app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
143.204.55.90200 OK 54 kB URL HTTP/1.1 app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
IP 143.204.55.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3561)
Hash 88e679d82713a752d1ddcc1dc1584187
353ec111c2aa63c842f66c5115317db6d8343fcb
dcbb0be8a23b2d14328187440f5af36883a1be0a6387d7c646179be9b1838783
GET /cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339 HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:19 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sYFa3Laad2w3CxeLpM1cHnyG6-YbcPZfSGiwtjgqwwoCZ-v5R4d9CA==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9264
Expires: Sun, 06 Nov 2022 02:49:43 GMT
Date: Sun, 06 Nov 2022 00:15:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4856
Cache-Control: max-age=124601
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:19 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:52:00 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9146
Expires: Sun, 06 Nov 2022 02:47:45 GMT
Date: Sun, 06 Nov 2022 00:15:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ribO7n5JaluMdQNm/71/+t7xDuXJTg77D59L3a5Ua7XyQMM1Ls/oP118UTDn94tyc7/Qql6dybg=
x-amz-request-id: XRPVTV4BJE6ZBGT9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 23:47:24 GMT
age: 1675
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/css/style.css
143.204.55.90200 OK 3.9 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/style.css
IP 143.204.55.90:0
Hash bda026f754023350f64546023a4dc562
8159f1d5998a63dd4b4702b24c4c424476201ec5
d43c20a5ae3091d1285f8758acc34bd2806dfca5aada65f54cc7b152fdf774cb
GET /cp/_assets/css/style.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sun, 06 Nov 2022 00:15:19 GMT
ETag: W/"6363fc92-3f02"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: duQbbR7eRZcvwyasQJpLe9XXvPgZSR1kyGzo7TyT5TiTXm0Effndsg==
Age: 23894
app.rewardflux.com/cp/_assets/css/form.css
143.204.55.90200 OK 1.9 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/form.css
IP 143.204.55.90:0
Hash 79c6ab2a52ef135ffd9553bbd376127e
82e21229112984abf48c00e0b612aa7ad375de10
b52fe5c8c6ce94e87ae298d2bc69f5a6c4429df9d10d23ec6e6da1cc7854998c
GET /cp/_assets/css/form.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sun, 06 Nov 2022 00:15:19 GMT
ETag: W/"6363fc92-2a43"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j01MmHmil5hquy64dRcHRMDTxkpH9wa7qn-18N98Fz1JMZley9n2RQ==
Age: 23894
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:15:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/css/site-console.css
143.204.55.90200 OK 484 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/site-console.css
IP 143.204.55.90:0
Hash 6f3a3804acf36e3741c562be4dd35eb8
8c3403c5c9c990e1b86191fc9be6c8703ccd1830
00caaa3bd383b48779304f28e5019951429fb3144128daf542e7df53f1cd547d
GET /cp/_assets/css/site-console.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sun, 06 Nov 2022 00:15:19 GMT
ETag: W/"6363fc92-55d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RZFNbXSCg01o-qC9fK8aczQoclFRsEdELEvsx8kuf2b2M6cLN58Irw==
Age: 23894
app.rewardflux.com/cp/_assets/css/animate.css
143.204.55.90200 OK 963 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/animate.css
IP 143.204.55.90:0
Hash 2c587ab199b840bc32de9e127f95db63
c916ca7ee5db7607e548990114036026ce536b37
7730ce43b64a5a060c075437da34bebbfe9ecd67dcee0b5ab5a5e468cc9dd13c
GET /cp/_assets/css/animate.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sun, 06 Nov 2022 00:15:19 GMT
ETag: W/"6363fc92-1ab5"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bnqQS3mtEcwS7-Z6sSwHVm-6GPjxESBHLgjUteufejkApBU8cAo1tQ==
Age: 23894
app.rewardflux.com/cp/_assets/css/main.css
143.204.55.90200 OK 1.3 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/main.css
IP 143.204.55.90:0
Hash 59fd6770c83df6afa1b79af4e575b765
ebd874fd5640959055a4fc34dc8775f8ca0675a9
8d4ad5a135387c533c74045d2a572340e128c16b9edeca123fd22c7d2b28cdc0
GET /cp/_assets/css/main.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sun, 06 Nov 2022 00:15:19 GMT
ETag: W/"6363fc92-143d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7AwA5mCZMTRQQdx69i0PqmnFVnSKA_bTZBYx-9JR8gHria-RvgX--A==
Age: 23894
app.rewardflux.com/cp/prmrk/gb/css/campaign.css
143.204.55.90200 OK 426 B URL HTTP/1.1 app.rewardflux.com/cp/prmrk/gb/css/campaign.css
IP 143.204.55.90:0
Hash 1f25f7dcd267d1f5d08dc06bc3c20f42
fc101cf787b8b7fe0162470b21bc32524b522f0b
3c2fc41a52a3db576020ad6d1abd84a731df68c849158270f335fa4bdbc06fbe
GET /cp/prmrk/gb/css/campaign.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:19 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:43 GMT
ETag: W/"6363fca3-4ae"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gPLyom3Yq0ALqxK4EFK8mMRt3dRfWBGiAslrUfWTBxFWKNqtswIFsw==
app.rewardflux.com/cp/_assets/js/responsive.js
143.204.55.90200 OK 454 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/js/responsive.js
IP 143.204.55.90:0
Hash 7a065c83bbffdfcf73ca7e36f0388498
bf1ae261c3826981ae8f4a9dd31fdf632b44b60d
09210cfc575bc762a1f685cd7db2d5369d619d82b78b1fd6ceb2c7159c6725b4
GET /cp/_assets/js/responsive.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 00:48:29 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: W/"6363fc92-610"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pVxpxhFJBhlNt3NoH43VhqkGU896VYNA5R7WpjffRoo3pRFETlH7xQ==
Age: 84410
app.rewardflux.com/cp/_assets/js/form_rewards_gb.js
143.204.55.90200 OK 1.1 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/js/form_rewards_gb.js
IP 143.204.55.90:0
Hash 0132190e6dfdae77d57519c04673fc41
a67532a5e280aaba65bf800a3c3aa57da4461833
d69016008cc147e319c2d8322f39fe24e6a0d28850068fb692b9f8f45798e672
GET /cp/_assets/js/form_rewards_gb.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:19 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: W/"6363fc92-a93"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H8t1xkT43FHfSx7co3cRzGVc5X9DW04-OMU-SScr7isuGewTbOfu9A==
app.rewardflux.com/cp/_assets/css/modal.css
143.204.55.90200 OK 882 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/modal.css
IP 143.204.55.90:0
Hash 2d3971299b4211890eecbc4a384d42b0
01e9251d22b64d5f465338ceb8aca8ee73aa82cd
117ec6d72ca22980951e5535c431af21c8c130270f5fbe526165668005448775
GET /cp/_assets/css/modal.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sun, 06 Nov 2022 00:15:19 GMT
ETag: W/"6363fc92-9b7"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: C_zlCQdTcJK4r0A2o-nbp2waxznbWwr_H7oF3dND0izZCVD0JtFGyQ==
Age: 23894
app.rewardflux.com/cp/_assets/js/jquery.min.js
143.204.55.90200 OK 34 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/js/jquery.min.js
IP 143.204.55.90:0
File type ASCII text, with very long lines (1963)
Hash fcb135801f8d2664b8d23fd26790a835
f54649bada6f1f76f86068f4c7b9e82742b01895
7289f1b3227981ed2316d4e620e2cd27f92605e5f6eb9c9e55702d462c5e37d5
GET /cp/_assets/js/jquery.min.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 00:48:31 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: W/"6363fc92-1b9fc"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ysqaEozgCUGVSNS-_EEgXRIqHvMg7jcXqcxH2lslLf6UaHaJ4kyq_A==
Age: 84408
app.rewardflux.com/cp/prmrk/gb/css/reward.css
143.204.55.90200 OK 315 B URL HTTP/1.1 app.rewardflux.com/cp/prmrk/gb/css/reward.css
IP 143.204.55.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bf204738cc45ba40ddbc1833f7e3fd08
c1cd4d940ed2679bf940e09e5048c914d224cf52
f5e322bbdb5b74a13a08dbe967d05a3554e3547d48aa1789663d677056921ad8
GET /cp/prmrk/gb/css/reward.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:19 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9pW0NN1LdXN1msQmTJGM90vHFk3DlsTybNnL8Xd82H6myOk1CVHxvg==
app.rewardflux.com/cp/_assets/css/fonts.css
143.204.55.90200 OK 611 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/fonts.css
IP 143.204.55.90:0
File type ASCII text, with very long lines (661)
Hash 510e8c86a009daea9ce34e65be260fc0
e49461336e37aedb95645ea304bed381d3e92849
291b04348de3f2b2adad01ff43e20fbdb22ef248c2b1b816585bd9973cf767bc
GET /cp/_assets/css/fonts.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sun, 06 Nov 2022 00:15:19 GMT
ETag: W/"6363fc92-12c5"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0nzOufzjE_ABkhXoZh_EiCdVLAwrmC2SNusaegVD5wq6eZqciuXSew==
Age: 23894
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
151.101.85.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash 57a992194d8a5b4bbd4ade561fd348bb
bb66f00fe168c6df50af51abdededdfceb15c59f
be95ec6ab71f5fa87401a698cb9566490258fa9012bb0e8467920b0f74163a0a
GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 00:15:19 GMT
age: 16495875
x-served-by: cache-fra19136-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23938
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/js/bootstrap.min.js
143.204.55.90200 OK 15 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/js/bootstrap.min.js
IP 143.204.55.90:0
File type ASCII text, with very long lines (1289)
Hash df245322b6e5b78b4f23d551755dd857
6f7872d175e59b0e538193d853e881e9efc09f9b
e4dbb88d1eba6a730dfbd127bcb5c4aa17c09f9779ff08576a65b2281461ece7
GET /cp/_assets/js/bootstrap.min.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sun, 06 Nov 2022 00:15:19 GMT
ETag: W/"6363fc92-f2fc"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xSFHiUPH7iBnWCVaKAKUd3YBhXTonSGVhhJ9PDt0t4blUpt66GYSGw==
Age: 23894
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash 1753c16688d0d51f0b3dc7ed7d4dbc4d
6a4842b3dc99394c6584c203175570ff8737c777
a61044d56003744699349a1ffbd6f85e0c62d4ac59b50d185363dd85d755b5c9
GET /npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 00:15:19 GMT
age: 6063251
x-served-by: cache-fra19170-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23046
X-Firefox-Spdy: h2
cdn.rawgit.com/rtaibah/dubai-font-cdn/master/dubai-font.css
194.242.11.186301 Moved Permanently 106 B URL HTTP/1.1 cdn.rawgit.com/rtaibah/dubai-font-cdn/master/dubai-font.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash 828f0efbae6adb3818656d3601b416bf
08140e598a3665dcb257418557662e5b9b796e60
13bb53cca4279ed169b0853713b73129746ff2585460eb8c7df37eacd9a2a500
GET /rtaibah/dubai-font-cdn/master/dubai-font.css HTTP/1.1
Host: cdn.rawgit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 06 Nov 2022 00:15:19 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 106
Connection: keep-alive
Server: BunnyCDN-NO-830
CDN-PullZone: 201235
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: NO
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Age: 57661
Alt-Svc: h3=":443", h3-29=":443", h3-27=":443"
Cache-Control: public, max-age=2592000
Location: https://cdn.jsdelivr.net/gh/rtaibah/dubai-font-cdn@master/dubai-font.css
CDN-CachedAt: 11/06/2022 00:15:19
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Served-By: cache-fra-eddf8230028-FRA, cache-chi-kigq8000024-CHI
X-Cache: MISS, HIT
CDN-ProxyVer: 1.03
CDN-RequestPullCode: 301
CDN-RequestPullSuccess: True
CDN-EdgeStorageId: 830
CDN-Status: 301
CDN-RequestId: 4c1cb0df0afcd95a84535c546fabb9c0
CDN-Cache: EXPIRED
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash a664e93bd89d064edb4edd6b557e61c1
5ee74d4d90553820eb0fe4b345e90d7959dbe493
c0c9d5c21fa42a8a1fdee0947dd9dfa3b06eac293742757b334fc29b60e9a01f
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 00:15:19 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "71DD9BCA69F1852E57315FF119C93793F7A617E2"
Expires: Sun, 06 Nov 2022 11:00:00 GMT
Last-Modified: Sat, 05 Nov 2022 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 473
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7659a2553a82b505-OSL
cdn.jsdelivr.net/gh/rtaibah/dubai-font-cdn@master/dubai-font.css
151.101.85.229200 OK 372 B URL HTTP/2 cdn.jsdelivr.net/gh/rtaibah/dubai-font-cdn@master/dubai-font.css
IP 151.101.85.229:0
Hash ff1986f0def2ce4cc84b26b43719d3fc
7f0ce56b16b318046dca040c587560a8cdf00a64
dc3ba55fafd84ed4cab7b74dd7444af622cc33c843f4d3ef5c7f622f1f78fc75
GET /gh/rtaibah/dubai-font-cdn@master/dubai-font.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"c03-M5MU2vM7uSk9sJCpBZAzhyhQ9X8"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 00:15:19 GMT
age: 16477
x-served-by: cache-fra19132-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 372
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9cd14962ef50180decdb02f19d5db777
187595018f5ff559c4de59c7904d72af36484886
e8c0176a85df7e04612e3ea2ee0900943673c16893a3a0579be0f6573ac8c20b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8C0176A85DF7E04612E3EA2EE0900943673C16893A3A0579BE0F6573AC8C20B"
Last-Modified: Thu, 03 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21562
Expires: Sun, 06 Nov 2022 06:14:42 GMT
Date: Sun, 06 Nov 2022 00:15:20 GMT
Connection: keep-alive
content2020.qubiqlabs.com/html_feeds/assets/css/style.css
34.78.252.25200 OK 1.6 kB URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/assets/css/style.css
IP 34.78.252.25:0
Hash c4b6bce2779e16e247525c0340c55684
6d95e776b86d4a0c17926beb3b850efe43d44cd8
cfcc65c90359102fe586101d4ae60fd3f2d79b5e917eecae6907500fa77e37fa
GET /html_feeds/assets/css/style.css HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/css
Content-Length: 1623
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 17:39:04 GMT
ETag: "6363fcb8-657"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6282
Cache-Control: max-age=120969
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:20 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:51:29 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
app.rewardflux.com/cp/_assets/images/logo/logo_rw.png
143.204.55.90200 OK 35 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/logo/logo_rw.png
IP 143.204.55.90:0
File type PNG image data, 3528 x 624, 8-bit colormap, non-interlaced\012- data
Hash a36a6a04a16c8d92d26d310dffc4a6ca
d6607dcedb1caa750b5ce78fd4e9482a8213d07b
cb83dc4e3793c614b99c499fd8422e636e0e6eeb9edd5a9d3ce7de88bff039a3
GET /cp/_assets/images/logo/logo_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 34804
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Date: Sat, 05 Nov 2022 17:32:22 GMT
ETag: "6363fc92-87f4"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pcdD2glNh4gVzn9f4LZLC1vY2SrjyDUxjDrMrc3wfG3827_hhzbtSQ==
Age: 24178
app.rewardflux.com/cp/_assets/images/elements/open-box.png
143.204.55.90200 OK 7.4 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/open-box.png
IP 143.204.55.90:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash a340027de036b2365bea4b3911daae95
c636049702ac129ac00e9d559a8749015c886b7f
1815bc09bdce9c26d12ffb8be16db619092719960b04aac289685d5dbb3eeef4
GET /cp/_assets/images/elements/open-box.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7410
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-1cf2"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gNw09jVvrEe8ysh5RTCwg3X3whJeJIVOW73q2ytYIV2UNYMLmlPy2Q==
Age: 75643
app.rewardflux.com/cp/prmrk/gb/images/header-wap_rw.png
143.204.55.90200 OK 4.2 kB URL HTTP/1.1 app.rewardflux.com/cp/prmrk/gb/images/header-wap_rw.png
IP 143.204.55.90:0
File type PNG image data, 760 x 85, 8-bit colormap, non-interlaced\012- data
Hash db932b024dc512642b52643d00c6c165
e256de155da4e64a95846201d333968afb1d0e4c
7fd83b77f8b2c07eb866c76b9b249c45181fcaddb8486b2c4977d7cc0302e92b
GET /cp/prmrk/gb/images/header-wap_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4185
Connection: keep-alive
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:43 GMT
ETag: "6363fca3-1059"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BhdORve3Ybv-yX65bKgEukrH40jmO0sFkmCIOkyAqDfB8hltaTUOAA==
app.rewardflux.com/cp/prmrk/gb/images/prizemob_rw.png
143.204.55.90200 OK 30 kB URL HTTP/1.1 app.rewardflux.com/cp/prmrk/gb/images/prizemob_rw.png
IP 143.204.55.90:0
File type PNG image data, 550 x 201, 8-bit colormap, non-interlaced\012- data
Hash 9c254f9c7f87a4fd9f6c8afb99de14f6
4d92cb75c7d18597984dbb299b559823fc0816f9
85e7810af4e8a70b16d554babc40a222e1bd2dc7aa8f83532c5c04360d7f3e79
GET /cp/prmrk/gb/images/prizemob_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 30122
Connection: keep-alive
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:43 GMT
ETag: "6363fca3-75aa"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: neH19vSZXB5QKPEZRHpsjtgO7vpHEefpXmczsvSOiYpuZJIaIhLPLQ==
app.rewardflux.com/cp/prmrk/gb/images/header_rw.png
143.204.55.90200 OK 6.5 kB URL HTTP/1.1 app.rewardflux.com/cp/prmrk/gb/images/header_rw.png
IP 143.204.55.90:0
File type PNG image data, 1068 x 112, 8-bit colormap, non-interlaced\012- data
Hash 05800b45cc67706c6c1bad42b33372a1
b7bb2595dcab9083cd2ce37a1caa5973d9e33f2d
b60818349ee37c5658ea5aa55395a89dcb5b55f2fd9ce4c87bf68214edb4af4f
GET /cp/prmrk/gb/images/header_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6537
Connection: keep-alive
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:43 GMT
ETag: "6363fca3-1989"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Y56nuNa_XuXLhXWJ_k5rSDOc53f9pPn1mY4i8nMT4dV3MvsmtMU4Ew==
app.rewardflux.com/cp/_assets/images/icons/lineal_color/binoculars.png
143.204.55.90200 OK 15 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/icons/lineal_color/binoculars.png
IP 143.204.55.90:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 2f0f6e336314181d95e18db1e74d7c43
58b7bb35f340743da51225b7bd1f42afe890624d
b17013523f4094527c7533d6db4e28070b909bff5c180225b1a2dbf0d3dfcaae
GET /cp/_assets/images/icons/lineal_color/binoculars.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 14809
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Date: Sat, 05 Nov 2022 17:32:23 GMT
ETag: "6363fc92-39d9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sWGrPmbE1MY-6o6moHRtMX_dCAnzaEV1oXCfi4vJz9rHid1GvbMUBQ==
Age: 24177
app.rewardflux.com/cp/prmrk/gb/images/prize_rw.png
143.204.55.90200 OK 83 kB URL HTTP/1.1 app.rewardflux.com/cp/prmrk/gb/images/prize_rw.png
IP 143.204.55.90:0
File type PNG image data, 720 x 522, 8-bit colormap, non-interlaced\012- data
Hash 7c184044f22ad94424b5db17e972a843
e61497832da7e7c99726429b400d08f2bff29741
3278b0ca0a5036a52caa948307f512cf6673e50e8dcebecb3d8a3d54f425a59f
GET /cp/prmrk/gb/images/prize_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 82769
Connection: keep-alive
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:43 GMT
ETag: "6363fca3-14351"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _xjXtzXV09HEPkOu_KempvamfbG1CUAIVHjnf5OtApM6XXla4bwdlQ==
app.rewardflux.com/ssi/elements/base/check.png
143.204.55.90200 OK 348 B URL HTTP/1.1 app.rewardflux.com/ssi/elements/base/check.png
IP 143.204.55.90:0
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced\012- data
Hash 1aecb247e31cfe8ecdf4c1a30fd32799
8ca486751ab6c31c1acaa7868ee26f7d5dd98f83
9f15d5a161e11ec46c3474002d4ae27144633b19413b3ad8608ce11eefb810ad
GET /ssi/elements/base/check.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 348
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:39:46 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Date: Sat, 05 Nov 2022 17:32:23 GMT
ETag: "6363fce2-15c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9F9xiec8AlagVPbXpR0tnCsFGTJiKDcrvIOcbHQU5K2fQ03afDHpzg==
Age: 24177
app.rewardflux.com/cp/_assets/images/icons/lineal_color/survey.png
143.204.55.90200 OK 10 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/icons/lineal_color/survey.png
IP 143.204.55.90:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 0d13e743d44cdbb969f2dbf84a5bacdf
e4a2a3fb79e6ce963201dd9f84fdb3171ef51723
c6f952b3270e17c81070e3df208cd4b4b75178183d2c0de920482ee032ebca76
GET /cp/_assets/images/icons/lineal_color/survey.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 10433
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-28c1"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b0OlwxyLHAldxOfjVri2d4JodPHDL1VQDzsUvlHkSv4cWoLCjhYGwQ==
Age: 75643
app.rewardflux.com/cp/prmrk/gb/images/background.jpg
143.204.55.90200 OK 33 kB URL HTTP/1.1 app.rewardflux.com/cp/prmrk/gb/images/background.jpg
IP 143.204.55.90:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x923, components 3\012- data
Hash 65fc53ca4c98014f610c735606ca3da5
68c7fa70a92afdba1fc2c0ae7b82d4a7159c0d76
bdb91e7924f638ac6fdedf2deef9159b7a2426a1fd25ce06cf9d3e16d22bcc15
GET /cp/prmrk/gb/images/background.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/css/campaign.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 33412
Connection: keep-alive
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:43 GMT
ETag: "6363fca3-8284"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _yCyPaxG5WVjFjLqXUxolOxn-uRbJiL8_WT57Av52SqWDNDSj_A6Hw==
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3f75eb5812f7d078d942a7b42aabb1a8
9aa85b77f2a7f8007bd2325d0eac6efd040f2200
ad8e9b96f0614d60b78687bb68cbdfa9e86c19256743214dfb58e6a08b98169f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6168
Cache-Control: max-age=138884
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:20 GMT
Etag: "63666004-117"
Expires: Mon, 07 Nov 2022 14:50:04 GMT
Last-Modified: Sat, 05 Nov 2022 13:07:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3f75eb5812f7d078d942a7b42aabb1a8
9aa85b77f2a7f8007bd2325d0eac6efd040f2200
ad8e9b96f0614d60b78687bb68cbdfa9e86c19256743214dfb58e6a08b98169f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6168
Cache-Control: max-age=138884
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:20 GMT
Etag: "63666004-117"
Expires: Mon, 07 Nov 2022 14:50:04 GMT
Last-Modified: Sat, 05 Nov 2022 13:07:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
52.89.136.7101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.136.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jX1x0fGKAqTT3vub7D0rNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gbuIg7fKPN/NXBiZFGE1+XUj4n4=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3f75eb5812f7d078d942a7b42aabb1a8
9aa85b77f2a7f8007bd2325d0eac6efd040f2200
ad8e9b96f0614d60b78687bb68cbdfa9e86c19256743214dfb58e6a08b98169f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6168
Cache-Control: max-age=138884
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:20 GMT
Etag: "63666004-117"
Expires: Mon, 07 Nov 2022 14:50:04 GMT
Last-Modified: Sat, 05 Nov 2022 13:07:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
content2020.qubiqlabs.com/html_feeds/unsubscribe/en/unsub_en_header.html
34.78.252.25200 OK 49 B URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/unsubscribe/en/unsub_en_header.html
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash 96665f33efce15ac77989ec400ba46ef
c5f2bdd40a4e9522c3acbd703e40517475a1c46a
827c87c95a41bc8525501c16f3ebf08e76ec20ac1030f7f90ca19663ebe554f1
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/unsubscribe/en/unsub_en_header.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
content2020.qubiqlabs.com/html_feeds/gdpr/gb/gdpr_gb_header.html
34.78.252.25200 OK 89 B URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/gdpr/gb/gdpr_gb_header.html
IP 34.78.252.25:0
Hash f00e887deebfad8886c6a465324dcb45
b127ecc9553258782cb93532f2f638fcc2f91c01
b8ef7371107e2bae095a13a333e70eebcb739226e21b76b9997989604c2e082b
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/gdpr/gb/gdpr_gb_header.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1e04782b2e3db667bd4744adaa79ca7
eb5534aa187fb7c672e39321a6f47f843158541d
4e0bfccc2cbdb3d80ba8552de5e1e996593efd2c6f7f67e09111c74b8ecc9861
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E0BFCCC2CBDB3D80BA8552DE5E1E996593EFD2C6F7F67E09111C74B8ECC9861"
Last-Modified: Sat, 05 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5195
Expires: Sun, 06 Nov 2022 01:41:55 GMT
Date: Sun, 06 Nov 2022 00:15:20 GMT
Connection: keep-alive
content2020.qubiqlabs.com/html_feeds/terms/gb/modal/rewards/tc_gb_header.html
34.78.252.25200 OK 106 B URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/terms/gb/modal/rewards/tc_gb_header.html
IP 34.78.252.25:0
Hash 42be1f35de256062765c2a5dd9333382
ed7efc6670084066fdc51bef34b63567bf851ce2
5fdca55559db3d8ed5297ba73593518e0195e785f06a0b5aab2401058da5e14e
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/terms/gb/modal/rewards/tc_gb_header.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1e04782b2e3db667bd4744adaa79ca7
eb5534aa187fb7c672e39321a6f47f843158541d
4e0bfccc2cbdb3d80ba8552de5e1e996593efd2c6f7f67e09111c74b8ecc9861
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E0BFCCC2CBDB3D80BA8552DE5E1E996593EFD2C6F7F67E09111C74B8ECC9861"
Last-Modified: Sat, 05 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5195
Expires: Sun, 06 Nov 2022 01:41:55 GMT
Date: Sun, 06 Nov 2022 00:15:20 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 47bcf9fa0636cae0101d144f576fdc71
035877b4d69c945bfdb6e96a21fe08faab1b0618
c74361f84e84cc5d85ca2aa3cbe16b6cb95a58064aa160fd29189e816ab0ebeb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169238
Date: Sun, 06 Nov 2022 00:15:20 GMT
Etag: "6366e705-1d7"
Expires: Mon, 07 Nov 2022 23:15:58 GMT
Last-Modified: Sat, 05 Nov 2022 22:43:17 GMT
Server: ECS (dcb/7EC7)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1Fp4nG3mqwImGI-pI6JHQOe7gvZAin-47ZbeGmPgNF5M_Crn3fmGeg==
Age: 1962
content2020.qubiqlabs.com/html_feeds/terms/gb/modal/rewards/tc_gb_content.html
34.78.252.25200 OK 8.3 kB URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/terms/gb/modal/rewards/tc_gb_content.html
IP 34.78.252.25:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash a25bf9381a67cd89ef160057c52aec69
9fbd9b89171754499d02917f5c28e6069aabbd4f
120535303133a9a0c71db348aabdc9d55e10d1cce34670380978bb6ae44c2ac8
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/terms/gb/modal/rewards/tc_gb_content.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
content2020.qubiqlabs.com/html_feeds/gdpr/gb/gdpr_gb_content.html
34.78.252.25200 OK 537 B URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/gdpr/gb/gdpr_gb_content.html
IP 34.78.252.25:0
Hash 8b77c9e6c4a1e4dbfab57b76c4fbf13b
c3a749334caa513fbdeb39285e29b3f4f1cdd7b3
6053f788bc3e3bc05d924a4b82d79a0a2f4bdd43b9976af2d30992cf3a90be42
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/gdpr/gb/gdpr_gb_content.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
content2020.qubiqlabs.com/html_feeds/requirements/gb/rq_gb_header.html
34.78.252.25200 OK 98 B URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/requirements/gb/rq_gb_header.html
IP 34.78.252.25:0
Hash 16fb45f550da7b1de1ed39e5dc7ffc58
6cac986a08f1e022a6a2f3662ebbea23061074c0
352a32c7490e4db9985d10064627b4f6bad374392f9af5046a1f79d3164aff21
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/requirements/gb/rq_gb_header.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3f75eb5812f7d078d942a7b42aabb1a8
9aa85b77f2a7f8007bd2325d0eac6efd040f2200
ad8e9b96f0614d60b78687bb68cbdfa9e86c19256743214dfb58e6a08b98169f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6168
Cache-Control: max-age=138884
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:20 GMT
Etag: "63666004-117"
Expires: Mon, 07 Nov 2022 14:50:04 GMT
Last-Modified: Sat, 05 Nov 2022 13:07:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
content2020.qubiqlabs.com/html_feeds/requirements/gb/rq_gb_content.html
34.78.252.25200 OK 1.7 kB URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/requirements/gb/rq_gb_content.html
IP 34.78.252.25:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 825423b6aea22d2679e17e774262dd80
9a4243e2c0b10cdf46b5c7bc06bd19afe8124813
d7d0c7718692b32d6d57ea98b46cc6a90301027c8dff1af430ab6c03b44d6564
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/requirements/gb/rq_gb_content.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
content2020.qubiqlabs.com/html_feeds/unsubscribe/en/unsub_en_content.html
34.78.252.25200 OK 2.0 kB URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/unsubscribe/en/unsub_en_content.html
IP 34.78.252.25:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 72015b829dc6cd4a4fd32ec75b616b13
7590a5c027eafdf82966b22419d05af852cc8679
81e07c9f74626d9e2cfbb979ae9521822e5295ef99d00cd3eabb4f7feb46d453
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/unsubscribe/en/unsub_en_content.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
content2020.qubiqlabs.com/html_feeds/privacy_policy/gb/modal/pp_gb_header.html
34.78.252.25200 OK 106 B URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/privacy_policy/gb/modal/pp_gb_header.html
IP 34.78.252.25:0
Hash dd5ef4d4793338f6d5f7465fad5e8e56
bf69fdb44ad8e778efae2dcfc4be017f676161d6
e2c8b8ffd37a757d6d726cc5774b1837e23e5b0a651949a644fde9818c0c6f2d
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/privacy_policy/gb/modal/pp_gb_header.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
content2020.qubiqlabs.com/html_feeds/privacy_policy/gb/modal/pp_gb_content.html
34.78.252.25200 OK 16 kB URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/privacy_policy/gb/modal/pp_gb_content.html
IP 34.78.252.25:0
File type Unicode text, UTF-8 text, with very long lines (397)
Hash 2449fa02ece2c54f75dfd6c6ccfbd358
954fdc016c332795c65dc178ec93c9e185a128a0
5de8fa57c8c3812df6f5b2b31455465835c8754a41c403eb89003cfc4e05d03b
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/privacy_policy/gb/modal/pp_gb_content.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
content2020.qubiqlabs.com/html_feeds/reward_status/en/rs_content.html
34.78.252.25200 OK 2.0 kB URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/reward_status/en/rs_content.html
IP 34.78.252.25:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 0dfa63202944d447c176d8a37bbf3ddf
e853ee221d26e7d8c0042e7b9bdbf99ce798c22a
36bed6620d67cd01e4631299510b97ea3ef4fc49d7fe260079f4fc417bf41826
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/reward_status/en/rs_content.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
content2020.qubiqlabs.com/html_feeds/reward_status/en/rs_header.html
34.78.252.25200 OK 52 B URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/reward_status/en/rs_header.html
IP 34.78.252.25:0
Hash 69909144bcca7fc592defb0536558064
1f5bfc57442c75439e3a03544892d8d95605bbca
b4939306f012b01283a6594bcdfa17f6e9afe680a8ab6b0d0e4efdbf09055ffc
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/reward_status/en/rs_header.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
content2020.qubiqlabs.com/html_feeds/reward_options/gb/ro_gb_header.html
34.78.252.25200 OK 42 B URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/reward_options/gb/ro_gb_header.html
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash ebd987665aab2fbc5355102c9e12ed29
f799ae3d50674cf8648532e2fccbe5e6bb0596e7
7e08cab7e06de455a6572bd2ad78c9b083de25d392b02315651c2443026ed008
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/reward_options/gb/ro_gb_header.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
content2020.qubiqlabs.com/html_feeds/reward_options/gb/ro_gb_content.html
34.78.252.25200 OK 713 B URL HTTP/1.1 content2020.qubiqlabs.com/html_feeds/reward_options/gb/ro_gb_content.html
IP 34.78.252.25:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash b26e450cf2a7647badf6b27d42112eac
02e6bbc1bb0f9ed35d21b825f61bf7f942cb6b82
9976762620647e2d165199e10a90d75d002310170166b56b8cd311c3fc82e15a
Analyzer Verdict Alert fortinet Phishing
GET /html_feeds/reward_options/gb/ro_gb_content.html HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Origin: *
cdn.formulead.com/css/main.min.css
34.78.252.25200 OK 94 kB URL HTTP/1.1 cdn.formulead.com/css/main.min.css
IP 34.78.252.25:0
File type ASCII text, with very long lines (65518)
Hash 5ae2d40550531f853c155a93f5d7d0e0
43b97546ec76da1e9a6ead8c75c8028612aed54d
b753dfbd6eb7e304765465c553e697f1ab438b7a5a4e28c5ba0d432957611e56
GET /css/main.min.css HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Accept-Ranges: bytes
Cache-Control: public, max-age=2678400
Last-Modified: Thu, 03 Nov 2022 13:18:05 GMT
ETag: W/"b20df-1843da43ec8"
Vary: Accept-Encoding
Content-Encoding: gzip
app.rewardflux.com/cp/_assets/images/icons/lineal_color/present.png
143.204.55.90200 OK 6.4 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/icons/lineal_color/present.png
IP 143.204.55.90:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 397fe1961f39b65d3fe1f895bb84d016
531e4aac17e08fd5ba63124b1a08a1e99a11edb4
edd84f1a9dc6e540264b50343eef31b174d50e7869c3e8b8a537404a70b2fae7
GET /cp/_assets/images/icons/lineal_color/present.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6431
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Date: Sat, 05 Nov 2022 17:32:23 GMT
ETag: "6363fc92-191f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dBUbU6gXuXuqZEd1630hOuAp-HYHXvBRPxEgRkuC6dDLS0UvqEklHQ==
Age: 24177
app.rewardflux.com/cp/_assets/images/elements/money.png
143.204.55.90200 OK 9.2 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/money.png
IP 143.204.55.90:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash b1c5cc61fc281c1923b4ce121027eefe
9a0ed7613230df3603d4c32e8d6ae75c77821f21
8bd46a19803c22b52327800724dc84ad07e9ba35560ba1e72fae12651a171dd6
GET /cp/_assets/images/elements/money.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 9193
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-23e9"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Si67kRz4cSUmQJ9cxxpHCGENWj-SdHpkAFtPSn8-M50XCiGydAHlhw==
Age: 75643
app.rewardflux.com/cp/_assets/images/elements/booking.png
143.204.55.90200 OK 8.5 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/booking.png
IP 143.204.55.90:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 77c56f73e677a570c51d1aef0fd5e8ac
2da32e66ba0717b34f996f81bbbd151a56010c9f
6314fc372724e6775fea09be629eb50ada5fc12c6191176fdeed191607f6b478
GET /cp/_assets/images/elements/booking.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8526
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Date: Sun, 06 Nov 2022 00:15:20 GMT
ETag: "6363fc92-214e"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iYOhf66LqFiIcFbvQwo190n2I8QFWWQlwGmgBqvZADTCbg3GiOiVCw==
Age: 72751
app.rewardflux.com/cp/_assets/images/testimonials/comment4.jpg
143.204.55.90200 OK 1.2 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment4.jpg
IP 143.204.55.90:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 913bb67af3bc63f06e7a2fa80682356a
3f39e585a7f37c53917d6a98e7817e4214675b79
0462489c1723b118eb41d03adff516882c96a32799c9156169add41bad78438b
GET /cp/_assets/images/testimonials/comment4.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1216
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-4c0"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Bb__-PotocmJT2Ps0wdRN7vzOPeUKF9kCm7RTt1Q7Xa0eUPFtj4BwA==
Age: 75643
app.rewardflux.com/cp/_assets/images/elements/gambling.png
143.204.55.90200 OK 12 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/gambling.png
IP 143.204.55.90:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 808dde3e5014377e239c3f1fdea38a16
6cf7e3a976fd2215478b506e8a453605fb3a1e8c
a6fa96d7faddb32096447d7352683f7d0cd644a206bc311086846b3cb2bef530
GET /cp/_assets/images/elements/gambling.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11663
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-2d8f"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SmUi-zrSRbVhtYpyzIOSLCHmTWkJGItU4Lni57Si8Sia9vVaWV3d3Q==
Age: 75643
app.rewardflux.com/cp/_assets/images/elements/slots.png
143.204.55.90200 OK 6.9 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/slots.png
IP 143.204.55.90:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 2892c2c441888b2377e5c488ffb4b848
b977bb9a7b08bf9f864dead8457294fdc0aa3e85
df95454012a58e737fe58086b53c21bfc637b2ca799c51c1b2fcc85d3506f102
GET /cp/_assets/images/elements/slots.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6919
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-1b07"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ovlagv8Hv9TPfTuM7VacMZuctKYNK6g9DqrJa2OlWB7i6rku5Pd8kA==
Age: 75643
content2020.qubiqlabs.com/fonts/Poppins/poppins-v19-latin-regular.woff2
34.78.252.25200 OK 7.9 kB URL HTTP/1.1 content2020.qubiqlabs.com/fonts/Poppins/poppins-v19-latin-regular.woff2
IP 34.78.252.25:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Poppins/poppins-v19-latin-regular.woff2 HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: application/octet-stream
Content-Length: 7884
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 17:39:03 GMT
ETag: "6363fcb7-1ecc"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
app.rewardflux.com/cp/_assets/images/testimonials/comment1.jpg
143.204.55.90200 OK 1.3 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment1.jpg
IP 143.204.55.90:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 093fed1d47a10f89959d1f6cd17b52b8
ba69754a4820b3ae6e4474ee79f5dac3418d37b4
2ccfbb9753d2fe5aff12dff442d2afb8016c28643390fc9b8d2d3f4061cad388
GET /cp/_assets/images/testimonials/comment1.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1300
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-514"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 94Pjl6NqRCvqOVyEfbrUIZJImRm4azQi2UndZeHHMM3bGNisUkuvRA==
Age: 75643
app.rewardflux.com/cp/_assets/images/elements/travel.png
143.204.55.90200 OK 10 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/travel.png
IP 143.204.55.90:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 301c027030830391c1ab228340975dd3
d6e3659fa428a2c35e13f46190c720b5cfbb857f
6e38e27da952d1934bcf8c8d63a6ba812916de3b8ed2ed516c64d3986c0c6cc2
GET /cp/_assets/images/elements/travel.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 10472
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-28e8"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p9JkWl1elTUoJK2f6W8Zb4odHEX5qWz-E50u9StOp8x4j7Ha-wrhGw==
Age: 75643
app.rewardflux.com/cp/_assets/images/testimonials/comment8.jpg
143.204.55.90200 OK 1.2 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment8.jpg
IP 143.204.55.90:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 4bc4bb8a43aea3578af4a4cffc1ea983
276c96f4d6d1bdf03381d33c92323ca71e795aae
490adcb33271e416d05908764cad72e1f8b6571d0d8b77998633e675c975e344
GET /cp/_assets/images/testimonials/comment8.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1160
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-488"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qMnInJElALwb-M32F8aRGJ3nKcR4CpvBCAAmrzZLgzZvt_T8r3VgKw==
Age: 75643
app.rewardflux.com/cp/_assets/images/testimonials/guy4.jpg
143.204.55.90200 OK 1.5 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/guy4.jpg
IP 143.204.55.90:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 1d784b793786d1355bae03728b4a2408
651e21f9efb765c6dde2e427806715a77f57bad8
8cd58f8e201de30bda5f2d19e8cebbb81512c47c0cbca0b23847fd0494ee3951
GET /cp/_assets/images/testimonials/guy4.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1543
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-607"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rPJNet0dNXL819RXVxB-1pKIQSDwW6xso7tKIMbJ8hYUoGNd-Exp9w==
Age: 75643
app.rewardflux.com/cp/_assets/images/testimonials/comment7.jpg
143.204.55.90200 OK 1.3 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment7.jpg
IP 143.204.55.90:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 79adad5e2afb433b71b3e85407c3ded4
9955b24502b2060826904d1bbca563c4f8956e7d
571d268926cbe49bcc347e5685307169bd263895209b777f083e16e5523b5de3
GET /cp/_assets/images/testimonials/comment7.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1337
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 03:14:37 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-539"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2uMlkwtNyLC785tVP5RMwbZs43FLZQI0uwQvKT96kOFOW-cOJqMpyw==
Age: 75643
cdn.formulead.com/v/country
34.78.252.25200 OK 51 B URL HTTP/1.1 cdn.formulead.com/v/country
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91440c116c92d75cfc02cd72bd060a82
591d3adc1d1d80e012b0dd0214df1f0438ae37f5
1b35c679adcfb2f8fbf92afcaf9f7a741f3c6273503a54b6c55448e1b2807c80
GET /v/country HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:21 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 51
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"33-WR063B0dgOASsN0CFN8fBDiuN/U"
set-cookie: qst.sid=s%3AnW3z2flgGdFZKX6bwVTjquKVGRa6AA1T.7E0pfGg29TSNcyxxkGT7g%2F4ib1YJ8mvd7DWbh4pLD5E; Path=/; HttpOnly
Vary: Accept-Encoding
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 47bcf9fa0636cae0101d144f576fdc71
035877b4d69c945bfdb6e96a21fe08faab1b0618
c74361f84e84cc5d85ca2aa3cbe16b6cb95a58064aa160fd29189e816ab0ebeb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167277
Date: Sun, 06 Nov 2022 00:15:20 GMT
Etag: "6366e705-1d7"
Expires: Mon, 07 Nov 2022 22:43:17 GMT
Last-Modified: Sat, 05 Nov 2022 22:43:17 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EarZDighClUzVBESi3BtGPyERJ92uQhmzKvbFDSZm22kC381_C_Nug==
st.formulead.com/assets/js/bioep.min.js
54.230.111.9200 OK 79 kB URL HTTP/2 st.formulead.com/assets/js/bioep.min.js
IP 54.230.111.9:0
Hash 2245151aefa9f03dc9b1e23b064fa276
3dc4cf23e33b1ff7dfef29ccec4a732cea39c553
a20b1b2ce94f949707fadcf6df1d6c405a4c73c8b81a18b8edc81dba4776769b
GET /assets/js/bioep.min.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sat, 05 Nov 2022 17:29:56 GMT
etag: W/"6329dbed-14c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: owk1hfZwLYmDFcxZLc5gBsQc1nrChJqKTv-hblF2ACDR21-ZDrkhdA==
age: 24324
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/images/favicon/favicon.ico
143.204.55.90200 OK 15 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/favicon/favicon.ico
IP 143.204.55.90:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 360c6446288d4278c0c6598f14e33211
187e40e5ab056456f0b49b52b425e70c8f0a86a3
fbbe3016634bf0bb643c407a9a4e3b676362e9e0a1eb25dd3e8e3d898fbb6c1e
GET /cp/_assets/images/favicon/favicon.ico HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/prmrk/gb/reward.html?pre=0&p_id=6263bcc875f18a6e50a463b3&_c_id=aff_code:LDA;request_id:5549ac217ecb1307d1fe5a4619f4b4b7;aff_tid:;aff_goal_id:11021;aff_goal_id2:11022;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2253;aff_inc:primark&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 15406
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Date: Sun, 06 Nov 2022 00:15:21 GMT
ETag: "6363fc92-3c2e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hn42r-Y0Ygck8NUW8tNw_EGg_Rf3gzuwG-IClAQOOAx7ouyvNPGm-A==
Age: 23893
d25m05rhmo2ok7.cloudfront.net/microsite_picture/b2ec14f6-5b50-4da0-ba50-8655fed5211a/secure3.png
143.204.42.230200 OK 3.0 kB URL HTTP/2 d25m05rhmo2ok7.cloudfront.net/microsite_picture/b2ec14f6-5b50-4da0-ba50-8655fed5211a/secure3.png
IP 143.204.42.230:0
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 49ce47d7b75cd4c9ebf33a96ad588834
d331bf5584e6f00961942b7ce693093bfae7ea48
7c33a402486be20064bb9b175a03957ecbc0e7ad71ebb3b9887c22222412a1ff
GET /microsite_picture/b2ec14f6-5b50-4da0-ba50-8655fed5211a/secure3.png HTTP/1.1
Host: d25m05rhmo2ok7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2961
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Aug 2018 07:47:54 GMT
x-amz-version-id: nEi6ItVcFl1vrhE0svFWvt_pZtgq2mnn
accept-ranges: bytes
server: AmazonS3
date: Sun, 06 Nov 2022 00:15:22 GMT
etag: "49ce47d7b75cd4c9ebf33a96ad588834"
x-cache: RefreshHit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I8UeGM9pwfHycrbe8roNlCY1e8u6j3fwyzJNeZTOLO6O5N1Vog_Msw==
X-Firefox-Spdy: h2
d25m05rhmo2ok7.cloudfront.net/microsite_picture/843d5f48-ee99-476c-a3ac-6111d3ab7235/secure1.png
143.204.42.230200 OK 3.2 kB URL HTTP/2 d25m05rhmo2ok7.cloudfront.net/microsite_picture/843d5f48-ee99-476c-a3ac-6111d3ab7235/secure1.png
IP 143.204.42.230:0
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 7154d5a363fcfa8553caabf2998c98f2
d6880dce09104e5a5316f6663d7a72852d7b2a2f
6fa1996e350236b3b2427804baff4672e991bb1ee942cd749b62f43134c81369
GET /microsite_picture/843d5f48-ee99-476c-a3ac-6111d3ab7235/secure1.png HTTP/1.1
Host: d25m05rhmo2ok7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 3217
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Aug 2018 07:47:53 GMT
x-amz-version-id: y8wr51Nn.xPOMxliMD7.WPL_irWBZeZA
accept-ranges: bytes
server: AmazonS3
date: Sun, 06 Nov 2022 00:15:22 GMT
etag: "7154d5a363fcfa8553caabf2998c98f2"
x-cache: RefreshHit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EEVGI3DPj0WaDwjAF0D_zt_-9odZ3pKEJ5RJxNmBDdafXBaEYLf31A==
X-Firefox-Spdy: h2
d25m05rhmo2ok7.cloudfront.net/microsite_picture/9f4bd660-852c-494c-afba-1dadfe10f1fe/secure2.png
143.204.42.230200 OK 2.9 kB URL HTTP/2 d25m05rhmo2ok7.cloudfront.net/microsite_picture/9f4bd660-852c-494c-afba-1dadfe10f1fe/secure2.png
IP 143.204.42.230:0
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 7730bc66025ca4d800d235089631ff10
b09ea5503764c03fecb0022af532e4ffa6d33be1
e9846a5c43ea69813d973e44146575a5ef3a76616f7c22c5c163b7bcf82bfea9
GET /microsite_picture/9f4bd660-852c-494c-afba-1dadfe10f1fe/secure2.png HTTP/1.1
Host: d25m05rhmo2ok7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2916
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Aug 2018 07:47:54 GMT
x-amz-version-id: p92_7RAnaYT0eeH5mIk71qybMVBNbFvu
accept-ranges: bytes
server: AmazonS3
date: Sun, 06 Nov 2022 00:15:22 GMT
etag: "7730bc66025ca4d800d235089631ff10"
x-cache: RefreshHit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Qyo8YltcDwrglCvR0QVZRhmfO8mEaSKlX-cf5b8tYvi0sChV7Nz5OQ==
X-Firefox-Spdy: h2
cdn.formulead.com/p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=initial
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:21 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash a395f26be008f0828ae86952d0f66715
71e5f5c0a61726fc51e5e80f4badd5790e70eec3
a8ec269434da058fd730782cccf6d52aab61c4f01667261928e79d4de026fa5e
GET /recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu- HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 06 Nov 2022 00:15:21 GMT
date: Sun, 06 Nov 2022 00:15:21 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.formulead.com/p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=initial
34.78.252.25200 OK 6.2 kB URL HTTP/1.1 cdn.formulead.com/p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (25283), with no line terminators
Hash 3f522fd4504f374e38a8028812499095
6aa1f085f502fbdee0983dde9d8f49d57f70cc15
5d0577746b0e8f07d8941bce9038e34e1220efbc3d8de4744720867931269c6c
GET /p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R.WhE/RfSZ++edTpVE6ozoOfAfLEzVq0ZjDr0P+iX4E4U
X-Request-Id: b88592335e60477654f1be1a
X-iivmxswc: 2e0b7790c845e3f30ee78b37655e3ac53deee1c9e18bed385686cbcfc606a6e7
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=6263bcc875f18a6e50a463b3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:21 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: stp=1; Path=/; Expires=Tue, 05 Nov 2024 00:15:21 GMT; Secure; SameSite=None
ck_tsp=2022-11-06T00%3A15%3A21.592Z; Path=/; Expires=Tue, 05 Nov 2024 00:15:21 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Tue, 05 Nov 2024 00:15:21 GMT; Secure; SameSite=None
ETag: W/"6396-stBnz9DWXjqyN9NOvUIxW+MG2J0"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 864 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1af7bdbe0cf6c1c8b9f1790ac6977c78
7597cff0a8b5034926f70544f2654a1ff46304b7
925c5f33597b0c8dbceda89211bc13d6d3185a5be9f55b714241e702cd26772a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9922
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sun, 06 Nov 2022 00:15:21 GMT
Connection: keep-alive
cdn.formulead.com/p/6263bcc875f18a6e50a463b3/p.js
34.78.252.25200 OK 503 B URL HTTP/1.1 cdn.formulead.com/p/6263bcc875f18a6e50a463b3/p.js
IP 34.78.252.25:0
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
GET /p/6263bcc875f18a6e50a463b3/p.js HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:20 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
set-cookie: lid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
plc=6263bcc875f18a6e50a463b3; Path=/; Expires=Tue, 05 Nov 2024 00:15:20 GMT; Secure; SameSite=None
qst.sid=s%3At2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R.WhE%2FRfSZ%2B%2BedTpVE6ozoOfAfLEzVq0ZjDr0P%2BiX4E4U; Path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9922
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sun, 06 Nov 2022 00:15:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9922
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sun, 06 Nov 2022 00:15:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9922
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sun, 06 Nov 2022 00:15:21 GMT
Connection: keep-alive
st.formulead.com/assets/img/spinner/puff.svg
54.230.111.9200 OK 6.9 kB URL HTTP/2 st.formulead.com/assets/img/spinner/puff.svg
IP 54.230.111.9:0
Hash 9c7baf4a91dae6236386a4652512f37e
ecdf72c3f6c6032bc00ceb03c83d9dc8f9f81d8c
2dc3df132f89cd1eb6ea946c54d0784534239f883b7636d14003475bfa154bcf
GET /assets/img/spinner/puff.svg HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx/1.19.0
date: Sat, 05 Nov 2022 04:05:33 GMT
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
etag: W/"6329dbed-5b4"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nyUoiJd4Tdp-VU_H37q3ak7EDAjguBRnN8Rm1SrHdRblLCr0OKxhVg==
age: 72588
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fca0567-0bda-4bac-bb89-67725f8861ba.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fca0567-0bda-4bac-bb89-67725f8861ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 011dfec799b7ed1ef3699e117fb952c9
589b1281b11a3f0fba3a1445674d45404e49904b
3af8e1de964a857b56aa5cc59a0279779f29c44f57698f96ad728347eb3675a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fca0567-0bda-4bac-bb89-67725f8861ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9634
x-amzn-requestid: 1247a571-4ebd-42e3-9fc0-f0da104a24fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGSWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-6f1bcfbd6f12dfd00418b844;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VFMcJdDPcwHmVZycXB0FC9yFjIFxuN4ylvBioufWLYCDXIlA9fx-0w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:03:47 GMT
age: 7894
etag: "589b1281b11a3f0fba3a1445674d45404e49904b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93aada35cf6b5ccf56d7c8c49e566a1e
349f301eab8e4cd3732e9b0fbd1675bbbe3e969b
2285236779612c298f54306c6237df079a3329daa415c3f3a9015bf2a75f99aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9331
x-amzn-requestid: d67eca4f-66a8-4366-b2d8-fb424e77b438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJb3lHQmIAMFemg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d9c9-77519cf22b23b7e00a23cacc;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:46:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZiP3LoPE9a2aP16DN-jBzPfGPS_uW4M_qtJ3ilw26cxK6w6mWJOxPQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
etag: "349f301eab8e4cd3732e9b0fbd1675bbbe3e969b"
content-type: image/jpeg
age: 7363
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
st.formulead.com/assets/js/helpers.js
54.230.111.9200 OK 18 kB URL HTTP/2 st.formulead.com/assets/js/helpers.js
IP 54.230.111.9:0
Hash 24ae0863202a2aad1d06dc0190dca4c1
d75c567ba67ffdb9139f2e8b5c294b20e2aec196
b44e5fe3bc295d16b9a02efcc0b2274edea2ce5007ad646114aedff39c7a63c3
GET /assets/js/helpers.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
date: Sat, 05 Nov 2022 01:41:34 GMT
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
etag: W/"6329dbed-fefc"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tQCLpifJLunNAhW_XmpN874VgUsftdSmq6fL80OXztQOTVk6UFRLnw==
age: 81226
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 06:27:59 GMT
age: 64043
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j0I2JcPIptLTJZlwg8QG7kkTE1eCvZiBDzi6j2YYqNwvawJ6k2CqHQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:50 GMT
age: 8792
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:22 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: b88592335e60477654f1be1a
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=6263bcc875f18a6e50a463b3; stp=1; ck_tsp=2022-11-06T00%3A15%3A21.592Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:22 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
set-cookie: qst.sid=s%3AoOlVfxGTmC2O1ksKCmttc9mXGGRz9yBR.tA7HnM1Ftrt9LHGhJ%2BzhLuQ5p4lQF1ae4GPcNyjiWTo; Path=/; HttpOnly
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5113c2beeef61593eb3370a63df57edf
794e1078d90d8e6084931327c6e8517d9f410d5b
1966042db56611454a55994bde9966a63b84d708755d6b253b99daedeb0d6d5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1966042DB56611454A55994BDE9966A63B84D708755D6B253B99DAEDEB0D6D5F"
Last-Modified: Sat, 05 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5201
Expires: Sun, 06 Nov 2022 01:42:03 GMT
Date: Sun, 06 Nov 2022 00:15:22 GMT
Connection: keep-alive
content2020.qubiqlabs.com/fonts/myriad-pro/MyriadPro-Regular.woff
34.78.252.25200 OK 52 kB URL HTTP/1.1 content2020.qubiqlabs.com/fonts/myriad-pro/MyriadPro-Regular.woff
IP 34.78.252.25:0
File type Web Open Font Format, CFF, length 51572, version 0.0\012- data
Hash 6a324f29ef3efabd2176f8b697ad71ed
dd696f0c713eb491c6e16bec9fda63f3f23999ba
6d64c461708b8f11e06451c96779d22fc2b8de582214c77493ecc57c32ede06e
Analyzer Verdict Alert fortinet Phishing
GET /fonts/myriad-pro/MyriadPro-Regular.woff HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:22 GMT
Content-Type: application/font-woff
Content-Length: 51572
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 17:39:04 GMT
ETag: "6363fcb8-c974"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:22 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
submittrk.com/clk?aff_id=1339&offer_id=2253&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_click_id=&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&aff_tt=dp
34.78.252.25200 OK 82 B URL HTTP/1.1 submittrk.com/clk?aff_id=1339&offer_id=2253&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_click_id=&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&aff_tt=dp
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0183cb8402306aebcf3d198a1306dafb
bdf2c5624dccd880460ee3a804aebdca4e64ac70
7e2e8f2f75ff012aff59ef87f6fdda3ad638630c49dd6c351a882f8970b910b6
GET /clk?aff_id=1339&offer_id=2253&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_click_id=&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&aff_tt=dp HTTP/1.1
Host: submittrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:22 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 82
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Content-Type
ETag: W/"52-vfLFYk3M2IBGDuOoBK69yk5krHA"
Set-Cookie: hexa.sid=s%3A0obfQVrzhPDgbm7_kvDUILME891KIaS5.TQMI32tLBWpV39SRHruHv3%2BlPD67PQZDDiIsho9MsUQ; Path=/; HttpOnly; Secure
Vary: Accept-Encoding
cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: b88592335e60477654f1be1a
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=6263bcc875f18a6e50a463b3; stp=1; ck_tsp=2022-11-06T00%3A15%3A21.592Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:22 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
set-cookie: qst.sid=s%3AwFHOSyz7VED-nX1SN22I9R-YnQYl0tlF.jg635c4kKKzz5dI0fxWjhBtl260ouKrYKl09RxAvyKQ; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=full
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=full
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:22 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
app.rewardflux.com/assets/svg/check/check.svg
143.204.55.90200 OK 250 B URL HTTP/1.1 app.rewardflux.com/assets/svg/check/check.svg
IP 143.204.55.90:0
Hash 5e2891649c75b864d832175430ad8cb9
762ff0e2638e71e3a8d76893744c623ef4826b8b
7fd9520b93ec38a8c7e093d213c08bc79dd328ba41b4f6dcf46db195fdb36438
GET /assets/svg/check/check.svg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/_assets/css/style.css
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 250
Connection: keep-alive
Server: nginx/1.19.0
Date: Sat, 05 Nov 2022 04:03:19 GMT
Last-Modified: Thu, 03 Nov 2022 17:38:26 GMT
ETag: "6363fc92-fa"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9YKhhC-yZ8gfcxrXzanqHQ2okNPm1DDsFQrRfVaHmiDKHWkR6SNiCQ==
Age: 72723
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b552db6ae957ce0c69da3775d3030f14
0c18295fbcc0dc765b83062d19c64fca7a24ae56
cd7f4d1de56503fde6fd95e7d6914e0f1ac21faf35d4832a10af5f36d619933b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=145282
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:22 GMT
Etag: "6366911c-118"
Expires: Mon, 07 Nov 2022 16:36:44 GMT
Last-Modified: Sat, 05 Nov 2022 16:36:44 GMT
Server: nginx
Content-Length: 280
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
142.250.74.163200 OK 162 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (590)
Size 162 kB (162282 bytes)
Hash 05e06c50dab6f3d7f8bfde22301888db
64b3c20c788d298a672fabf9627eac914d95ed08
95176711feca1110e764a31e36764d5b331b033ed56fb372b42250329b33e1d6
GET /recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 14:45:31 GMT
expires: Sun, 05 Nov 2023 14:45:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 04:02:45 GMT
content-type: text/javascript
age: 34191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b552db6ae957ce0c69da3775d3030f14
0c18295fbcc0dc765b83062d19c64fca7a24ae56
cd7f4d1de56503fde6fd95e7d6914e0f1ac21faf35d4832a10af5f36d619933b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=145282
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:15:22 GMT
Etag: "6366911c-118"
Expires: Mon, 07 Nov 2022 16:36:44 GMT
Last-Modified: Sat, 05 Nov 2022 16:36:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
cdn.formulead.com/t/errors
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/t/errors
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/errors HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:22 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/errors
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/t/errors
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/errors HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R.WhE/RfSZ++edTpVE6ozoOfAfLEzVq0ZjDr0P+iX4E4U
Content-Type: application/json
Content-Length: 148
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:22 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
use.fontawesome.com/1744f3f671.js
172.64.133.15200 OK 3.5 kB URL HTTP/2 use.fontawesome.com/1744f3f671.js
IP 172.64.133.15:0
File type Unicode text, UTF-8 text, with very long lines (9239)
Hash ff7ef42d38590e4266f38604aae75f3c
1f5cbba5f8580bdd963f79869c58498121bda4fd
37692851a14ee9bd0cf803c40f86884b83b5c01c557f02263efa08a1b0f0a56e
GET /1744f3f671.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 00:15:19 GMT
content-type: text/javascript
x-amz-id-2: 6d0LmXxusvBARq0h0Bd7VLhSMKaxkrHswapPAG4xpRO+fQB1qR8avqc+aqCjXgia10+1chHLyXc=
x-amz-request-id: BTBC9FT0JTWAGVFY
last-modified: Wed, 30 Jun 2021 17:02:42 GMT
etag: W/"8be700ece8699a7c3f7a870ee2840cdf"
cache-control: max-age=1800
cf-cache-status: HIT
age: 3905
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=togsefFSkwNhZ%2B0YpIytHA7nB5I67LJOEsq1I0iPD8y1mGmHisj6eb1Z4Zjr068B0iWtiG6JZWtlsrn9rPF1RpvHRWd6LnpmZSEuO1ao6XE1R9BO%2BLuFYeDxfn%2FfqkeJxoCMt5LH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7659a254988e751d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 12:31:58 GMT
expires: Sun, 05 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 42205
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:46:16 GMT
expires: Fri, 03 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 181747
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/z0grl55ygx
172.64.168.3200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/z0grl55ygx
IP 172.64.168.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/z0grl55ygx HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Content-type: application/json
Origin: http://app.rewardflux.com
Content-Length: 103
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 00:15:23 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://app.rewardflux.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wyvbEDPAQU%2BQ8he7a3RGu4yXMcSszI4DAH9LCvgoJ4cPtb3zDiNX%2FCukvPXh%2FHPElGT84vYHFMdfuH25o7d%2BCvQWwtDpmX2tC46kc0S5hAQv1Nv8l8UflzD8UqFq0Xk%2F4u34a8GdpHCdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7659a26a3a6188bb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.formulead.com/t/validator
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/t/validator
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/validator HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:23 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/page
34.78.252.25200 OK 2 B IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:23 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/validator
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/t/validator
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/validator HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R.WhE/RfSZ++edTpVE6ozoOfAfLEzVq0ZjDr0P+iX4E4U
Content-Type: application/json
Content-Length: 1854
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:23 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
cdn.formulead.com/v/recaptcha3?token=03AEkXODD5a535BkAqkMjMVdHYOs8WjqEs0K8K1j0E3AfzN9jH5zDM-Byrn6gG_cvBjUkPBQXexvX3nNOwjN1OADIExr47YOZofQrbMwlkkRjo_771PyJ_w9uDIQyu8T28LWY-iqhjzifxt7JHcC0SKpvZ8dzRgGn90eMdIXgUuqHhHjqpn43vuKaaC_bysd1NbV5oqjsuRrw8EySxC5SRqwvl7GdDhTS5OKk0xqCmkIHnbO7CE-HNYQjtQKQMLYV7UXqKICsjHtsmve4sq7igHASMervBEd3txP1oW9uUpO1V4Oti-9z9sBQPAlRBv0rcLlaJsBbFNOthXyU7zk3QqAAjeaHkR4mxNIyNeCCsMkcJEu1qArsuSf7xMgldV9GdrOUYvAhxfvBzTVVyBOWxsRaN0Jo533Z_GVhmA70Ji-3JbZGb1Jp_Ob0FilPgDMNa_oPsSpI2reiN6XBNgYaDfOb0gxJuV_qTXvPquCZhWK-nPW0uOTW-NVPyqBpY-0qBq67rr2biw0jW&step=1
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AEkXODD5a535BkAqkMjMVdHYOs8WjqEs0K8K1j0E3AfzN9jH5zDM-Byrn6gG_cvBjUkPBQXexvX3nNOwjN1OADIExr47YOZofQrbMwlkkRjo_771PyJ_w9uDIQyu8T28LWY-iqhjzifxt7JHcC0SKpvZ8dzRgGn90eMdIXgUuqHhHjqpn43vuKaaC_bysd1NbV5oqjsuRrw8EySxC5SRqwvl7GdDhTS5OKk0xqCmkIHnbO7CE-HNYQjtQKQMLYV7UXqKICsjHtsmve4sq7igHASMervBEd3txP1oW9uUpO1V4Oti-9z9sBQPAlRBv0rcLlaJsBbFNOthXyU7zk3QqAAjeaHkR4mxNIyNeCCsMkcJEu1qArsuSf7xMgldV9GdrOUYvAhxfvBzTVVyBOWxsRaN0Jo533Z_GVhmA70Ji-3JbZGb1Jp_Ob0FilPgDMNa_oPsSpI2reiN6XBNgYaDfOb0gxJuV_qTXvPquCZhWK-nPW0uOTW-NVPyqBpY-0qBq67rr2biw0jW&step=1
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/recaptcha3?token=03AEkXODD5a535BkAqkMjMVdHYOs8WjqEs0K8K1j0E3AfzN9jH5zDM-Byrn6gG_cvBjUkPBQXexvX3nNOwjN1OADIExr47YOZofQrbMwlkkRjo_771PyJ_w9uDIQyu8T28LWY-iqhjzifxt7JHcC0SKpvZ8dzRgGn90eMdIXgUuqHhHjqpn43vuKaaC_bysd1NbV5oqjsuRrw8EySxC5SRqwvl7GdDhTS5OKk0xqCmkIHnbO7CE-HNYQjtQKQMLYV7UXqKICsjHtsmve4sq7igHASMervBEd3txP1oW9uUpO1V4Oti-9z9sBQPAlRBv0rcLlaJsBbFNOthXyU7zk3QqAAjeaHkR4mxNIyNeCCsMkcJEu1qArsuSf7xMgldV9GdrOUYvAhxfvBzTVVyBOWxsRaN0Jo533Z_GVhmA70Ji-3JbZGb1Jp_Ob0FilPgDMNa_oPsSpI2reiN6XBNgYaDfOb0gxJuV_qTXvPquCZhWK-nPW0uOTW-NVPyqBpY-0qBq67rr2biw0jW&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:23 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/recaptcha3?token=03AEkXODD5a535BkAqkMjMVdHYOs8WjqEs0K8K1j0E3AfzN9jH5zDM-Byrn6gG_cvBjUkPBQXexvX3nNOwjN1OADIExr47YOZofQrbMwlkkRjo_771PyJ_w9uDIQyu8T28LWY-iqhjzifxt7JHcC0SKpvZ8dzRgGn90eMdIXgUuqHhHjqpn43vuKaaC_bysd1NbV5oqjsuRrw8EySxC5SRqwvl7GdDhTS5OKk0xqCmkIHnbO7CE-HNYQjtQKQMLYV7UXqKICsjHtsmve4sq7igHASMervBEd3txP1oW9uUpO1V4Oti-9z9sBQPAlRBv0rcLlaJsBbFNOthXyU7zk3QqAAjeaHkR4mxNIyNeCCsMkcJEu1qArsuSf7xMgldV9GdrOUYvAhxfvBzTVVyBOWxsRaN0Jo533Z_GVhmA70Ji-3JbZGb1Jp_Ob0FilPgDMNa_oPsSpI2reiN6XBNgYaDfOb0gxJuV_qTXvPquCZhWK-nPW0uOTW-NVPyqBpY-0qBq67rr2biw0jW&step=1
34.78.252.25200 OK 165 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AEkXODD5a535BkAqkMjMVdHYOs8WjqEs0K8K1j0E3AfzN9jH5zDM-Byrn6gG_cvBjUkPBQXexvX3nNOwjN1OADIExr47YOZofQrbMwlkkRjo_771PyJ_w9uDIQyu8T28LWY-iqhjzifxt7JHcC0SKpvZ8dzRgGn90eMdIXgUuqHhHjqpn43vuKaaC_bysd1NbV5oqjsuRrw8EySxC5SRqwvl7GdDhTS5OKk0xqCmkIHnbO7CE-HNYQjtQKQMLYV7UXqKICsjHtsmve4sq7igHASMervBEd3txP1oW9uUpO1V4Oti-9z9sBQPAlRBv0rcLlaJsBbFNOthXyU7zk3QqAAjeaHkR4mxNIyNeCCsMkcJEu1qArsuSf7xMgldV9GdrOUYvAhxfvBzTVVyBOWxsRaN0Jo533Z_GVhmA70Ji-3JbZGb1Jp_Ob0FilPgDMNa_oPsSpI2reiN6XBNgYaDfOb0gxJuV_qTXvPquCZhWK-nPW0uOTW-NVPyqBpY-0qBq67rr2biw0jW&step=1
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fc950312ea05972fa34ac99a0b72a5c0
1fed95df9c4048852ca7a9cb2068b352596d4e52
4e5792b93ce31444e446412d64da472c39154257dec51c2381e0b43a9621802d
GET /v/recaptcha3?token=03AEkXODD5a535BkAqkMjMVdHYOs8WjqEs0K8K1j0E3AfzN9jH5zDM-Byrn6gG_cvBjUkPBQXexvX3nNOwjN1OADIExr47YOZofQrbMwlkkRjo_771PyJ_w9uDIQyu8T28LWY-iqhjzifxt7JHcC0SKpvZ8dzRgGn90eMdIXgUuqHhHjqpn43vuKaaC_bysd1NbV5oqjsuRrw8EySxC5SRqwvl7GdDhTS5OKk0xqCmkIHnbO7CE-HNYQjtQKQMLYV7UXqKICsjHtsmve4sq7igHASMervBEd3txP1oW9uUpO1V4Oti-9z9sBQPAlRBv0rcLlaJsBbFNOthXyU7zk3QqAAjeaHkR4mxNIyNeCCsMkcJEu1qArsuSf7xMgldV9GdrOUYvAhxfvBzTVVyBOWxsRaN0Jo533Z_GVhmA70Ji-3JbZGb1Jp_Ob0FilPgDMNa_oPsSpI2reiN6XBNgYaDfOb0gxJuV_qTXvPquCZhWK-nPW0uOTW-NVPyqBpY-0qBq67rr2biw0jW&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: b88592335e60477654f1be1a
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=6263bcc875f18a6e50a463b3; stp=1; ck_tsp=2022-11-06T00%3A15%3A21.592Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:23 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 165
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"a5-H+2V35xASIUsp6nLIGizUlltTlI"
set-cookie: qst.sid=s%3AFP07J3LgHR3d8jnO0DB2ylL-6X161zlF.NxM00E2cyC331Ir0FKBnh2yxYUgS%2F9Wu4p79KGCPLuo; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=full
34.78.252.25200 OK 94 kB URL HTTP/1.1 cdn.formulead.com/p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=full
IP 34.78.252.25:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65221), with no line terminators
Hash 27ed22d383aca29495dd50b986f48080
8e5aed4f577d4f345a9dec90d7a07705bcb74613
619a5198789121f3ce44b096807ae23fe00eaa2879df6b703c636191f87eba53
GET /p/6263bcc875f18a6e50a463b3/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=6263bcc875f18a6e50a463b3&qb_offer_id=6308cfcdfaa4ba49bbcaae9d&qb_flow_id=6308cfcdfaa4ba49bbcaae9d&qb_vendor_id=576309b368f48b0100f7082f&qb_country=GB&ql_session_id=t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R&pre=0&p_id=6263bcc875f18a6e50a463b3&aff_code=LDA&request_id=5549ac217ecb1307d1fe5a4619f4b4b7&aff_goal_id=11021&aff_goal_id2=11022&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2253&aff_inc=primark&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fprmrk%2Fgb%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fprmrk%2Fgb%2Freward.html&stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R.WhE/RfSZ++edTpVE6ozoOfAfLEzVq0ZjDr0P+iX4E4U
X-Request-Id: b88592335e60477654f1be1a
X-iivmxswc: 2e0b7790c845e3f30ee78b37655e3ac53deee1c9e18bed385686cbcfc606a6e7
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=6263bcc875f18a6e50a463b3; stp=1; ck_tsp=2022-11-06T00%3A15%3A21.592Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:26 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: stp=1; Path=/; Expires=Tue, 05 Nov 2024 00:15:22 GMT; Secure; SameSite=None
ck_tsp=2022-11-06T00%3A15%3A22.510Z; Path=/; Expires=Tue, 05 Nov 2024 00:15:22 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Tue, 05 Nov 2024 00:15:22 GMT; Secure; SameSite=None
ETag: W/"7765b-gxkoNMKFY0H71UCHnw39qVsG7xI"
Vary: Accept-Encoding
Content-Encoding: gzip
cdn.formulead.com/t/page
34.78.252.25200 OK 16 B IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:t2K_iidB_79KGzL9eqzzMeUWOVO8Hb7R.WhE/RfSZ++edTpVE6ozoOfAfLEzVq0ZjDr0P+iX4E4U
Content-Type: application/json
Content-Length: 116
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sun, 06 Nov 2022 00:15:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
kit.fontawesome.com/0711a5d108.js
104.18.22.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/0711a5d108.js
IP 104.18.22.52:0
GET /0711a5d108.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 00:15:20 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyReOxablGRWpv0biVOC
cf-cache-status: MISS
server: cloudflare
cf-ray: 7659a2541bb7b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108
172.64.202.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108
IP 172.64.202.28:0
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 00:15:20 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4a0cc459ba06aacf2a1f9058da1dd0e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: 9ttBcETe54p_BJcu-OaemPB_EKVSASuWMFjCrjmsCjpGz12QMIllww==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuwUQ7b1wj0lHHZfZDe1pnhBIfsuHEtlwaP3GoBPZ4Y%2BGhPh4MhXtjzqYtDx7nsiQk9GCStEidXbWAT6NZigtXZAG%2Fkh4zBKjz0V2qAM%2FNQNEJ7REYVnKmwd1qHaAegtvFmcaW4atg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7659a25a1a4071d4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108
172.64.202.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108
IP 172.64.202.28:0
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 00:15:20 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24639548230786af4bba1a9e26c6080e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: UyjbMvPCRNf1JFLA7ImVOjs7hO0st0LhynJftuXMqZy_Px3_UEokLA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0yly8jwCOKrzDwVfFIN09m8n2Ktio3MaImhRiYRxSsTsL7a2uWVntinLkmys%2BQbdGlRZMiM9nh7uVybPtvgi3I3Y%2FN6Ne%2Fwvu7xd5iGsKQBDO5OsP5VH1ylFArMDUnjS97LuEl3WA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7659a25a3a6471d4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=app.rewardflux.com
172.64.169.3200 OK 0 B URL HTTP/2 trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=app.rewardflux.com
IP 172.64.169.3:0
GET /scripts/push/script/z75dnkdk4q?url=app.rewardflux.com HTTP/1.1
Host: trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 00:15:22 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGufcvNF2cRH320byZN%2FmFPt9uc7pjJ7tTAEiwnEBo0QJLm98xP2u83DOXofNn4laHwUz2fch0D3ALdI9VI%2F5fzyQ1ojuGapRnPBLYQnpj9uxFNF4j6FWEsrxJkBPWEYQE1Oow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7659a2677b8275e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2