nws.submittrk5.com/?aff_id=1339&c_id=U2FsdGVkX1/pEB8quwLNxU7R7ITnocjeA0+6PEyGsJzPJnQ=
34.78.252.25301 Moved Permanently 169 B URL HTTP/1.1 nws.submittrk5.com/?aff_id=1339&c_id=U2FsdGVkX1/pEB8quwLNxU7R7ITnocjeA0+6PEyGsJzPJnQ=
IP 34.78.252.25:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2b00de2b3dcaa8469dea097e4a5e5fb7
60c9f0151048886bf3824837aa2ee87056a26d3f
bcb5bbd5fc8e7e699c411f46f7f79b186445c6cad7e5e559bc4a39f67551c030
Analyzer Verdict Alert quad9 Sinkholed
GET /?aff_id=1339&c_id=U2FsdGVkX1/pEB8quwLNxU7R7ITnocjeA0+6PEyGsJzPJnQ= HTTP/1.1
Host: nws.submittrk5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:05 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://nws.submittrk5.com:443/?aff_id=1339&c_id=U2FsdGVkX1/pEB8quwLNxU7R7ITnocjeA0+6PEyGsJzPJnQ=
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6eb0a77aa4a20639a06d9621742007c2
d2d03beeb111049117b70d5f3dff3698a671ef8a
62c2da0800bf8efb6bb985b2eb046fa863e0b394681fb2ab187a9c4836fbd320
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62C2DA0800BF8EFB6BB985B2EB046FA863E0B394681FB2AB187A9C4836FBD320"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2180
Expires: Thu, 23 Feb 2023 13:29:25 GMT
Date: Thu, 23 Feb 2023 12:53:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash bbe5e8dc913bdcab76f9fe8851ea2e77
9215fadd003873382ed2a4ace79ba337adadd692
e6094932dd4de52ea6360bdfbe8bb15951ebd76255766eee627c5de6f83fcea8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6094932DD4DE52EA6360BDFBE8BB15951EBD76255766EEE627C5DE6F83FCEA8"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3378
Expires: Thu, 23 Feb 2023 13:49:23 GMT
Date: Thu, 23 Feb 2023 12:53:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d4569ebd95f766b8f22ed69d69334c37
a7fcd3f640877885077a4126708968d7e1e0d252
e485343a8251f50009506dfc6a42c82ca6b09b434d1e0984ea7c2dfea7dcd28d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E485343A8251F50009506DFC6A42C82CA6B09B434D1E0984EA7C2DFEA7DCD28D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5260
Expires: Thu, 23 Feb 2023 14:20:45 GMT
Date: Thu, 23 Feb 2023 12:53:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 11:53:56 GMT
content-type: application/json
age: 3549
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: og+L+9mIsHPMUGLfF77hmHWfYksUfuTsOij3FTfqOl6aTpoWR68HWWCM+jZTWuEanfUoxNbTiuSC5P7rTGTyxg==
x-amz-request-id: N8XPQ06Y9RT2BBA8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 12:49:05 GMT
age: 240
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 12:53:05 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d8cffb275c01f11c24817930f5bc14e6
dcd1a65f13c6c769e73c68057e327f7fdb523651
1d8c51bb81ed16ce60e0a66169751b44ea71cc7a78c52c43ffa68e4edf0f458f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D8C51BB81ED16CE60E0A66169751B44EA71CC7A78C52C43FFA68E4EDF0F458F"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Thu, 23 Feb 2023 18:52:47 GMT
Date: Thu, 23 Feb 2023 12:53:05 GMT
Connection: keep-alive
nws.submittrk5.com/?aff_id=1339&c_id=U2FsdGVkX1/pEB8quwLNxU7R7ITnocjeA0+6PEyGsJzPJnQ=
34.78.252.25302 Found 528 B URL HTTP/1.1 nws.submittrk5.com/?aff_id=1339&c_id=U2FsdGVkX1/pEB8quwLNxU7R7ITnocjeA0+6PEyGsJzPJnQ=
IP 34.78.252.25:0
File type HTML document, ASCII text, with very long lines (528), with no line terminators
Hash e06efde2730c6dedfc68c18387933f5c
493fa1e8cb5c8dc5b5cdbdb45245806508d305cd
6d60c502cc62d96318de13a3b6716df7b5b84d9f33e3d7ff4ef98e27bc39bb1f
Analyzer Verdict Alert quad9 Sinkholed
GET /?aff_id=1339&c_id=U2FsdGVkX1/pEB8quwLNxU7R7ITnocjeA0+6PEyGsJzPJnQ= HTTP/1.1
Host: nws.submittrk5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 528
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Content-Type
Location: https://promo.quiztionnaire.uk/n/09/11/nz/iphone13_unknown/no_teaser.html?p_id=5bbb0ba263dcf80100a2e07f&request_id=69f17cb266e635d82bc8f00a439c908e&aff_id=1339&aff_code=LDA&aff_adv_id=2&aff_inc=iphone&aff_offer_id=2003
Vary: Accept, Accept-Encoding
Set-Cookie: hexa.sid=s%3AW-5RI77N4lwnkqQ7ITSYYE1Cd5mmJKDC.vgIvZGsh2A0bLpIZPzjOFWdie74M8mJz0h9B23UwuOw; Path=/; HttpOnly; Secure
e1.o.lencr.org/
23.36.76.249200 OK 345 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d65420f616fe0f563c552ca60be388fd
e4643f59dc5ed0ae9322634fb3a89b7ec492480b
c6dd205e8a11dfa50181a91b2f9bc22b5f80e51564e5c746c00f21a448809798
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C6DD205E8A11DFA50181A91B2F9BC22B5F80E51564E5C746C00F21A448809798"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10332
Expires: Thu, 23 Feb 2023 15:45:17 GMT
Date: Thu, 23 Feb 2023 12:53:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Cache-Control, Backoff, Pragma, Expires, Last-Modified, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 12:51:26 GMT
age: 100
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.249200 OK 345 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d65420f616fe0f563c552ca60be388fd
e4643f59dc5ed0ae9322634fb3a89b7ec492480b
c6dd205e8a11dfa50181a91b2f9bc22b5f80e51564e5c746c00f21a448809798
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C6DD205E8A11DFA50181A91B2F9BC22B5F80E51564E5C746C00F21A448809798"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10331
Expires: Thu, 23 Feb 2023 15:45:17 GMT
Date: Thu, 23 Feb 2023 12:53:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14217
Expires: Thu, 23 Feb 2023 16:50:03 GMT
Date: Thu, 23 Feb 2023 12:53:06 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 295ecb42da084d2556789eada5291422
24c3605ff6984776ca77a2aa3b3b4bba4267f76f
f787cdc01fe5b6c0889f133cdf9cd0e38973f4cb8515014e8a14418521af04bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 12:53:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.2/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.2/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32065)
Hash 2bc666a590303ce436c2679bec5d2173
c9835788b85dea43c45890080fe957673a1a1d17
54d0c6a98d70521e5cbe82178740a6c04e05d10c02932192a945d2126678cde0
GET /ajax/libs/jquery/2.2.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30094
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 02:13:14 GMT
expires: Sat, 17 Feb 2024 02:13:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 556792
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 295ecb42da084d2556789eada5291422
24c3605ff6984776ca77a2aa3b3b4bba4267f76f
f787cdc01fe5b6c0889f133cdf9cd0e38973f4cb8515014e8a14418521af04bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 12:53:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash b4eedc794cf7630922140c7377360600
cea4402b109e5071372ec85b9ad0dc9855818039
87673b8f9f57805defc54f5c4c9d162dba96139f571ba5cefcc9df67c1c0b99b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 23 Feb 2023 12:53:06 GMT
Etag: "63f4a5b6-1d7"
Last-Modified: Thu, 23 Feb 2023 12:14:03 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BNpG73KQm6m7AAN7IC44IyBkKgR5Njb24YZvmlzxUlFBrvG5RO0gSA==
Age: 2343
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 73c16071045562622c808661e131ca4c
dd40e271ee5d3d1612093af3e6b20627f6f6c5ff
450107025b5bd177edab01e4e5da54abe2bf56ed89ec97fce17afe4d2d9231d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "450107025B5BD177EDAB01E4E5DA54ABE2BF56ED89EC97FCE17AFE4D2D9231D7"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5531
Expires: Thu, 23 Feb 2023 14:25:17 GMT
Date: Thu, 23 Feb 2023 12:53:06 GMT
Connection: keep-alive
st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Light.woff
54.230.111.9200 OK 51 kB URL HTTP/2 st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Light.woff
IP 54.230.111.9:0
File type Web Open Font Format, CFF, length 50836, version 0.0\012- data
Hash 2fa3049613788ce468d3cf3942fef7df
c39a24d21bba273ab8e6de07cf694950a4ab3a19
03232ad9934ac651926b71be790954fd53a9fe10a0dd1b366597df47ebd25382
GET /assets/fonts/myriad-pro/MyriadPro-Light.woff HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 50836
server: nginx/1.19.0
date: Thu, 23 Feb 2023 10:55:00 GMT
last-modified: Thu, 26 Jan 2023 09:06:13 GMT
etag: "63d24285-c694"
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -dTZ8kpZmF9yWJlr7Zt3PJ2f5ksH7Gsl9TbcB-MXX3k7GfQiwohIkw==
age: 7086
X-Firefox-Spdy: h2
st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Semibold.woff
54.230.111.9200 OK 52 kB URL HTTP/2 st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Semibold.woff
IP 54.230.111.9:0
File type Web Open Font Format, CFF, length 52240, version 0.0\012- data
Hash c44fdb4dfeb70513d7dc871d9fd6ff57
4c755e82ae6069129cf66c0d134aa7ad3263f9ea
32b7afff3dba835735be49655d87b262e55a7099668d297f3d51d449a832b88b
GET /assets/fonts/myriad-pro/MyriadPro-Semibold.woff HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 52240
server: nginx/1.19.0
date: Thu, 23 Feb 2023 10:55:00 GMT
last-modified: Thu, 26 Jan 2023 09:06:13 GMT
etag: "63d24285-cc10"
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ASpL4ieGCa1v0cnZKpeRYhrEo0DydVuQAtIrnYRzTIj2R9h2pSqNDg==
age: 7086
X-Firefox-Spdy: h2
st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Regular.woff
54.230.111.9200 OK 52 kB URL HTTP/2 st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Regular.woff
IP 54.230.111.9:0
File type Web Open Font Format, CFF, length 51572, version 0.0\012- data
Hash 6a324f29ef3efabd2176f8b697ad71ed
dd696f0c713eb491c6e16bec9fda63f3f23999ba
6d64c461708b8f11e06451c96779d22fc2b8de582214c77493ecc57c32ede06e
GET /assets/fonts/myriad-pro/MyriadPro-Regular.woff HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 51572
server: nginx/1.19.0
date: Thu, 23 Feb 2023 10:55:00 GMT
last-modified: Thu, 26 Jan 2023 09:06:13 GMT
etag: "63d24285-c974"
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E9g93ZuATYSBivyalMAkeOJ9FjYkho4Ejl3d2Cd4PbOKwuXjFzGx9w==
age: 7086
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.40.49.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.49.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nWsUOr84+kdlUx579ubf1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: llOEaWWOl97h2/4JuUVdhE2apeY=
st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Bold.woff
54.230.111.9200 OK 53 kB URL HTTP/2 st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Bold.woff
IP 54.230.111.9:0
Hash c8c10ce74a931637ec56ea7682dab39b
5472c3705cb86a5f2dd20892fb756fa2b114f9b0
3aa75235aa53448badf32cb23ceb9f75601385d2d174b17aadbc0ee4f3b51817
GET /assets/fonts/myriad-pro/MyriadPro-Bold.woff HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 52644
server: nginx/1.19.0
date: Thu, 23 Feb 2023 10:55:00 GMT
last-modified: Thu, 26 Jan 2023 09:06:13 GMT
etag: "63d24285-cda4"
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TwZ7X7JCSZo45bK8x8qa0xMJkLBg3EjuXJiqNIAxPtrbeHttr4Pk7w==
age: 7086
X-Firefox-Spdy: h2
cdn.formulead.com/css/main.min.css
34.78.252.25200 OK 94 kB URL HTTP/1.1 cdn.formulead.com/css/main.min.css
IP 34.78.252.25:0
File type ASCII text, with very long lines (65518)
Hash 86544848beaffa1f00df85a64a709e4d
2f8ac448380daa4cf75c577c7717d7181a69dcee
d6793c514450f63e0eb467c41092148fac198e507f2d9b0e6768cfa41220aea5
GET /css/main.min.css HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:06 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Accept-Ranges: bytes
Cache-Control: public, max-age=2678400
Last-Modified: Mon, 20 Feb 2023 13:06:07 GMT
ETag: W/"b267e-1866eee7618"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash b4eedc794cf7630922140c7377360600
cea4402b109e5071372ec85b9ad0dc9855818039
87673b8f9f57805defc54f5c4c9d162dba96139f571ba5cefcc9df67c1c0b99b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166404
Date: Thu, 23 Feb 2023 12:53:06 GMT
Etag: "63f748b6-1d7"
Expires: Sat, 25 Feb 2023 11:06:30 GMT
Last-Modified: Thu, 23 Feb 2023 11:06:30 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xEqTZLGGIVYLB-zJQEeJlJHFwbYo5oQubQAymXy8oMGL9FynBIFNQg==
st.formulead.com/assets/img/spinner/apple.gif
54.230.111.9200 OK 207 kB URL HTTP/2 st.formulead.com/assets/img/spinner/apple.gif
IP 54.230.111.9:0
File type GIF image data, version 89a, 290 x 290\012- data
Size 207 kB (207179 bytes)
Hash 9190e2139ac13170290812f50aa6cf8c
6056eed279dc4e058eceeacbd6d12af4b61e9e59
50f1a5f9104a62607b6f94d077ec799f015d3096a7e8b30e29c43401ed4f5b6e
GET /assets/img/spinner/apple.gif HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 207179
server: nginx/1.19.0
last-modified: Thu, 26 Jan 2023 09:06:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
date: Thu, 23 Feb 2023 12:53:06 GMT
etag: "63d24285-3294b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wuEThSel6THnySDXNHDOv-qaFm6KgNRLMq9zMOyAIZj818C358c7Ow==
age: 86258
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash b4eedc794cf7630922140c7377360600
cea4402b109e5071372ec85b9ad0dc9855818039
87673b8f9f57805defc54f5c4c9d162dba96139f571ba5cefcc9df67c1c0b99b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 23 Feb 2023 12:53:06 GMT
Etag: "63f4a5b6-1d7"
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qxghLK_EwIQwBDD6LqLssxn6iSivOQ6FF_yqJyNYisHwHhmJlMdKhA==
cdn.formulead.com/p/5bbb0ba263dcf80100a2e07f/p.js
34.78.252.25200 OK 439 kB URL HTTP/1.1 cdn.formulead.com/p/5bbb0ba263dcf80100a2e07f/p.js
IP 34.78.252.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 439 kB (438960 bytes)
Hash 32ee5ced5e5f2db3e31573f2b31d42d9
69679f32a6dfedea1c0c322e74e0291a0855be63
a0a5b2d68ac27fffda676c6d8b2d6e7bf9de88b1883962297f79731c465b3b50
GET /p/5bbb0ba263dcf80100a2e07f/p.js HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:06 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
set-cookie: lid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
plc=5bbb0ba263dcf80100a2e07f; Path=/; Expires=Sat, 22 Feb 2025 12:53:06 GMT; Secure; SameSite=None
qst.sid=s%3AiqhEz7o6QNY3epARzQNhBPq7ep-bBxBb.Q6b%2Bn5Br7LjUuxsIzPiGjdVO%2BoS5CHh7c8Vos8N6C8c; Path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash b4eedc794cf7630922140c7377360600
cea4402b109e5071372ec85b9ad0dc9855818039
87673b8f9f57805defc54f5c4c9d162dba96139f571ba5cefcc9df67c1c0b99b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 23 Feb 2023 12:53:06 GMT
Etag: "63f5f734-1d7"
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WunL0MYJFjGpjaH_hokFpF2H0kpbU0A773hHg0bjnKhZ-uVKhfAJGg==
st.formulead.com/assets/js/bioep.min.js
54.230.111.9200 OK 2.0 kB URL HTTP/2 st.formulead.com/assets/js/bioep.min.js
IP 54.230.111.9:0
Hash fb3e467befee9012240db57ab8963571
340e466412b6d2ce66c52638866fa44fff1078d3
e19d70bf90556ee47fd96fd0536b2bca00fdc604cb593fd4a5ccdaad734526fa
GET /assets/js/bioep.min.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Thu, 26 Jan 2023 09:06:13 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 23 Feb 2023 07:07:17 GMT
etag: W/"63d24285-14c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qcLl3QOu8icpNYQLN9THwsZx3UU5fZi_ph3vjXIRXtgDpPAO_H0bmQ==
age: 20749
X-Firefox-Spdy: h2
cdn.formulead.com/p/5bbb0ba263dcf80100a2e07f/feed?sc_domain=promo.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=5bbb0ba263dcf80100a2e07f&qb_offer_id=5e1f1fd6db04380100ede242&qb_flow_id=5e1f1fd6db04380100ede242&qb_vendor_id=570e5c924ce290010026cc24&qb_country=NZ&ql_session_id=iqhEz7o6QNY3epARzQNhBPq7ep-bBxBb&p_id=5bbb0ba263dcf80100a2e07f&request_id=69f17cb266e635d82bc8f00a439c908e&aff_id=1339&aff_code=LDA&aff_adv_id=2&aff_inc=iphone&aff_offer_id=2003&sc_url=https%3A%2F%2Fpromo.quiztionnaire.uk%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&sc_campaign_page=no_teaser.html&sc_campaign_path=%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2F&sc_campaign_domain=https%3A%2F%2Fpromo.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&stp=1&feed_type=initial
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/5bbb0ba263dcf80100a2e07f/feed?sc_domain=promo.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=5bbb0ba263dcf80100a2e07f&qb_offer_id=5e1f1fd6db04380100ede242&qb_flow_id=5e1f1fd6db04380100ede242&qb_vendor_id=570e5c924ce290010026cc24&qb_country=NZ&ql_session_id=iqhEz7o6QNY3epARzQNhBPq7ep-bBxBb&p_id=5bbb0ba263dcf80100a2e07f&request_id=69f17cb266e635d82bc8f00a439c908e&aff_id=1339&aff_code=LDA&aff_adv_id=2&aff_inc=iphone&aff_offer_id=2003&sc_url=https%3A%2F%2Fpromo.quiztionnaire.uk%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&sc_campaign_page=no_teaser.html&sc_campaign_path=%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2F&sc_campaign_domain=https%3A%2F%2Fpromo.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/5bbb0ba263dcf80100a2e07f/feed?sc_domain=promo.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=5bbb0ba263dcf80100a2e07f&qb_offer_id=5e1f1fd6db04380100ede242&qb_flow_id=5e1f1fd6db04380100ede242&qb_vendor_id=570e5c924ce290010026cc24&qb_country=NZ&ql_session_id=iqhEz7o6QNY3epARzQNhBPq7ep-bBxBb&p_id=5bbb0ba263dcf80100a2e07f&request_id=69f17cb266e635d82bc8f00a439c908e&aff_id=1339&aff_code=LDA&aff_adv_id=2&aff_inc=iphone&aff_offer_id=2003&sc_url=https%3A%2F%2Fpromo.quiztionnaire.uk%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&sc_campaign_page=no_teaser.html&sc_campaign_path=%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2F&sc_campaign_domain=https%3A%2F%2Fpromo.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: https://promo.quiztionnaire.uk/
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:07 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e88c5158a176029a61adb32e89caf76d
996e3d1516ee1ce7af7f381a370509c901050146
031925a19f88298430161229d27ff7091945f35a3c294ba8441f238d7959a5fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 12:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
216.58.211.4200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
IP 216.58.211.4:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 2a8304e2eaf560f90a1821d82f8cdb63
43685c4fe88bb231c9a12e2ae1c333a622332be5
76c477f666736513f5dd1eb5a08f6665100950ea5ff9284b26c4d1d0da855ba9
GET /recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu- HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 23 Feb 2023 12:53:07 GMT
date: Thu, 23 Feb 2023 12:53:07 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.formulead.com/p/5bbb0ba263dcf80100a2e07f/feed?sc_domain=promo.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=5bbb0ba263dcf80100a2e07f&qb_offer_id=5e1f1fd6db04380100ede242&qb_flow_id=5e1f1fd6db04380100ede242&qb_vendor_id=570e5c924ce290010026cc24&qb_country=NZ&ql_session_id=iqhEz7o6QNY3epARzQNhBPq7ep-bBxBb&p_id=5bbb0ba263dcf80100a2e07f&request_id=69f17cb266e635d82bc8f00a439c908e&aff_id=1339&aff_code=LDA&aff_adv_id=2&aff_inc=iphone&aff_offer_id=2003&sc_url=https%3A%2F%2Fpromo.quiztionnaire.uk%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&sc_campaign_page=no_teaser.html&sc_campaign_path=%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2F&sc_campaign_domain=https%3A%2F%2Fpromo.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&stp=1&feed_type=initial
34.78.252.25200 OK 4.4 kB URL HTTP/1.1 cdn.formulead.com/p/5bbb0ba263dcf80100a2e07f/feed?sc_domain=promo.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=5bbb0ba263dcf80100a2e07f&qb_offer_id=5e1f1fd6db04380100ede242&qb_flow_id=5e1f1fd6db04380100ede242&qb_vendor_id=570e5c924ce290010026cc24&qb_country=NZ&ql_session_id=iqhEz7o6QNY3epARzQNhBPq7ep-bBxBb&p_id=5bbb0ba263dcf80100a2e07f&request_id=69f17cb266e635d82bc8f00a439c908e&aff_id=1339&aff_code=LDA&aff_adv_id=2&aff_inc=iphone&aff_offer_id=2003&sc_url=https%3A%2F%2Fpromo.quiztionnaire.uk%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&sc_campaign_page=no_teaser.html&sc_campaign_path=%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2F&sc_campaign_domain=https%3A%2F%2Fpromo.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (18466), with no line terminators
Hash dfcbca63db069c494c63d05c5d4365b1
3f702eb33bea3d4c7d1d3654b4a486772c09839b
c10136926000ae1250ef9de93ca69060a6c9b0babecbd460cca08433e14250e2
GET /p/5bbb0ba263dcf80100a2e07f/feed?sc_domain=promo.quiztionnaire.uk&cl_ip=91.90.42.154&qb_placement_id=5bbb0ba263dcf80100a2e07f&qb_offer_id=5e1f1fd6db04380100ede242&qb_flow_id=5e1f1fd6db04380100ede242&qb_vendor_id=570e5c924ce290010026cc24&qb_country=NZ&ql_session_id=iqhEz7o6QNY3epARzQNhBPq7ep-bBxBb&p_id=5bbb0ba263dcf80100a2e07f&request_id=69f17cb266e635d82bc8f00a439c908e&aff_id=1339&aff_code=LDA&aff_adv_id=2&aff_inc=iphone&aff_offer_id=2003&sc_url=https%3A%2F%2Fpromo.quiztionnaire.uk%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&sc_campaign_page=no_teaser.html&sc_campaign_path=%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2F&sc_campaign_domain=https%3A%2F%2Fpromo.quiztionnaire.uk&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F09%2F11%2Fnz%2Fiphone13_unknown%2Fno_teaser.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:iqhEz7o6QNY3epARzQNhBPq7ep-bBxBb.Q6b+n5Br7LjUuxsIzPiGjdVO+oS5CHh7c8Vos8N6C8c
X-Request-Id: c3400b5380c5a1b0fa778442
X-iivmxswc: 13943fd310b60b83a932635c7b89f7bf212ad91cc55b0b81de09ccb9276e969a
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Cookie: plc=5bbb0ba263dcf80100a2e07f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:07 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Set-Cookie: stp=1; Path=/; Expires=Sat, 22 Feb 2025 12:53:07 GMT; Secure; SameSite=None
ck_tsp=2023-02-23T12%3A53%3A07.186Z; Path=/; Expires=Sat, 22 Feb 2025 12:53:07 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Sat, 22 Feb 2025 12:53:07 GMT; Secure; SameSite=None
ETag: W/"48ea-/OXGE9ou6HyhNJBy9KKk6h1hh9Q"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d5a81909f9ba52a4b5b4beca7189f10a
216a773aef7239d68c979f6c24013a31f085c779
79799853ac50d2c9e10b8cfab4a57150b087403209006e166af67164c2630de6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 12:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 584 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
Hash a50b9e0c373b5c2fcc5ae31a85e3320e
920fdb6d2dff2e6668785b2818e0d3690b443ebf
f4c64d0743d611e6a4f6fcc4e79baf00498dfe88629e95786d51a6458239491a
OPTIONS /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: https://promo.quiztionnaire.uk/
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:07 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: c3400b5380c5a1b0fa778442
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Cookie: plc=5bbb0ba263dcf80100a2e07f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:07 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
set-cookie: qst.sid=s%3AiBS69wVPwy-uYL2y1SOkgif5uXQoY8_X.DyKiZH1j1mqUgrDssOujQki9yH51DGPDhcGOGyfPHh8; Path=/; HttpOnly
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 12:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
142.250.74.99200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
IP 142.250.74.99:0
File type HTML document, ASCII text, with very long lines (839)
Size 165 kB (164689 bytes)
Hash 7f27adb1216e4ddb02884fd68a1ec297
a33a85dfc58ca995fa184035b8fdb896866c361f
aeea36b977f073b902c2c5536b21f43e931fc2ac5ba3601db228e686457e9bc8
GET /recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164689
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 09:03:07 GMT
expires: Fri, 23 Feb 2024 09:03:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 13800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 12:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3cba9e8028dd2968d37abe71ff4dad18
586485dc66f548b97724cdfe7db1e6dc32d38db4
29ab5d3c378a629f00617e60e4e3dfde00c4ea4ed8f55c921903624d492055f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2082
Cache-Control: max-age=105504
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 12:53:07 GMT
Etag: "63f652b1-117"
Expires: Fri, 24 Feb 2023 18:11:31 GMT
Last-Modified: Wed, 22 Feb 2023 17:36:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
cdn.formulead.com/fonts/Roboto-Bold.ttf
34.78.252.25200 OK 170 kB URL HTTP/1.1 cdn.formulead.com/fonts/Roboto-Bold.ttf
IP 34.78.252.25:0
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo\012- data
Size 170 kB (170348 bytes)
Hash e07df86cef2e721115583d61d1fb68a6
3dd713113ff2d79b94d2df343e2e28fa8e7279cf
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
GET /fonts/Roboto-Bold.ttf HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://cdn.formulead.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:07 GMT
Content-Type: font/ttf
Content-Length: 170348
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Accept-Ranges: bytes
Cache-Control: public, max-age=2678400
Last-Modified: Mon, 20 Feb 2023 13:06:07 GMT
ETag: W/"2996c-1866eee7618"
r3.o.lencr.org/
23.36.76.249200 OK 1.1 kB IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 48793ff070409d937b3e6bf1d20511c2
59c6e942d50a2a2ff9fcfc4eb48e437dc10bfd0d
54b60c01279e5a06c06d04daf948ef99c308ca51f2fc5c5556dda0ad87dceb68
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2758
Expires: Thu, 23 Feb 2023 13:39:05 GMT
Date: Thu, 23 Feb 2023 12:53:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2758
Expires: Thu, 23 Feb 2023 13:39:05 GMT
Date: Thu, 23 Feb 2023 12:53:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2758
Expires: Thu, 23 Feb 2023 13:39:05 GMT
Date: Thu, 23 Feb 2023 12:53:07 GMT
Connection: keep-alive
trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=promo.quiztionnaire.uk
172.64.206.35200 OK 10 kB URL HTTP/2 trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=promo.quiztionnaire.uk
IP 172.64.206.35:0
File type ASCII text, with very long lines (7350)
Hash 68b0ee883921eda43cfa113aa042a00c
11283ba9f3c114303f1d5b51e247e82c9111a749
835d56c42b0983e6a0f55db232203b7a97d35d3e404097501acf8912bd2c5af2
GET /scripts/push/script/z75dnkdk4q?url=promo.quiztionnaire.uk HTTP/1.1
Host: trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 12:53:07 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: EXPIRED
last-modified: Thu, 23 Feb 2023 10:34:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ActB5gRQVLSqjsPIv%2Fqvwf6e1DppMphcJK9VBYHG1DoAdfaqAW4h1J0JXJu43yYZ%2B%2B2aWinJ8FjuIAk9gPfnCViZzWiEZBzQqiyTxN2SAGWjzbfncVunRLmJHI9o7hRrH%2FQ0hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e01a4239f33866-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3cba9e8028dd2968d37abe71ff4dad18
586485dc66f548b97724cdfe7db1e6dc32d38db4
29ab5d3c378a629f00617e60e4e3dfde00c4ea4ed8f55c921903624d492055f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2082
Cache-Control: max-age=105504
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 12:53:07 GMT
Etag: "63f652b1-117"
Expires: Fri, 24 Feb 2023 18:11:31 GMT
Last-Modified: Wed, 22 Feb 2023 17:36:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4016fa20fa2642f89d375fcc2855d4b
f1733be34a214e9565208f814dd3990f89cafbcb
74686e6a674433c436bce8c70cecc1a2cde51e82241e8251188ebd587fd4ee18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9721
x-amzn-requestid: 5ddea3ff-b6e2-4528-8e71-eade54612b4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3HJpoAMF5LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-413219251feae2e32b9e6857;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iHR9N5OPgY8mjpsZowY-Ipeq62c8O_QQorpNmIOa68_vmWyY0eqt-A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 54532
etag: "f1733be34a214e9565208f814dd3990f89cafbcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df07040a4f8a9dcdd6a4d8b9f9d35b93
229f7cb923d6ef0dac480883d0af0673437c5c04
46de73176cce2258bd66ca8888dfa9f49f654aecdcd132434137df06091bac85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11631
x-amzn-requestid: 80f4f0f1-d97b-42ca-870d-55db701dae20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqSyG2IoAMFz-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a77-0f4faa41169ffb1231b6dc50;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n5Pduh39Ln8uRqq8EUH-zsZ2XGk2xCXAuPeo6ivJM2s8-ubR5TzMiQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:56:07 GMT
age: 53820
etag: "229f7cb923d6ef0dac480883d0af0673437c5c04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbf1945668d4a8c35e68f8d60fd80f56
0553020a82f7a6245a2979d58e1765883a777893
4220c9dea6f77c1775be6ca4d1d133b3d8f1d9caec3cc6e85747b87c7d897a92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: 4b226ac8-c443-4382-ab8e-b618c95a713d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aq1HSFWvIAMFUAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f43561-7ac4a51e389a6e6b2a9199a5;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 03:07:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dtWC44nCUmtR6U6wTsd4PynkTqmJ79bFeZmUJUVQguz3l8BSR9A1Zg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 04:02:15 GMT
age: 31852
etag: "0553020a82f7a6245a2979d58e1765883a777893"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88c218fe-3798-43c5-8809-2324328d021d.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88c218fe-3798-43c5-8809-2324328d021d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09398f66dadafc0a56352e781ce32d75
c7ae3275e67db3e06ec4fe7eb9482a85831c9ca0
1e896927a179bf57b723a9c01eeb8d349e0f0170ce9fba11955d3b6d8c429528
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88c218fe-3798-43c5-8809-2324328d021d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5142
x-amzn-requestid: 1fb02b0f-c69e-4f4b-a1ed-9f844fe1d7f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Auq2eHN_oAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5be8f-1e3702d272e2f3d47083c109;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 07:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jpZWF2u_qnHkq50mVKGkcZwUGfCKyGr9eRkRcsiY-iNN_i-0obLnPQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 07:12:12 GMT
age: 20455
etag: "c7ae3275e67db3e06ec4fe7eb9482a85831c9ca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc56e7499a3e9db178e91df024e668f0
9cc85c16fd4a9d10df5db5ddfc54b0d88999f317
25ffc87e2be6e0dc9ac208aafbefa99bb4c1d6476c1447056b83d462cd182df2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9686
x-amzn-requestid: 4eb1ca50-a322-4f64-8cb9-be0315918800
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArYWFF8fIAMFRlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46dc0-35fee09f3e6ff22358e9da0c;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:07:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ifg3X--I8qSAGRMvv97fc3eLcmMZuEoLcaA87ONUHByrqcO_vfFq4Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 05:04:42 GMT
age: 28105
etag: "9cc85c16fd4a9d10df5db5ddfc54b0d88999f317"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.formulead.com/p/5bbb0ba263dcf80100a2e07f/feed?stp=1&feed_type=full
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/5bbb0ba263dcf80100a2e07f/feed?stp=1&feed_type=full
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/5bbb0ba263dcf80100a2e07f/feed?stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: https://promo.quiztionnaire.uk/
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:08 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: https://promo.quiztionnaire.uk/
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:08 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: c3400b5380c5a1b0fa778442
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Cookie: plc=5bbb0ba263dcf80100a2e07f; stp=1; ck_tsp=2023-02-23T12%3A53%3A07.186Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:08 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
set-cookie: qst.sid=s%3AIU6cRRc_vzh4fPgrkQ7VkZiQtZ3mEbNZ.aL2KwdTy5CR7UEj3tKha3PxCbnJjg7895RuJH0hFc5Q; Path=/; HttpOnly
Vary: Accept-Encoding
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.99200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 22:06:57 GMT
expires: Thu, 22 Feb 2024 22:06:57 GMT
cache-control: public, max-age=31536000
age: 53171
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.99200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 03:13:01 GMT
expires: Fri, 23 Feb 2024 03:13:01 GMT
cache-control: public, max-age=31536000
age: 34807
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/l4ev5zv6g1
172.64.207.35200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/l4ev5zv6g1
IP 172.64.207.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/l4ev5zv6g1 HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://promo.quiztionnaire.uk/
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 12:53:08 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://promo.quiztionnaire.uk
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPjOy2q8hG%2BIdetHS5cb4rSpkk%2F0ZZ8LLamSrtW3cyIiSkwgQiR%2Fg8AXsf%2FdmVJ%2BdCrHufDc7ZSsG7ozBbvByaPKDMNwNHgrp4cfqeTXWQ6I1Vs4QMwFz%2FdYrLafvQPVURFayQtzF2tujw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e01a496ebf23ae-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/l4ev5zv6g1
172.64.207.35200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/l4ev5zv6g1
IP 172.64.207.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/l4ev5zv6g1 HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://promo.quiztionnaire.uk/
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 12:53:08 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://promo.quiztionnaire.uk
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0WIH7nMADQQ3UDL%2Bz5w2MvMvXLTM5HYP8dBPxyZCd1UKqTyaewAdaoWMownsaBeNJNRGiToJL3qwojfG1DuqG4%2FYHpwQc2zNznV2xr0BsqHax3tgBUKODjLXVANejYGzi%2B7DXtewI1cyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e01a498ee723ae-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/l4ev5zv6g1
172.64.207.35200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/l4ev5zv6g1
IP 172.64.207.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/l4ev5zv6g1 HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.quiztionnaire.uk/
Content-type: application/json
Origin: https://promo.quiztionnaire.uk
Content-Length: 180
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Feb 2023 12:53:08 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://promo.quiztionnaire.uk
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uas2G%2FMI%2FMQuQapsCYtFgf9bh3Uh4wlMumFW5xr2OSF%2FbJUY0tutVg2OnDG1%2F0wd5koXDMBFk25Rf9bMrl%2Bjm%2Fb%2BjbegW31y53Uox8ABN%2F%2FBPLjQi6k3to1p4UiC%2Fa9dfPJBF5%2FMGBhEQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e01a4a1fb423ae-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/l4ev5zv6g1
172.64.207.35200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/l4ev5zv6g1
IP 172.64.207.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/l4ev5zv6g1 HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.quiztionnaire.uk/
Content-type: application/json
Origin: https://promo.quiztionnaire.uk
Content-Length: 141
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Feb 2023 12:53:08 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://promo.quiztionnaire.uk
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbpHe9u%2B49EuYSCVgs8Tg9t1kYlCPbPaT8XnZsxMzLodlD0h8P%2FwxiJ94S62VXSTB18MDMqNC9EccAtiefnDu%2BWPmHvHYt3oHG2rrYiARRoiZVpBrsHicXai9d7MiVatLBmfy8IgSI%2Bo6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e01a4a3feb23ae-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.formulead.com/v/recaptcha3?token=03AFY_a8XQd3tVxLPBEEmErhKy6xW98p7urnRjbpOn5DJ6GzrhtSZM7UmzHGASGmOc3lJIIMdZjeZy5CnAXSjg0W1GzejvRRgNBT4HsF1MB2xHA0Tw0YlLgGzXqEdgGTnJf7v3Vwmb5mqwbEKs0DWEBjMKFdsiBPnxhBDolCUbFGYuPcJ89zgUE1CjPhMg32rkRHbQ3UxJR54rjmeEPJahIJBC_YtaXPEG4GOMFpwXjB3EgA0FiYSD5vSkVFsGFPzqdtpWi5ceZS89xqHkJgob9ZCoayEjASFMG_sCHirRSqkMZwIWq1_pjBg-NWD1B7xEarTtfCwWeONHU70VYIQEUMachHbqERiVlerWjThNLOzQKeFsOeok0XFmlWbb8rqabGtH9D4ibxW60COBUBrvRa7_dTAzj6j7DyPa3Es95AgRv1jSyXVeltM8d4n7jVjjZKr2NDOlgCuGHbNaaFRB3LQApPbOK8Sz1HzQ8PsnJ-gVXOkpYO5yA3KhOO4JGFZvXL-sDv2yvZwfvj42edWKdCDZusPoUq4Bjw&step=1
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AFY_a8XQd3tVxLPBEEmErhKy6xW98p7urnRjbpOn5DJ6GzrhtSZM7UmzHGASGmOc3lJIIMdZjeZy5CnAXSjg0W1GzejvRRgNBT4HsF1MB2xHA0Tw0YlLgGzXqEdgGTnJf7v3Vwmb5mqwbEKs0DWEBjMKFdsiBPnxhBDolCUbFGYuPcJ89zgUE1CjPhMg32rkRHbQ3UxJR54rjmeEPJahIJBC_YtaXPEG4GOMFpwXjB3EgA0FiYSD5vSkVFsGFPzqdtpWi5ceZS89xqHkJgob9ZCoayEjASFMG_sCHirRSqkMZwIWq1_pjBg-NWD1B7xEarTtfCwWeONHU70VYIQEUMachHbqERiVlerWjThNLOzQKeFsOeok0XFmlWbb8rqabGtH9D4ibxW60COBUBrvRa7_dTAzj6j7DyPa3Es95AgRv1jSyXVeltM8d4n7jVjjZKr2NDOlgCuGHbNaaFRB3LQApPbOK8Sz1HzQ8PsnJ-gVXOkpYO5yA3KhOO4JGFZvXL-sDv2yvZwfvj42edWKdCDZusPoUq4Bjw&step=1
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/recaptcha3?token=03AFY_a8XQd3tVxLPBEEmErhKy6xW98p7urnRjbpOn5DJ6GzrhtSZM7UmzHGASGmOc3lJIIMdZjeZy5CnAXSjg0W1GzejvRRgNBT4HsF1MB2xHA0Tw0YlLgGzXqEdgGTnJf7v3Vwmb5mqwbEKs0DWEBjMKFdsiBPnxhBDolCUbFGYuPcJ89zgUE1CjPhMg32rkRHbQ3UxJR54rjmeEPJahIJBC_YtaXPEG4GOMFpwXjB3EgA0FiYSD5vSkVFsGFPzqdtpWi5ceZS89xqHkJgob9ZCoayEjASFMG_sCHirRSqkMZwIWq1_pjBg-NWD1B7xEarTtfCwWeONHU70VYIQEUMachHbqERiVlerWjThNLOzQKeFsOeok0XFmlWbb8rqabGtH9D4ibxW60COBUBrvRa7_dTAzj6j7DyPa3Es95AgRv1jSyXVeltM8d4n7jVjjZKr2NDOlgCuGHbNaaFRB3LQApPbOK8Sz1HzQ8PsnJ-gVXOkpYO5yA3KhOO4JGFZvXL-sDv2yvZwfvj42edWKdCDZusPoUq4Bjw&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: https://promo.quiztionnaire.uk/
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:09 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/recaptcha3?token=03AFY_a8XQd3tVxLPBEEmErhKy6xW98p7urnRjbpOn5DJ6GzrhtSZM7UmzHGASGmOc3lJIIMdZjeZy5CnAXSjg0W1GzejvRRgNBT4HsF1MB2xHA0Tw0YlLgGzXqEdgGTnJf7v3Vwmb5mqwbEKs0DWEBjMKFdsiBPnxhBDolCUbFGYuPcJ89zgUE1CjPhMg32rkRHbQ3UxJR54rjmeEPJahIJBC_YtaXPEG4GOMFpwXjB3EgA0FiYSD5vSkVFsGFPzqdtpWi5ceZS89xqHkJgob9ZCoayEjASFMG_sCHirRSqkMZwIWq1_pjBg-NWD1B7xEarTtfCwWeONHU70VYIQEUMachHbqERiVlerWjThNLOzQKeFsOeok0XFmlWbb8rqabGtH9D4ibxW60COBUBrvRa7_dTAzj6j7DyPa3Es95AgRv1jSyXVeltM8d4n7jVjjZKr2NDOlgCuGHbNaaFRB3LQApPbOK8Sz1HzQ8PsnJ-gVXOkpYO5yA3KhOO4JGFZvXL-sDv2yvZwfvj42edWKdCDZusPoUq4Bjw&step=1
34.78.252.25200 OK 169 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AFY_a8XQd3tVxLPBEEmErhKy6xW98p7urnRjbpOn5DJ6GzrhtSZM7UmzHGASGmOc3lJIIMdZjeZy5CnAXSjg0W1GzejvRRgNBT4HsF1MB2xHA0Tw0YlLgGzXqEdgGTnJf7v3Vwmb5mqwbEKs0DWEBjMKFdsiBPnxhBDolCUbFGYuPcJ89zgUE1CjPhMg32rkRHbQ3UxJR54rjmeEPJahIJBC_YtaXPEG4GOMFpwXjB3EgA0FiYSD5vSkVFsGFPzqdtpWi5ceZS89xqHkJgob9ZCoayEjASFMG_sCHirRSqkMZwIWq1_pjBg-NWD1B7xEarTtfCwWeONHU70VYIQEUMachHbqERiVlerWjThNLOzQKeFsOeok0XFmlWbb8rqabGtH9D4ibxW60COBUBrvRa7_dTAzj6j7DyPa3Es95AgRv1jSyXVeltM8d4n7jVjjZKr2NDOlgCuGHbNaaFRB3LQApPbOK8Sz1HzQ8PsnJ-gVXOkpYO5yA3KhOO4JGFZvXL-sDv2yvZwfvj42edWKdCDZusPoUq4Bjw&step=1
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 192b1bf8fb523d7e78771d0948c4bb8e
e35cef0e3361503b5bc0df64529b222cc0df9cfa
f8a9d7aab40c6ab21e63733ef1be6638b1e49acc2883ff5c48a50c8e265abbde
GET /v/recaptcha3?token=03AFY_a8XQd3tVxLPBEEmErhKy6xW98p7urnRjbpOn5DJ6GzrhtSZM7UmzHGASGmOc3lJIIMdZjeZy5CnAXSjg0W1GzejvRRgNBT4HsF1MB2xHA0Tw0YlLgGzXqEdgGTnJf7v3Vwmb5mqwbEKs0DWEBjMKFdsiBPnxhBDolCUbFGYuPcJ89zgUE1CjPhMg32rkRHbQ3UxJR54rjmeEPJahIJBC_YtaXPEG4GOMFpwXjB3EgA0FiYSD5vSkVFsGFPzqdtpWi5ceZS89xqHkJgob9ZCoayEjASFMG_sCHirRSqkMZwIWq1_pjBg-NWD1B7xEarTtfCwWeONHU70VYIQEUMachHbqERiVlerWjThNLOzQKeFsOeok0XFmlWbb8rqabGtH9D4ibxW60COBUBrvRa7_dTAzj6j7DyPa3Es95AgRv1jSyXVeltM8d4n7jVjjZKr2NDOlgCuGHbNaaFRB3LQApPbOK8Sz1HzQ8PsnJ-gVXOkpYO5yA3KhOO4JGFZvXL-sDv2yvZwfvj42edWKdCDZusPoUq4Bjw&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: c3400b5380c5a1b0fa778442
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Cookie: plc=5bbb0ba263dcf80100a2e07f; stp=1; ck_tsp=2023-02-23T12%3A53%3A07.186Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 169
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"a9-41zvDjNhUDtbwN9kUpsiLMDfnPo"
set-cookie: qst.sid=s%3A6zejpSPj1FKmp79MVnDfmgL0Cupg7euL.%2Bfxcx8SRKggM2uTAoZk4XVqDl6%2BGkfZSc86yncuI5lk; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/t/page
34.78.252.25200 OK 2 B IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: https://promo.quiztionnaire.uk/
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:09 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/vdt
34.78.252.25200 OK 2 B IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/vdt HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-ofvuinwk,x-session-id,x-zqhkygow
Referer: https://promo.quiztionnaire.uk/
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:10 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/vdt
34.78.252.25200 OK 16 B IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/vdt HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:iqhEz7o6QNY3epARzQNhBPq7ep-bBxBb.Q6b+n5Br7LjUuxsIzPiGjdVO+oS5CHh7c8Vos8N6C8c
Content-Type: application/json
x-zqhkygow: aea095746b412c304b1e8a6705197b520a6c7e7252cffb4fdf171bc20ff2b2b5
x-ofvuinwk: a81814acb8a61e21545972b146737cd52b617e17622b464264413d432e4299a0
Content-Length: 1855
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:10 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
cdn.formulead.com/t/page
34.78.252.25200 OK 16 B IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:iqhEz7o6QNY3epARzQNhBPq7ep-bBxBb.Q6b+n5Br7LjUuxsIzPiGjdVO+oS5CHh7c8Vos8N6C8c
Content-Type: application/json
Content-Length: 143
Origin: https://promo.quiztionnaire.uk
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Thu, 23 Feb 2023 12:53:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://promo.quiztionnaire.uk
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
promo.quiztionnaire.uk/n/09/11/nz/iphone13_unknown/no_teaser.html?p_id=5bbb0ba263dcf80100a2e07f&request_id=69f17cb266e635d82bc8f00a439c908e&aff_id=1339&aff_code=LDA&aff_adv_id=2&aff_inc=iphone&aff_offer_id=2003
104.21.30.84200 OK 0 B URL HTTP/2 promo.quiztionnaire.uk/n/09/11/nz/iphone13_unknown/no_teaser.html?p_id=5bbb0ba263dcf80100a2e07f&request_id=69f17cb266e635d82bc8f00a439c908e&aff_id=1339&aff_code=LDA&aff_adv_id=2&aff_inc=iphone&aff_offer_id=2003
IP 104.21.30.84:0
GET /n/09/11/nz/iphone13_unknown/no_teaser.html?p_id=5bbb0ba263dcf80100a2e07f&request_id=69f17cb266e635d82bc8f00a439c908e&aff_id=1339&aff_code=LDA&aff_adv_id=2&aff_inc=iphone&aff_offer_id=2003 HTTP/1.1
Host: promo.quiztionnaire.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 23 Feb 2023 12:53:06 GMT
content-type: text/html; charset=utf8
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 12:53:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTeWhFcVWqRhpqjonmSlEaIOQ4wWJmnFJDLceRvvWMrsaOwDzJBwIRU60g%2BCQdi9qn1aNCJAwE%2Bu2d67fmqTajD70mMu21EqPvTTRaotakMdeHCBNfcIFsc8iG%2FpI1R7KZ1CtqVyLRMV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79e01a385ba70b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
st.formulead.com/assets/js/helpers.js
54.230.111.9200 OK 0 B URL HTTP/2 st.formulead.com/assets/js/helpers.js
IP 54.230.111.9:0
GET /assets/js/helpers.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.quiztionnaire.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Thu, 26 Jan 2023 09:06:13 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 22 Feb 2023 13:40:30 GMT
etag: W/"63d24285-12044"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D3j7BvSRfD-sL6OIHj3t6bT9HBB-Jktvdknl8zPQUKUwX0-CaKYs4A==
age: 83556
X-Firefox-Spdy: h2