ujn.nowsubmission.com/?kw=43588&s1=c8d20ef60b48406386febfff0a5970731e1bf&s2=
301 Moved Permanently
0
URL
HTTP/1.1
ujn.nowsubmission.com/?kw=43588&s1=c8d20ef60b48406386febfff0a5970731e1bf&s2=
IP
ASN
#61317 Ipxo Uk Limited
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?kw=43588&s1=c8d20ef60b48406386febfff0a5970731e1bf&s2= HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://ujn.nowsubmission.com/?kw=43588&s1=c8d20ef60b48406386febfff0a5970731e1bf&s2=
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6837
Expires: Wed, 01 Feb 2023 17:52:47 GMT
Date: Wed, 01 Feb 2023 15:58:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10028
Expires: Wed, 01 Feb 2023 18:45:58 GMT
Date: Wed, 01 Feb 2023 15:58:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK
939
URL
HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
Magic
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 15:36:02 GMT
content-type: application/json
age: 1368
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4345
Expires: Wed, 01 Feb 2023 17:11:15 GMT
Date: Wed, 01 Feb 2023 15:58:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK
5348
URL
HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
Magic
PEM certificate\012- , ASCII text
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8AK79+vRAAtXvmiVRWgqHvt5EPGfxvhLx2+oSSQwt4rJ8cGgvdprUTuoI4Pw6dHcszqLmOGhLhU=
x-amz-request-id: 7Q43EQMFG9MZAWV2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 15:22:43 GMT
age: 2167
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK
12
URL
HTTP/2
contile.services.mozilla.com/v1/tiles
IP
Magic
JSON data\012- , ASCII text, with no line terminators
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 15:58:50 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
6bfd1600f3afca0a2ae87b05c5c8c508
11881d89d2ced957545f5cc06b95daaa52e398cc
f5b42c10615beb4b7d59735d229c75e2c35aa1293a95ff7dee4fa486182db858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5B42C10615BEB4B7D59735D229C75E2C35AA1293A95FF7DEE4FA486182DB858"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16074
Expires: Wed, 01 Feb 2023 20:26:44 GMT
Date: Wed, 01 Feb 2023 15:58:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK
329
URL
HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
Magic
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 15:49:05 GMT
age: 585
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5462
Expires: Wed, 01 Feb 2023 17:29:52 GMT
Date: Wed, 01 Feb 2023 15:58:50 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols
0
URL
HTTP/1.1
push.services.mozilla.com/
IP
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8utfreldxpeGGu2Lz0sTyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ua0epGaF8cHe/92kkVkP58JiU2o=
ujn.nowsubmission.com/?kw=43588&s1=c8d20ef60b48406386febfff0a5970731e1bf&s2=
302 Found
718
URL
HTTP/1.1
ujn.nowsubmission.com/?kw=43588&s1=c8d20ef60b48406386febfff0a5970731e1bf&s2=
IP
ASN
#61317 Ipxo Uk Limited
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash
08bf4b5d988795445345a5ebecc97caa
90163a23b02b0f4ab05d859b7c9aa9a89a453ec0
fae60c20524207a5c663761d5bf8eeb0ceae06b48214bbe53b7acb6a6e459a70
GET /?kw=43588&s1=c8d20ef60b48406386febfff0a5970731e1bf&s2= HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
date: Wed, 01 Feb 2023 15:58:52 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
x-redir: true
set-cookie: yredir_session=eyJpdiI6Im01cmJOSHNsRjJ5cXdWWmhPemhxV1E9PSIsInZhbHVlIjoiS0puRFpYOGxrSlZZd0x4RTZvb3BnZllBVldpZkZQVS94dGFZcWdKN3FsWGJkSzhoUHVxYmJLWVp2c3RKRmhNOWlHZkJOQXN0LzlTNDh1YkJDSFhOek0wU0N0RlNRVHZieXJJK25yZmJ1YlQwSmFIUFhIakJlcVlqd2hKT0dmYUUiLCJtYWMiOiI2N2Q3ZTBmOWM3NGY5ZGMxMzE3MmM3M2M3MTQ0MWQzMzBhZjg5OGU3NDAwNTlhMjI3OTg4YzRhMjM1N2ZhYmQ0IiwidGFnIjoiIn0%3D; expires=Wed, 01 Feb 2023 17:58:52 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8197
Expires: Wed, 01 Feb 2023 18:15:29 GMT
Date: Wed, 01 Feb 2023 15:58:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8197
Expires: Wed, 01 Feb 2023 18:15:29 GMT
Date: Wed, 01 Feb 2023 15:58:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8197
Expires: Wed, 01 Feb 2023 18:15:29 GMT
Date: Wed, 01 Feb 2023 15:58:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
200 OK
8597
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 29142
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
200 OK
6819
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 65247
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
200 OK
9600
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 64509
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
200 OK
5736
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:57:42 GMT
age: 64870
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
200 OK
8735
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hjIm9dNf6UE9rpIlKWeLwWuF7Pm6yJeAZgbwchvJcuDy-zkXEr502w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
age: 65254
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
200 OK
14041
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
78fe9a77211d6f9a462f625af0c6f9bc
ac0b58423d7578e7a1b60a62220c0a57924dda82
e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14041
x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRGFpIAMFbMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MeSOuCSjsjhK6FOS67rw6oF4rS08twjOACGbXJrNPH6vwZb8lZh9lw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82"
content-type: image/jpeg
age: 65254
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
200 OK
3521
URL
HTTP/1.1
ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
IP
ASN
#61317 Ipxo Uk Limited
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash
7863ca74b556d257e4e447e14dfe0338
6f8fe56d18ca6b0549dd04e0be4b48918e87619c
5e4c4a403bfb0751b774799acee8f3d937e7162143befeaac03dc42cefd834d0
Analyzer
Verdict
Alert
fortinet
Phishing
GET /t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6Im01cmJOSHNsRjJ5cXdWWmhPemhxV1E9PSIsInZhbHVlIjoiS0puRFpYOGxrSlZZd0x4RTZvb3BnZllBVldpZkZQVS94dGFZcWdKN3FsWGJkSzhoUHVxYmJLWVp2c3RKRmhNOWlHZkJOQXN0LzlTNDh1YkJDSFhOek0wU0N0RlNRVHZieXJJK25yZmJ1YlQwSmFIUFhIakJlcVlqd2hKT0dmYUUiLCJtYWMiOiI2N2Q3ZTBmOWM3NGY5ZGMxMzE3MmM3M2M3MTQ0MWQzMzBhZjg5OGU3NDAwNTlhMjI3OTg4YzRhMjM1N2ZhYmQ0IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Wed, 01 Feb 2023 15:58:52 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
service-worker-allowed: /
cache-control: no-cache, private
x-redir: true
set-cookie: yredir_session=eyJpdiI6IlhYSUhjWUNDa2ovTXhEQmd3b1JBb0E9PSIsInZhbHVlIjoibFpXbzJHOTBOckdHNWdHZWNudkIyaU5YNHR1UFE1bEZiOTJHd1B2Znd3c0ljTjFNV0ZGdzh6VHpUQVdTeWlRWWFzQk96QlljRTdoQTFnYW9nVFZldWpmajg2cHZnZ3g4RHNpUTd3SU9pL1IzSTB2MzBURko1bklScnRtUGxMNEIiLCJtYWMiOiI4ZjkzOTUxZDkzZjQ3MDVkZGZhOTE0MmVkNjNhYzRjZTk4ZjY3NWRmYzY0MTVhYjU0MTQzNmUzNDY1YmJjNTg0IiwidGFnIjoiIn0%3D; expires=Wed, 01 Feb 2023 17:58:52 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
200 OK
471
IP
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:58:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-1.11.3.min.js
200 OK
33261
URL
HTTP/2
code.jquery.com/jquery-1.11.3.min.js
IP
Magic
ASCII text, with very long lines (32038)
Hash
1c8acbf5f411ace3b76578a1fd1a603e
b1bbee9db24d885c25afd2e5a7720e4f79b6b991
e37464521b5447580a641b775ddb258a76f3bc7a3ca5a34eb452b12908b350a9
GET /jquery-1.11.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:58:52 GMT
content-encoding: gzip
content-length: 33261
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-176d5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675267132.dop065.sk1.t,1675267132.cds023.sk1.hn,1675267132.cds216.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK
471
IP
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:58:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
200 OK
32954
URL
HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
Magic
ASCII text, with very long lines (32072)
Hash
d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 15:52:57 GMT
expires: Sun, 28 Jan 2024 15:52:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 345955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK
471
IP
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:58:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
200 OK
1229
URL
HTTP/2
fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
IP
Hash
af0c284a66710dec419932d72d83f346
a4c5397b37b51e45aa4c1cab4b18d802f5e251aa
5977219822480164409fd93c291ad106fdee0c8ad7af74afbca454d1eaa34085
GET /css?family=Roboto+Condensed%7COpen+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 15:58:52 GMT
date: Wed, 01 Feb 2023 15:58:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/css/style.css
200 OK
25401
URL
HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/css/style.css
IP
ASN
#61317 Ipxo Uk Limited
Hash
bc84bd3caee9a7b227a5054179477e02
bc1b53ceedb9b91f4d4bec2037126b4d05c20912
d86b239f3ad7fc29593df1655848824493b2299a203c9be2f67adae10f94309e
GET /templates/templates/spin-casino_MASTER/css/style.css HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
Cookie: yredir_session=eyJpdiI6IlhYSUhjWUNDa2ovTXhEQmd3b1JBb0E9PSIsInZhbHVlIjoibFpXbzJHOTBOckdHNWdHZWNudkIyaU5YNHR1UFE1bEZiOTJHd1B2Znd3c0ljTjFNV0ZGdzh6VHpUQVdTeWlRWWFzQk96QlljRTdoQTFnYW9nVFZldWpmajg2cHZnZ3g4RHNpUTd3SU9pL1IzSTB2MzBURko1bklScnRtUGxMNEIiLCJtYWMiOiI4ZjkzOTUxZDkzZjQ3MDVkZGZhOTE0MmVkNjNhYzRjZTk4ZjY3NWRmYzY0MTVhYjU0MTQzNmUzNDY1YmJjNTg0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Wed, 25 Jan 2023 21:32:00 GMT
etag: "bc84bd3caee9a7b227a5054179477e02"
content-type: text/css
content-length: 25401
x-varnish: 1752548 65539
age: 151600
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/o/2XXQ6DLP/52c15c78-a249-11ed-8707-175acabdbd0c/?push=true
302 Found
818
URL
HTTP/1.1
ujn.nowsubmission.com/o/2XXQ6DLP/52c15c78-a249-11ed-8707-175acabdbd0c/?push=true
IP
ASN
#61317 Ipxo Uk Limited
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325)
Hash
9dc713cc155ed00691940ef221178e2e
96f712392c069520b8f6d7f1c5881818b59f82b0
cc8f73e070d93354509177cf27f3ecd29f7f42e4c0ad2d7c8c17f164453c39a4
Analyzer
Verdict
Alert
fortinet
Phishing
GET /o/2XXQ6DLP/52c15c78-a249-11ed-8707-175acabdbd0c/?push=true HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
Cookie: yredir_session=eyJpdiI6IlhYSUhjWUNDa2ovTXhEQmd3b1JBb0E9PSIsInZhbHVlIjoibFpXbzJHOTBOckdHNWdHZWNudkIyaU5YNHR1UFE1bEZiOTJHd1B2Znd3c0ljTjFNV0ZGdzh6VHpUQVdTeWlRWWFzQk96QlljRTdoQTFnYW9nVFZldWpmajg2cHZnZ3g4RHNpUTd3SU9pL1IzSTB2MzBURko1bklScnRtUGxMNEIiLCJtYWMiOiI4ZjkzOTUxZDkzZjQ3MDVkZGZhOTE0MmVkNjNhYzRjZTk4ZjY3NWRmYzY0MTVhYjU0MTQzNmUzNDY1YmJjNTg0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
date: Wed, 01 Feb 2023 15:58:53 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=53381c64-a249-11ed-9f94-1bd7d126962c&&push=true
x-redir: true
set-cookie: yredir_session=eyJpdiI6Ik1TRW1tRHFSelcxMmoyKy94cEZUWEE9PSIsInZhbHVlIjoiVXBSbmk3YTI4OWM5OGZqUzJodzFXcjU0cS9OTE56YnhBWjlGb0dWck43eU82OUsvWmpxMHFCZE1EaG5kK3pheVBiVG1hYXVsdExEaW9DeFdTRjdJbXhpQk1SbVprMGpucjFDeEIrQ1JZKzRDQVNkVjQ2SDRlNkNsZnZBSWdFanUiLCJtYWMiOiI3MzExOWEwNzQzZGFlOWRlODY0MzNhMjZjODlkNjRiNmMzNjMwOGIxMzBmYmZhMDMzZmQ4ZDFhOGJiOGUzOTEzIiwidGFnIjoiIn0%3D; expires=Wed, 01 Feb 2023 17:58:53 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
ocsp.digicert.com/
200 OK
279
IP
Hash
72b9fa9899e3ebc95268686b6b3b7f19
e707502392cf1fcc1fe21ae480f14232866c4b60
61af2249d79b6191fd518e0c6811b5c03fe02c485aa9133413c5e7b2e9ffa69f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6028
Cache-Control: max-age=118860
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:58:53 GMT
Etag: "63d9a1fd-117"
Expires: Fri, 03 Feb 2023 00:59:53 GMT
Last-Modified: Tue, 31 Jan 2023 23:19:25 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/loader.gif
200 OK
2892
URL
HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/loader.gif
IP
ASN
#61317 Ipxo Uk Limited
Magic
GIF image data, version 89a, 128 x 15\012- data
Hash
35de537ece3bfee3ab3f7af4c19e2151
9139201df5d36e1b2b9a8a6566683c95a49e0006
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5
GET /templates/templates/spin-casino_MASTER/images/loader.gif HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
Cookie: yredir_session=eyJpdiI6IlhYSUhjWUNDa2ovTXhEQmd3b1JBb0E9PSIsInZhbHVlIjoibFpXbzJHOTBOckdHNWdHZWNudkIyaU5YNHR1UFE1bEZiOTJHd1B2Znd3c0ljTjFNV0ZGdzh6VHpUQVdTeWlRWWFzQk96QlljRTdoQTFnYW9nVFZldWpmajg2cHZnZ3g4RHNpUTd3SU9pL1IzSTB2MzBURko1bklScnRtUGxMNEIiLCJtYWMiOiI4ZjkzOTUxZDkzZjQ3MDVkZGZhOTE0MmVkNjNhYzRjZTk4ZjY3NWRmYzY0MTVhYjU0MTQzNmUzNDY1YmJjNTg0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Wed, 25 Jan 2023 21:32:00 GMT
etag: "35de537ece3bfee3ab3f7af4c19e2151"
content-type: image/gif
content-length: 2892
x-varnish: 1839585 131077
age: 151600
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay2.png
200 OK
18646
URL
HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay2.png
IP
ASN
#61317 Ipxo Uk Limited
Magic
PNG image data, 300 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash
90f8155b00c6e9ec624a12e8a67bd264
fbf3b21af8cc2c2d44879f19f5893dbe696113f1
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418
GET /templates/templates/spin-casino_MASTER/images/overlay2.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
Cookie: yredir_session=eyJpdiI6IlhYSUhjWUNDa2ovTXhEQmd3b1JBb0E9PSIsInZhbHVlIjoibFpXbzJHOTBOckdHNWdHZWNudkIyaU5YNHR1UFE1bEZiOTJHd1B2Znd3c0ljTjFNV0ZGdzh6VHpUQVdTeWlRWWFzQk96QlljRTdoQTFnYW9nVFZldWpmajg2cHZnZ3g4RHNpUTd3SU9pL1IzSTB2MzBURko1bklScnRtUGxMNEIiLCJtYWMiOiI4ZjkzOTUxZDkzZjQ3MDVkZGZhOTE0MmVkNjNhYzRjZTk4ZjY3NWRmYzY0MTVhYjU0MTQzNmUzNDY1YmJjNTg0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Wed, 25 Jan 2023 21:32:00 GMT
etag: "90f8155b00c6e9ec624a12e8a67bd264"
content-type: image/png
content-length: 18646
x-varnish: 1458819 98306
age: 151600
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay.png
200 OK
18661
URL
HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay.png
IP
ASN
#61317 Ipxo Uk Limited
Magic
PNG image data, 300 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash
a3f2c95451c2201b26033d755a0164c9
f150487dacf8607e49c31abebaf034e34ef8e8aa
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2
GET /templates/templates/spin-casino_MASTER/images/overlay.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
Cookie: yredir_session=eyJpdiI6IlhYSUhjWUNDa2ovTXhEQmd3b1JBb0E9PSIsInZhbHVlIjoibFpXbzJHOTBOckdHNWdHZWNudkIyaU5YNHR1UFE1bEZiOTJHd1B2Znd3c0ljTjFNV0ZGdzh6VHpUQVdTeWlRWWFzQk96QlljRTdoQTFnYW9nVFZldWpmajg2cHZnZ3g4RHNpUTd3SU9pL1IzSTB2MzBURko1bklScnRtUGxMNEIiLCJtYWMiOiI4ZjkzOTUxZDkzZjQ3MDVkZGZhOTE0MmVkNjNhYzRjZTk4ZjY3NWRmYzY0MTVhYjU0MTQzNmUzNDY1YmJjNTg0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Wed, 25 Jan 2023 21:32:00 GMT
etag: "a3f2c95451c2201b26033d755a0164c9"
content-type: image/png
content-length: 18661
x-varnish: 1616009 6
age: 151601
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin1.png
200 OK
85123
URL
HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin1.png
IP
ASN
#61317 Ipxo Uk Limited
Magic
PNG image data, 639 x 479, 8-bit/color RGBA, non-interlaced\012- data
Hash
827076646858c6cc499ec675c45b147d
4b6bf3459af50ba8db76d31f9dc3876b50a4c5fe
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63
GET /templates/templates/spin-casino_MASTER/images/spin1.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
Cookie: yredir_session=eyJpdiI6IlhYSUhjWUNDa2ovTXhEQmd3b1JBb0E9PSIsInZhbHVlIjoibFpXbzJHOTBOckdHNWdHZWNudkIyaU5YNHR1UFE1bEZiOTJHd1B2Znd3c0ljTjFNV0ZGdzh6VHpUQVdTeWlRWWFzQk96QlljRTdoQTFnYW9nVFZldWpmajg2cHZnZ3g4RHNpUTd3SU9pL1IzSTB2MzBURko1bklScnRtUGxMNEIiLCJtYWMiOiI4ZjkzOTUxZDkzZjQ3MDVkZGZhOTE0MmVkNjNhYzRjZTk4ZjY3NWRmYzY0MTVhYjU0MTQzNmUzNDY1YmJjNTg0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Wed, 25 Jan 2023 21:32:00 GMT
etag: "827076646858c6cc499ec675c45b147d"
content-type: image/png
content-length: 85123
x-varnish: 1782616 131074
age: 151600
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin2.png
200 OK
88130
URL
HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin2.png
IP
ASN
#61317 Ipxo Uk Limited
Magic
PNG image data, 639 x 479, 8-bit/color RGBA, non-interlaced\012- data
Hash
f12f850a9ec2daa0b2dbb07e11252122
012a03ac053a0367ef9cdb76685a77d61f3d8a22
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a
GET /templates/templates/spin-casino_MASTER/images/spin2.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
Cookie: yredir_session=eyJpdiI6IlhYSUhjWUNDa2ovTXhEQmd3b1JBb0E9PSIsInZhbHVlIjoibFpXbzJHOTBOckdHNWdHZWNudkIyaU5YNHR1UFE1bEZiOTJHd1B2Znd3c0ljTjFNV0ZGdzh6VHpUQVdTeWlRWWFzQk96QlljRTdoQTFnYW9nVFZldWpmajg2cHZnZ3g4RHNpUTd3SU9pL1IzSTB2MzBURko1bklScnRtUGxMNEIiLCJtYWMiOiI4ZjkzOTUxZDkzZjQ3MDVkZGZhOTE0MmVkNjNhYzRjZTk4ZjY3NWRmYzY0MTVhYjU0MTQzNmUzNDY1YmJjNTg0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Wed, 25 Jan 2023 21:32:00 GMT
etag: "f12f850a9ec2daa0b2dbb07e11252122"
content-type: image/png
content-length: 88130
x-varnish: 1904454 32774
age: 151600
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.digicert.com/
200 OK
279
IP
Hash
72b9fa9899e3ebc95268686b6b3b7f19
e707502392cf1fcc1fe21ae480f14232866c4b60
61af2249d79b6191fd518e0c6811b5c03fe02c485aa9133413c5e7b2e9ffa69f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6028
Cache-Control: max-age=118860
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:58:53 GMT
Etag: "63d9a1fd-117"
Expires: Fri, 03 Feb 2023 00:59:53 GMT
Last-Modified: Tue, 31 Jan 2023 23:19:25 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png
200 OK
171408
URL
HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png
IP
ASN
#61317 Ipxo Uk Limited
Magic
PNG image data, 142 x 7733, 8-bit colormap, non-interlaced\012- data
Hash
276c26514be610b5c6fa413756b33671
43c532ff2dc2ce6ed8360fc5d05116b222036e4b
453150bf90ff9debe217f3734a4d3cf4bf6ed9017635d4f2d867096132ad4e28
GET /templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
Cookie: yredir_session=eyJpdiI6IlhYSUhjWUNDa2ovTXhEQmd3b1JBb0E9PSIsInZhbHVlIjoibFpXbzJHOTBOckdHNWdHZWNudkIyaU5YNHR1UFE1bEZiOTJHd1B2Znd3c0ljTjFNV0ZGdzh6VHpUQVdTeWlRWWFzQk96QlljRTdoQTFnYW9nVFZldWpmajg2cHZnZ3g4RHNpUTd3SU9pL1IzSTB2MzBURko1bklScnRtUGxMNEIiLCJtYWMiOiI4ZjkzOTUxZDkzZjQ3MDVkZGZhOTE0MmVkNjNhYzRjZTk4ZjY3NWRmYzY0MTVhYjU0MTQzNmUzNDY1YmJjNTg0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 23:43:15 GMT
last-modified: Mon, 30 Jan 2023 22:01:35 GMT
etag: "276c26514be610b5c6fa413756b33671"
content-type: image/png
content-length: 171408
x-varnish: 1715279 399171
age: 144938
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
200 OK
471
IP
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
200 OK
15700
URL
HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
Magic
Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash
3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ujn.nowsubmission.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 09:52:09 GMT
expires: Sat, 27 Jan 2024 09:52:09 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
age: 454004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
200 OK
23095
URL
HTTP/1.1
ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
IP
ASN
#61317 Ipxo Uk Limited
Magic
GIF image data, version 89a, 500 x 150\012- data
Hash
f79f189bde401dfac7723f7c963d0ef8
83530e9d6248767d661c4996c14414621c857ed6
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca
GET /templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/css/style.css
Cookie: yredir_session=eyJpdiI6Ik1TRW1tRHFSelcxMmoyKy94cEZUWEE9PSIsInZhbHVlIjoiVXBSbmk3YTI4OWM5OGZqUzJodzFXcjU0cS9OTE56YnhBWjlGb0dWck43eU82OUsvWmpxMHFCZE1EaG5kK3pheVBiVG1hYXVsdExEaW9DeFdTRjdJbXhpQk1SbVprMGpucjFDeEIrQ1JZKzRDQVNkVjQ2SDRlNkNsZnZBSWdFanUiLCJtYWMiOiI3MzExOWEwNzQzZGFlOWRlODY0MzNhMjZjODlkNjRiNmMzNjMwOGIxMzBmYmZhMDMzZmQ4ZDFhOGJiOGUzOTEzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:14 GMT
last-modified: Wed, 25 Jan 2023 21:32:00 GMT
etag: "f79f189bde401dfac7723f7c963d0ef8"
content-type: image/gif
content-length: 23095
x-varnish: 1839588 163843
age: 151600
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
200 OK
471
IP
Hash
789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js
200 OK
90
URL
HTTP/1.1
ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js
IP
ASN
#61317 Ipxo Uk Limited
Magic
ASCII text, with no line terminators
Hash
1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123
Analyzer
Verdict
Alert
fortinet
Phishing
GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6Ik1TRW1tRHFSelcxMmoyKy94cEZUWEE9PSIsInZhbHVlIjoiVXBSbmk3YTI4OWM5OGZqUzJodzFXcjU0cS9OTE56YnhBWjlGb0dWck43eU82OUsvWmpxMHFCZE1EaG5kK3pheVBiVG1hYXVsdExEaW9DeFdTRjdJbXhpQk1SbVprMGpucjFDeEIrQ1JZKzRDQVNkVjQ2SDRlNkNsZnZBSWdFanUiLCJtYWMiOiI3MzExOWEwNzQzZGFlOWRlODY0MzNhMjZjODlkNjRiNmMzNjMwOGIxMzBmYmZhMDMzZmQ4ZDFhOGJiOGUzOTEzIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=26afa2e6-e139-10a6-8803-e483a081f66b
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 1782618 8
age: 151601
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/favicon.ico
403 Forbidden
243
URL
HTTP/1.1
ujn.nowsubmission.com/favicon.ico
IP
ASN
#61317 Ipxo Uk Limited
Magic
XML 1.0 document text\012- XML document, ASCII text
Hash
f32f16b6b8675138da65d215cde75d7f
4d4b92e9af571e5781f6683cdee06e95fbc80fba
ef05fab47ab573c0c0736f0dfc33352ac33ef6eada75b7f4bbd9e3119a0cc029
GET /favicon.ico HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/8f0d93c8664e/52c15c78-a249-11ed-8707-175acabdbd0c/52c5eb3a-a249-11ed-92c0-35e814d05f0a
Cookie: yredir_session=eyJpdiI6Ik1TRW1tRHFSelcxMmoyKy94cEZUWEE9PSIsInZhbHVlIjoiVXBSbmk3YTI4OWM5OGZqUzJodzFXcjU0cS9OTE56YnhBWjlGb0dWck43eU82OUsvWmpxMHFCZE1EaG5kK3pheVBiVG1hYXVsdExEaW9DeFdTRjdJbXhpQk1SbVprMGpucjFDeEIrQ1JZKzRDQVNkVjQ2SDRlNkNsZnZBSWdFanUiLCJtYWMiOiI3MzExOWEwNzQzZGFlOWRlODY0MzNhMjZjODlkNjRiNmMzNjMwOGIxMzBmYmZhMDMzZmQ4ZDFhOGJiOGUzOTEzIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=26afa2e6-e139-10a6-8803-e483a081f66b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 403 Forbidden
content-type: application/xml
date: Mon, 30 Jan 2023 21:52:12 GMT
x-varnish: 1616010 163845
age: 151600
via: 1.1 varnish (Varnish/7.0)
content-length: 243
strict-transport-security: max-age=15768000
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=53381c64-a249-11ed-9f94-1bd7d126962c&&push=true
200 OK
0
179.61.143.121
172.64.128.25
23.33.119.27
93.184.220.29![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252F30335cb7-009a-42f5-8186-d0c302adc827.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg"){kind=link}
![URL ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/loader.gif](/search?q=http.url.addr:"ujn.nowsubmission.com%2ftemplates%2ftemplates%2fspin-casino_MASTER%2fimages%2floader.gif"){kind=link}
![URL ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay2.png](/search?q=http.url.addr:"ujn.nowsubmission.com%2ftemplates%2ftemplates%2fspin-casino_MASTER%2fimages%2foverlay2.png"){kind=link}
![URL ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/overlay.png](/search?q=http.url.addr:"ujn.nowsubmission.com%2ftemplates%2ftemplates%2fspin-casino_MASTER%2fimages%2foverlay.png"){kind=link}
![URL ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin1.png](/search?q=http.url.addr:"ujn.nowsubmission.com%2ftemplates%2ftemplates%2fspin-casino_MASTER%2fimages%2fspin1.png"){kind=link}
![URL ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/spin2.png](/search?q=http.url.addr:"ujn.nowsubmission.com%2ftemplates%2ftemplates%2fspin-casino_MASTER%2fimages%2fspin2.png"){kind=link}
![URL ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png](/search?q=http.url.addr:"ujn.nowsubmission.com%2ftemplates%2ftemplates%2fspin-casino_MASTER%2fimages%2fkr_reel.fs8.png"){kind=link}
![URL ujn.nowsubmission.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif](/search?q=http.url.addr:"ujn.nowsubmission.com%2ftemplates%2ftemplates%2fspin-casino_MASTER%2fimages%2fgratorama-progjackpot-v3.gif"){kind=link}