0muIqsRSJ3LfNqqWCHrnbzCEVy3VQ3Af8JuqnJmhB/Zt/owNi456OqYtb2zGEFGn1S7FnMrYKlHOkD20sZV7jgiCjGjfdJFpPCL7gYi/+ICSI96DFjppqQGQXs+xbucH5pSuKg/9ZWdnIUQjQSWxoZYYP8q0Mz4BuxNWeBzNwmqVldVmanIrl804TemONwfPTTl6HyVw==; Domain=.cddtsecure.com; Expires=Fri, 21-Apr-2023 20:06:10 GMT; Path=/
gdm_click_freq_v1_1_001=bfK8z5UDo04kDjzc8YCbxo+85gJByaeEKnPezzmYJ+nu/aKMFUNVx3HDzyZmJ6fQ; Domain=.cddtsecure.com; Expires=Fri, 21-Apr-2023 20:06:10 GMT; Path=/
gdm_click_adv_freq_v1_1_001=B6XtSNf0/Fok3GcB4BTdMqNvSmDy9GzHogNxpq3XZ3x7kBY82w+iffP0TJFnrsUo; Domain=.cddtsecure.com; Expires=Fri, 21-Apr-2023 20:06:10 GMT; Path=/
gdm_sid_v2_3_001=0sB2JMiVkGzLLt3W8OZdm7JoObegFtGMQSHWzk3OJVoBMoDf7b1MFjul0/34xsaIj9OiPsOdcakTrxClT30xzU77iZQDfdNsxjRsESsJ5RgT7DavnpdnG45iHfQ1D8+Mk6+jrN7qZb5Z6XPQVggL2VcuCzAzkzFx9N+ilV82Q0FDfD1Ktxkd8qr0TrecUiQROzYawQniowaWFkWWghlst5fpnee6qk9uRsMGlPsQnAeYHtqT8TFz0rr20MsyQO45pJhDpOuMag/8Ab4OktORY9BwgN+s77hdqpVRsyWgw/2EHg6fAQj/GdI+6OI3TZRfOhcNUGF9A2mzZCBd4wPsZEwdCRikoUziJySZf2k31dIhT+i5UOyHQUzNrut8lHwQxx39xdqOtZRXNGGzeqswFLgij9mdXuJoEFqP6hXvq9UvElL0AXKjTrHhOFJvycoKecjSiRIOJ9M05nptG1R+lh70vqz2AySgSF+PUY6Y+4DKfEAz7vQa4A9XgQh84/irdfia7rfHxcLLL3YPNCPjuCNavVFlB1Dii7ffS2gV5vbopusC8Y0xITXNOKAEX/7mVuUxRo7MZhs6KZtk0GnxdhynEocwQFDdahAEzwYm+LicQfUq9G//wawAZkKDUFIW4al4vhc3/hm/qg1SxQMYX76BiX8jGTTuNRviv2NG5lui+zNZlN9Y+2OqW/WmNyTq+ioDxkNLGNi6HADy5lgNX5Zs3fmvIsqnZMM2fWqUoFX1U9kOGlaBVHPCdmo04jH/ZUjTuadtok+yJeNMzAx2yOpxE+OqDBM0KZksrCLiNq5UwYE5lAfG1mWbYS8P+UcMSaS+slWO19bu3z0muIqsRSJ3LfNqqWCHrnbzCEVy3VQ3Af8JuqnJmhB/Zt/owNi456OqYtb2zGEFGn1S7FnMrYKlHOkD20sZV7jgiCjGjfdJFpPCL7gYi/+ICSI96DFjppqQGQXs+xbucH5pSuKg/9ZWdnIUQjQSWxoZYYP8q0Mz4BuxNWeBzNwmqVldVmanIrl804TemONwfPTTl6HyVw==; Domain=.cddtsecure.com; Expires=Fri, 21-Apr-2023 20:06:10 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=naPxrhIlfa6HhRA0y9Bxf+GyLQMIsGJVucW1NPrb9Bxa4TkEwfoiGVjMxyOGBxfR; Domain=.cddtsecure.com; Expires=Fri, 21-Apr-2023 20:06:10 GMT; Path=/; Secure; SameSite=None
Location: https://ujn.nowsubmission.com//?kw=43588&s1=c492ea53a98e491495e3dd8a2d7772f41e1bf&s2=
Content-Language: en-US
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11420
Expires: Sat, 21 Jan 2023 23:16:31 GMT
Date: Sat, 21 Jan 2023 20:06:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8471
Expires: Sat, 21 Jan 2023 22:27:22 GMT
Date: Sat, 21 Jan 2023 20:06:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 19:49:39 GMT
content-type: application/json
age: 992
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 38c102db4bcfb9c4fb19174986950fd3
51c2cc8a3aca4da5c9ab3438467c29203fc0b0c3
dad6b64bc9f4dd827471ccc2e5273fceee574685376083aaa80f9d2f918037f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAD6B64BC9F4DD827471CCC2E5273FCEEE574685376083AAA80F9D2F918037F2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11181
Expires: Sat, 21 Jan 2023 23:12:32 GMT
Date: Sat, 21 Jan 2023 20:06:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ri4t2XELxJzMjIzDbXtiTMmLBH6gfTC7pGqzM1nTUU/F0ij4Nz6rCKnKBkS4yQQTgCGltXhcjvo=
x-amz-request-id: 59RQ85KWQ3A1TSQM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 19:18:07 GMT
age: 2884
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 20:06:11 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 366e953385d5442a3648708fa1014765
12be25c3ea9b6abc31b087b04d0d04eda140ce89
1724761e0911034e54931dff874d0658673a41e85824aa1d4f49117417692b0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1724761E0911034E54931DFF874D0658673A41E85824AA1D4F49117417692B0B"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1642
Expires: Sat, 21 Jan 2023 20:33:33 GMT
Date: Sat, 21 Jan 2023 20:06:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 19:48:58 GMT
age: 1033
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1887
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:06:11 GMT
Last-Modified: Sat, 21 Jan 2023 19:34:44 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.81.36.195101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.36.195:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Lk+pdwevwDP3il3RLpS+yw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h+KR7EL8J3bKBTkP47aksEcuaKk=
ujn.nowsubmission.com//?kw=43588&s1=c492ea53a98e491495e3dd8a2d7772f41e1bf&s2=
179.61.143.121302 Found 718 B URL HTTP/1.1 ujn.nowsubmission.com//?kw=43588&s1=c492ea53a98e491495e3dd8a2d7772f41e1bf&s2=
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b4cda2131eacc2a39002b984fce354d7
f041093b155df1cd173d490aa1c21dcd12576fba
665d54c7cf213eb9619f0fff87e3c16d517a54b7747d92ab61e8eb4962f45f15
GET //?kw=43588&s1=c492ea53a98e491495e3dd8a2d7772f41e1bf&s2= HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
date: Sat, 21 Jan 2023 20:06:13 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
x-redir: true
set-cookie: yredir_session=eyJpdiI6IkJlUzM0bXFyQlV3SW85aUNyOHJnWkE9PSIsInZhbHVlIjoiQW1DTTM4NmQ4S3MyMmxIMDhmb2lYM1NXdEJNVkVrbFVGYVM5cHBhbE5SeWhFcksyZjNNTStUNGpKU0NGdEtHYUFjZW9rTXhVM1d4QmEzdzVPVkd4S0svdFh6R2Z6ZHZNRjdESWhyWkg2cEYvaXRzZkFIcklIREtVRnMxQzM3ejUiLCJtYWMiOiI5MzgwZTlhYmI4Yzc5NDQ5MmNiOTIyOThkMGQ4ZjYyNzhjMThiODVkZDlkODc5MGQ3YzcxMjQyYmY3YTEzMmQwIiwidGFnIjoiIn0%3D; expires=Sat, 21 Jan 2023 22:06:13 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6053
Expires: Sat, 21 Jan 2023 21:47:06 GMT
Date: Sat, 21 Jan 2023 20:06:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6053
Expires: Sat, 21 Jan 2023 21:47:06 GMT
Date: Sat, 21 Jan 2023 20:06:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6053
Expires: Sat, 21 Jan 2023 21:47:06 GMT
Date: Sat, 21 Jan 2023 20:06:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6053
Expires: Sat, 21 Jan 2023 21:47:06 GMT
Date: Sat, 21 Jan 2023 20:06:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6053
Expires: Sat, 21 Jan 2023 21:47:06 GMT
Date: Sat, 21 Jan 2023 20:06:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: c3864d3b-caaa-4c44-a4bd-9339d0eede69
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-E1UGw4IAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4ee-703e32aa596019d42680e599;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZxoIRkRgzS5Hp0D9gzxOiTg3GatK8zSCIokF3NWUghEUmePltkYVRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:38:02 GMT
age: 59291
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b48f53e84a3ec564b35cf6b0754d09bb
dc7ad580f90e8af4349f409fb0302a79c672ff99
37d8f9a37eed22705123275ac7a36ff34bcdea1b2faaa7108a7112afe5a8201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6068
x-amzn-requestid: 8962c77a-e852-426f-b37a-024546e0a2ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VKG_zoAMFgZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-368af491496d024a0142b0e4;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GVOdNzEzcPvkVkDOfnHOI1RPDfuJ_gUmoqYFkge2Qdp87B0wdOA6Bw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:03 GMT
age: 80770
etag: "dc7ad580f90e8af4349f409fb0302a79c672ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5195ac5d83278bed049661c0d1aaa4a
74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e
30af8f591b2d4f7c8de7d52ea53bb170ca426ef0550001c7802a7f993a6344df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7111
x-amzn-requestid: d9b5e6b0-3995-4c70-be84-0b1b457b7143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRlHtkIAMFiGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73d-37d253ee68fe1b7e483097dd;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 86-hgCgiYN-PYLZgXJO79kM9Vm6DIiRixaz-kQZFaY0m5481x8GWlw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 22:10:04 GMT
age: 78969
etag: "74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2422bc3ba3140462f4507b7a4fe3a746
d2b1d477d56fa40ca4d5e5be4b31667d5e3977a3
90f04120820c28da092bdd235a141a8ae6347f73025dbcf235a1562abf4dd9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12866
x-amzn-requestid: fe1078a2-3e26-4906-b7b4-73c9fd315e0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6w4ZHPLoAMFw8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c761cf-7ae3119b62b0ccef08dcd2af;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:04:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zL09KSxkGqnwziJ1XtAVONPJ9nxMN1yCzYXvT2ZCWKtHzpStn92YmQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:46:04 GMT
age: 51609
etag: "d2b1d477d56fa40ca4d5e5be4b31667d5e3977a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 447c7832b50421193a9b962e621d8379
eddd33bded6e9c705ed5f0aa2ed036faeefa388f
00946fa4ac2a2c6c23a22e1c5bf2d1d3871975c9730cf522fa7f937bb431e0ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5963
x-amzn-requestid: ef0681fa-95e9-4c43-94b2-4ebb1ff652b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6x_OG3goAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c76394-279293ff66d40dd65e0b8481;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:12:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5LBmRNL56mbOmY8ajrSlll2tfCxpMSlKDoym8YzJHUj3fF2Eq61TYw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 11:44:38 GMT
age: 30095
etag: "eddd33bded6e9c705ed5f0aa2ed036faeefa388f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee23b50996d59e5b3d4d99af0d0bc05f
76fbdbd85092cb841ca269206de46cc1b6e0f215
20e83f1e7f48eaee8f946958d4bd94d0c876dd2fdab85f3c4dfe088d7726e0eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6902
x-amzn-requestid: eac4818f-27cf-4e74-967f-ba9b761e236f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0uNuF0QIAMFUEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4f724-3a8ae0ba482b10f04c90c3b5;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 07:05:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AKGI_lQSNDKkYkcLfgIsQOt8ghMJbouQt26TehAyOBDEkg0ZU-L_Tw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 09:28:02 GMT
age: 38291
etag: "76fbdbd85092cb841ca269206de46cc1b6e0f215"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
179.61.143.121200 OK 3.5 kB URL HTTP/1.1 ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e94c22f728c3d5354a0cada42c4a469b
65b5656c51cb09a71463ac87f45ff1cd24291a70
6c25fd8ccd3455e8cd47483bbb22e4f7359be579d9792645bd685f2a4a9038f6
Analyzer Verdict Alert fortinet Phishing
GET /t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8 HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6IkJlUzM0bXFyQlV3SW85aUNyOHJnWkE9PSIsInZhbHVlIjoiQW1DTTM4NmQ4S3MyMmxIMDhmb2lYM1NXdEJNVkVrbFVGYVM5cHBhbE5SeWhFcksyZjNNTStUNGpKU0NGdEtHYUFjZW9rTXhVM1d4QmEzdzVPVkd4S0svdFh6R2Z6ZHZNRjdESWhyWkg2cEYvaXRzZkFIcklIREtVRnMxQzM3ejUiLCJtYWMiOiI5MzgwZTlhYmI4Yzc5NDQ5MmNiOTIyOThkMGQ4ZjYyNzhjMThiODVkZDlkODc5MGQ3YzcxMjQyYmY3YTEzMmQwIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 20:06:13 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
service-worker-allowed: /
cache-control: no-cache, private
x-redir: true
set-cookie: yredir_session=eyJpdiI6IjVCN0F4cllqa1o5b1d2enB6ZDFTUGc9PSIsInZhbHVlIjoieWRXZ0I5TG55Q3VQazJadlVLYXRpS3BmcTNTR0FaSGw5UGxWQ1grSDAzZE9yM2dXNmoyTFJjQjVWN1RzZkRzYVU4SVFZMk55V08xVng4dWVXclRTcEdLOGNaTE5CYnovU1ArSG5NSGlFSTg1VkhBeCtlZ1oyRm1hcWJsZUtOZ2giLCJtYWMiOiJmZGVjNmUzMWI3OWQ4NDU2NmI5MGMwODJhYWNhMzhlZmRiYjk2YzY5ZTg2OTE2MGQ1ZDk3MDgwMmRmYTU1NzllIiwidGFnIjoiIn0%3D; expires=Sat, 21 Jan 2023 22:06:13 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15768000
code.jquery.com/jquery-1.11.3.min.js
69.16.175.10200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.11.3.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32038)
Hash 1c8acbf5f411ace3b76578a1fd1a603e
b1bbee9db24d885c25afd2e5a7720e4f79b6b991
e37464521b5447580a641b775ddb258a76f3bc7a3ca5a34eb452b12908b350a9
GET /jquery-1.11.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 20:06:13 GMT
content-encoding: gzip
content-length: 33261
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-176d5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CMWnsZ4GEocBCiRiMDliMTJjZi1mYWMwLTQ5ZjAtOWNjNi1jMjQyMDQ0NDUyMDMQ+OiCoKvU+wIaBgi1i7GeBiIMOTEuOTAuNDIuMTU0KOzaAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkMjQ4MDY5YmItMmNlYi00MDQ0LWIwMjQtZTM4ZTA2NjUwN2M0GO2DAiIYCAISFGNkczIxNi5zazEuaHdjZG4ubmV0.VZtE5RrRC0zNxNIi1vLbDnaKA+3j5eAr+VaGITv9U0U=
x-hw: 1674331573.dop232.sk1.t,1674331573.cds248.sk1.hn,1674331573.cds216.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:06:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:06:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
142.250.74.170200 OK 93 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32072)
Hash e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 93100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 21:59:15 GMT
expires: Sat, 20 Jan 2024 21:59:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 79618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:06:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/css/style.css
179.61.143.121200 OK 25 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/css/style.css
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
Hash bc84bd3caee9a7b227a5054179477e02
bc1b53ceedb9b91f4d4bec2037126b4d05c20912
d86b239f3ad7fc29593df1655848824493b2299a203c9be2f67adae10f94309e
GET /templates/templates/spin-casino_MASTER/css/style.css HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
Cookie: yredir_session=eyJpdiI6IjVCN0F4cllqa1o5b1d2enB6ZDFTUGc9PSIsInZhbHVlIjoieWRXZ0I5TG55Q3VQazJadlVLYXRpS3BmcTNTR0FaSGw5UGxWQ1grSDAzZE9yM2dXNmoyTFJjQjVWN1RzZkRzYVU4SVFZMk55V08xVng4dWVXclRTcEdLOGNaTE5CYnovU1ArSG5NSGlFSTg1VkhBeCtlZ1oyRm1hcWJsZUtOZ2giLCJtYWMiOiJmZGVjNmUzMWI3OWQ4NDU2NmI5MGMwODJhYWNhMzhlZmRiYjk2YzY5ZTg2OTE2MGQ1ZDk3MDgwMmRmYTU1NzllIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 19 Jan 2023 16:17:28 GMT
last-modified: Tue, 17 Jan 2023 16:29:10 GMT
etag: "bc84bd3caee9a7b227a5054179477e02"
content-type: text/css
content-length: 25401
x-varnish: 22145287 84735495
age: 186525
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/o/2XXQ6DLP/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/?push=true
179.61.143.121302 Found 818 B URL HTTP/1.1 ujn.nowsubmission.com/o/2XXQ6DLP/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/?push=true
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325)
Hash 5f3fa7b4b2117144eb2aebbde2a6e900
60bb6ada69acf8e637fb9a629c3244c202ecd1e6
a132411f35da9880c8ae78e68963898ea82f16b31a3aa740bad410790787e6e7
Analyzer Verdict Alert fortinet Phishing
GET /o/2XXQ6DLP/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/?push=true HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
Cookie: yredir_session=eyJpdiI6IjVCN0F4cllqa1o5b1d2enB6ZDFTUGc9PSIsInZhbHVlIjoieWRXZ0I5TG55Q3VQazJadlVLYXRpS3BmcTNTR0FaSGw5UGxWQ1grSDAzZE9yM2dXNmoyTFJjQjVWN1RzZkRzYVU4SVFZMk55V08xVng4dWVXclRTcEdLOGNaTE5CYnovU1ArSG5NSGlFSTg1VkhBeCtlZ1oyRm1hcWJsZUtOZ2giLCJtYWMiOiJmZGVjNmUzMWI3OWQ4NDU2NmI5MGMwODJhYWNhMzhlZmRiYjk2YzY5ZTg2OTE2MGQ1ZDk3MDgwMmRmYTU1NzllIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
date: Sat, 21 Jan 2023 20:06:13 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=0e8642d8-99c7-11ed-a2fe-f990aa7c5f40&&push=true
x-redir: true
set-cookie: yredir_session=eyJpdiI6ImNBYmdXVEdUcGV4UXcvTTlhQlpyMmc9PSIsInZhbHVlIjoiOWVvZ096MlVlN29iY2E3azEydHVvS21ISElKaFl0dHV3bzZsbHlJK2xyaUlPdldXcHhmZ1o4S3RsdEY0M0ZoTEUrTUM4eWh0TmYzNG4vak1iRUM4NFRJWi94RlVPQnlneTh6cFYzNklzbG0xeUhYNHpTZmx3VkE0TkJqVzJvVXQiLCJtYWMiOiI4M2I3OGM1NjQwNWVhMDRmOGU0ZTE3OTNjYmZiMzMwODU1N2Y5NmE1MmM2NzdlNTRkMzljYTFkYjRiYzI3YTYyIiwidGFnIjoiIn0%3D; expires=Sat, 21 Jan 2023 22:06:13 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0dadeae3531c8e008dbce13c1c588e83
7737d22ca1fd01e6b79814323e3355ea68f8d534
13d092ac1fbcf2e6bca721276d33f0ab2d3476359b7f339d69c47759c24235d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1147
Cache-Control: max-age=99127
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:06:14 GMT
Etag: "63cb2172-116"
Expires: Sun, 22 Jan 2023 23:38:21 GMT
Last-Modified: Fri, 20 Jan 2023 23:19:14 GMT
Server: ECS (amb/6BC6)
X-Cache: HIT
Content-Length: 278
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/loader.gif
179.61.143.121200 OK 2.9 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/loader.gif
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type GIF image data, version 89a, 128 x 15\012- data
Hash 35de537ece3bfee3ab3f7af4c19e2151
9139201df5d36e1b2b9a8a6566683c95a49e0006
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5
GET /templates/templates/spin-casino_MASTER/images/loader.gif HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
Cookie: yredir_session=eyJpdiI6IjVCN0F4cllqa1o5b1d2enB6ZDFTUGc9PSIsInZhbHVlIjoieWRXZ0I5TG55Q3VQazJadlVLYXRpS3BmcTNTR0FaSGw5UGxWQ1grSDAzZE9yM2dXNmoyTFJjQjVWN1RzZkRzYVU4SVFZMk55V08xVng4dWVXclRTcEdLOGNaTE5CYnovU1ArSG5NSGlFSTg1VkhBeCtlZ1oyRm1hcWJsZUtOZ2giLCJtYWMiOiJmZGVjNmUzMWI3OWQ4NDU2NmI5MGMwODJhYWNhMzhlZmRiYjk2YzY5ZTg2OTE2MGQ1ZDk3MDgwMmRmYTU1NzllIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 19 Jan 2023 16:18:20 GMT
last-modified: Tue, 17 Jan 2023 16:29:10 GMT
etag: "35de537ece3bfee3ab3f7af4c19e2151"
content-type: image/gif
content-length: 2892
x-varnish: 22145288 84455996
age: 186474
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay2.png
179.61.143.121200 OK 19 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay2.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 300 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash 90f8155b00c6e9ec624a12e8a67bd264
fbf3b21af8cc2c2d44879f19f5893dbe696113f1
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418
GET /templates/templates/spin-casino_MASTER/images/overlay2.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
Cookie: yredir_session=eyJpdiI6IjVCN0F4cllqa1o5b1d2enB6ZDFTUGc9PSIsInZhbHVlIjoieWRXZ0I5TG55Q3VQazJadlVLYXRpS3BmcTNTR0FaSGw5UGxWQ1grSDAzZE9yM2dXNmoyTFJjQjVWN1RzZkRzYVU4SVFZMk55V08xVng4dWVXclRTcEdLOGNaTE5CYnovU1ArSG5NSGlFSTg1VkhBeCtlZ1oyRm1hcWJsZUtOZ2giLCJtYWMiOiJmZGVjNmUzMWI3OWQ4NDU2NmI5MGMwODJhYWNhMzhlZmRiYjk2YzY5ZTg2OTE2MGQ1ZDk3MDgwMmRmYTU1NzllIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 19 Jan 2023 16:17:34 GMT
last-modified: Tue, 17 Jan 2023 16:29:10 GMT
etag: "90f8155b00c6e9ec624a12e8a67bd264"
content-type: image/png
content-length: 18646
x-varnish: 59766966 84455905
age: 186520
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay.png
179.61.143.121200 OK 19 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 300 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash a3f2c95451c2201b26033d755a0164c9
f150487dacf8607e49c31abebaf034e34ef8e8aa
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2
GET /templates/templates/spin-casino_MASTER/images/overlay.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
Cookie: yredir_session=eyJpdiI6IjVCN0F4cllqa1o5b1d2enB6ZDFTUGc9PSIsInZhbHVlIjoieWRXZ0I5TG55Q3VQazJadlVLYXRpS3BmcTNTR0FaSGw5UGxWQ1grSDAzZE9yM2dXNmoyTFJjQjVWN1RzZkRzYVU4SVFZMk55V08xVng4dWVXclRTcEdLOGNaTE5CYnovU1ArSG5NSGlFSTg1VkhBeCtlZ1oyRm1hcWJsZUtOZ2giLCJtYWMiOiJmZGVjNmUzMWI3OWQ4NDU2NmI5MGMwODJhYWNhMzhlZmRiYjk2YzY5ZTg2OTE2MGQ1ZDk3MDgwMmRmYTU1NzllIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 19 Jan 2023 16:17:33 GMT
last-modified: Tue, 17 Jan 2023 16:29:10 GMT
etag: "a3f2c95451c2201b26033d755a0164c9"
content-type: image/png
content-length: 18661
x-varnish: 86520919 84455903
age: 186521
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin2.png
179.61.143.121200 OK 88 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin2.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 639 x 479, 8-bit/color RGBA, non-interlaced\012- data
Hash f12f850a9ec2daa0b2dbb07e11252122
012a03ac053a0367ef9cdb76685a77d61f3d8a22
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a
GET /templates/templates/spin-casino_MASTER/images/spin2.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
Cookie: yredir_session=eyJpdiI6IjVCN0F4cllqa1o5b1d2enB6ZDFTUGc9PSIsInZhbHVlIjoieWRXZ0I5TG55Q3VQazJadlVLYXRpS3BmcTNTR0FaSGw5UGxWQ1grSDAzZE9yM2dXNmoyTFJjQjVWN1RzZkRzYVU4SVFZMk55V08xVng4dWVXclRTcEdLOGNaTE5CYnovU1ArSG5NSGlFSTg1VkhBeCtlZ1oyRm1hcWJsZUtOZ2giLCJtYWMiOiJmZGVjNmUzMWI3OWQ4NDU2NmI5MGMwODJhYWNhMzhlZmRiYjk2YzY5ZTg2OTE2MGQ1ZDk3MDgwMmRmYTU1NzllIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 19 Jan 2023 16:18:20 GMT
last-modified: Tue, 17 Jan 2023 16:29:10 GMT
etag: "f12f850a9ec2daa0b2dbb07e11252122"
content-type: image/png
content-length: 88130
x-varnish: 86739911 84213593
age: 186475
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin1.png
179.61.143.121200 OK 85 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin1.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 639 x 479, 8-bit/color RGBA, non-interlaced\012- data
Hash 827076646858c6cc499ec675c45b147d
4b6bf3459af50ba8db76d31f9dc3876b50a4c5fe
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63
GET /templates/templates/spin-casino_MASTER/images/spin1.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
Cookie: yredir_session=eyJpdiI6IjVCN0F4cllqa1o5b1d2enB6ZDFTUGc9PSIsInZhbHVlIjoieWRXZ0I5TG55Q3VQazJadlVLYXRpS3BmcTNTR0FaSGw5UGxWQ1grSDAzZE9yM2dXNmoyTFJjQjVWN1RzZkRzYVU4SVFZMk55V08xVng4dWVXclRTcEdLOGNaTE5CYnovU1ArSG5NSGlFSTg1VkhBeCtlZ1oyRm1hcWJsZUtOZ2giLCJtYWMiOiJmZGVjNmUzMWI3OWQ4NDU2NmI5MGMwODJhYWNhMzhlZmRiYjk2YzY5ZTg2OTE2MGQ1ZDk3MDgwMmRmYTU1NzllIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 19 Jan 2023 16:18:08 GMT
last-modified: Tue, 17 Jan 2023 16:29:10 GMT
etag: "827076646858c6cc499ec675c45b147d"
content-type: image/png
content-length: 85123
x-varnish: 86546086 79586241
age: 186486
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0dadeae3531c8e008dbce13c1c588e83
7737d22ca1fd01e6b79814323e3355ea68f8d534
13d092ac1fbcf2e6bca721276d33f0ab2d3476359b7f339d69c47759c24235d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1147
Cache-Control: max-age=99127
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:06:14 GMT
Etag: "63cb2172-116"
Expires: Sun, 22 Jan 2023 23:38:21 GMT
Last-Modified: Fri, 20 Jan 2023 23:19:14 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png
179.61.143.121200 OK 171 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 142 x 7733, 8-bit colormap, non-interlaced\012- data
Size 171 kB (171408 bytes)
Hash 276c26514be610b5c6fa413756b33671
43c532ff2dc2ce6ed8360fc5d05116b222036e4b
453150bf90ff9debe217f3734a4d3cf4bf6ed9017635d4f2d867096132ad4e28
GET /templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
Cookie: yredir_session=eyJpdiI6IjVCN0F4cllqa1o5b1d2enB6ZDFTUGc9PSIsInZhbHVlIjoieWRXZ0I5TG55Q3VQazJadlVLYXRpS3BmcTNTR0FaSGw5UGxWQ1grSDAzZE9yM2dXNmoyTFJjQjVWN1RzZkRzYVU4SVFZMk55V08xVng4dWVXclRTcEdLOGNaTE5CYnovU1ArSG5NSGlFSTg1VkhBeCtlZ1oyRm1hcWJsZUtOZ2giLCJtYWMiOiJmZGVjNmUzMWI3OWQ4NDU2NmI5MGMwODJhYWNhMzhlZmRiYjk2YzY5ZTg2OTE2MGQ1ZDk3MDgwMmRmYTU1NzllIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 19 Jan 2023 19:11:35 GMT
last-modified: Thu, 19 Jan 2023 18:19:26 GMT
etag: "276c26514be610b5c6fa413756b33671"
content-type: image/png
content-length: 171408
x-varnish: 86288618 84490844
age: 176079
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:06:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ujn.nowsubmission.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:42:33 GMT
expires: Wed, 17 Jan 2024 15:42:33 GMT
cache-control: public, max-age=31536000
age: 361421
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
179.61.143.121200 OK 23 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type GIF image data, version 89a, 500 x 150\012- data
Hash f79f189bde401dfac7723f7c963d0ef8
83530e9d6248767d661c4996c14414621c857ed6
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca
GET /templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/css/style.css
Cookie: yredir_session=eyJpdiI6ImNBYmdXVEdUcGV4UXcvTTlhQlpyMmc9PSIsInZhbHVlIjoiOWVvZ096MlVlN29iY2E3azEydHVvS21ISElKaFl0dHV3bzZsbHlJK2xyaUlPdldXcHhmZ1o4S3RsdEY0M0ZoTEUrTUM4eWh0TmYzNG4vak1iRUM4NFRJWi94RlVPQnlneTh6cFYzNklzbG0xeUhYNHpTZmx3VkE0TkJqVzJvVXQiLCJtYWMiOiI4M2I3OGM1NjQwNWVhMDRmOGU0ZTE3OTNjYmZiMzMwODU1N2Y5NmE1MmM2NzdlNTRkMzljYTFkYjRiYzI3YTYyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 19 Jan 2023 16:18:55 GMT
last-modified: Tue, 17 Jan 2023 16:29:10 GMT
etag: "f79f189bde401dfac7723f7c963d0ef8"
content-type: image/gif
content-length: 23095
x-varnish: 86288619 79586285
age: 186440
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:06:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js
179.61.143.121200 OK 90 B URL HTTP/1.1 ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type ASCII text, with no line terminators
Hash 1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123
Analyzer Verdict Alert fortinet Phishing
GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6ImNBYmdXVEdUcGV4UXcvTTlhQlpyMmc9PSIsInZhbHVlIjoiOWVvZ096MlVlN29iY2E3azEydHVvS21ISElKaFl0dHV3bzZsbHlJK2xyaUlPdldXcHhmZ1o4S3RsdEY0M0ZoTEUrTUM4eWh0TmYzNG4vak1iRUM4NFRJWi94RlVPQnlneTh6cFYzNklzbG0xeUhYNHpTZmx3VkE0TkJqVzJvVXQiLCJtYWMiOiI4M2I3OGM1NjQwNWVhMDRmOGU0ZTE3OTNjYmZiMzMwODU1N2Y5NmE1MmM2NzdlNTRkMzljYTFkYjRiYzI3YTYyIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=e03d729c-ef13-994e-5959-7ddeb5df0ceb
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Thu, 19 Jan 2023 16:15:51 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 86288620 84359097
age: 186624
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/favicon.ico
179.61.143.121403 Forbidden 243 B URL HTTP/1.1 ujn.nowsubmission.com/favicon.ico
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type XML 1.0 document text\012- XML document, ASCII text
Hash 75e57d5bf94a6fecb04f78459d9f8fb7
c77308b7871b8d2c6af6915bd98b470002576d11
6d1ec571237dda41280115f676abc8f51e65f0d7f9d1f864fa6ebd4c90c42b7a
GET /favicon.ico HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/0e0c29c6-99c7-11ed-87c2-1bb3bdc0fabd/0e108ef8-99c7-11ed-b818-653cb72159f8
Cookie: yredir_session=eyJpdiI6ImNBYmdXVEdUcGV4UXcvTTlhQlpyMmc9PSIsInZhbHVlIjoiOWVvZ096MlVlN29iY2E3azEydHVvS21ISElKaFl0dHV3bzZsbHlJK2xyaUlPdldXcHhmZ1o4S3RsdEY0M0ZoTEUrTUM4eWh0TmYzNG4vak1iRUM4NFRJWi94RlVPQnlneTh6cFYzNklzbG0xeUhYNHpTZmx3VkE0TkJqVzJvVXQiLCJtYWMiOiI4M2I3OGM1NjQwNWVhMDRmOGU0ZTE3OTNjYmZiMzMwODU1N2Y5NmE1MmM2NzdlNTRkMzljYTFkYjRiYzI3YTYyIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=e03d729c-ef13-994e-5959-7ddeb5df0ceb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 403 Forbidden
content-type: application/xml
date: Thu, 19 Jan 2023 16:16:23 GMT
x-varnish: 86288621 84735348
age: 186591
via: 1.1 varnish (Varnish/7.0)
content-length: 243
strict-transport-security: max-age=15768000
pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
172.64.129.25200 OK 0 B URL HTTP/2 pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
IP 172.64.129.25:0
GET /javascripts/trackpush-v2-vapid.js?v=1&custom=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 20:06:14 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 6069
last-modified: Sat, 21 Jan 2023 18:25:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUnAsFZmpEIbARbQosxOENzcuc6xDTtCfHwKqKWcoC1zF7wl4NlWJNrHT2J3B2xAryjoTa7He%2F%2FberWEiQn08Bn2paKZb1FT%2FnvnvMcWNIzX0HHrc6Ca1%2BhTJQoGuMhFhDXidnAKRqj7AfZ%2FPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d2ab545bf8002a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
IP 142.250.74.74:0
GET /css?family=Roboto+Condensed%7COpen+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 21 Jan 2023 20:06:13 GMT
date: Sat, 21 Jan 2023 20:06:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=0e8642d8-99c7-11ed-a2fe-f990aa7c5f40&&push=true
172.64.129.25200 OK 0 B URL HTTP/2 pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=0e8642d8-99c7-11ed-a2fe-f990aa7c5f40&&push=true
IP 172.64.129.25:0
GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=0e8642d8-99c7-11ed-a2fe-f990aa7c5f40&&push=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujn.nowsubmission.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 20:06:14 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Sat, 21 Jan 2023 20:06:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwbsQv3tF0kFFsryAZOkBHb47z4WgWrvofYJpZ4FKiDyQmkjPzTE3Y%2B2NCg6XoGbL%2BrDbmsKa7fE%2Bwc9uvchoWnYT0UvRBW9UzwC0tWaTUBehlU3TPIDzJi6FzTCMwLKc%2FjuuxvqFQhzZi0PFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d2ab527a56002a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2