r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5428
Expires: Sat, 03 Dec 2022 13:18:06 GMT
Date: Sat, 03 Dec 2022 11:47:38 GMT
Connection: keep-alive
www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
188.114.96.1200 OK 2.2 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 14b4aad32c6e75d9594d417d6ccd40da
f835f17695a98d9f8f43abe24959c4279f624904
844bc4b0f57a43aba14945cdccb939c1a4c8d309fdda3968229f8288f768f6af
GET /x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5 HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PU9tpdf9W4zrqK75RUFO6MztI4o5%2B4I3DERfxhxQ7sK9VIozckg%2BpUVfeEnMKBGDslkOTKpIRutfL7o2Z6mzS3Pr%2FRjI0%2BwYhHYYjCIbX4v4A99jEFU386OaGnwl0bFip7PQOc%2FtVA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 773c11926c330b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2139
Cache-Control: max-age=170353
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:38 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:06:51 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5350
Expires: Sat, 03 Dec 2022 13:16:48 GMT
Date: Sat, 03 Dec 2022 11:47:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 11:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1659
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: V8/iwujQiA8B9uz9WnVvB+Uq//sdec6TkqcA/QkibdOsYYngZ3imkSzMCVzIw4VWO6XdAfh+gWo=
x-amz-request-id: 64J6D2K2VNHAEHE2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 11:46:33 GMT
age: 65
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:47:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2b07acbbb3f504f8706680cb9c656921
836573ed2d2e678951f150321d130fc9da01f8fe
f1c3c6f0c160511dfc06e013b44dda64210272b87d9ba7558a02f8b5f47e82e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2065
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:38 GMT
Etag: "638a787c-117"
Last-Modified: Sat, 03 Dec 2022 11:13:13 GMT
Server: ECS (amb/6B8E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2b07acbbb3f504f8706680cb9c656921
836573ed2d2e678951f150321d130fc9da01f8fe
f1c3c6f0c160511dfc06e013b44dda64210272b87d9ba7558a02f8b5f47e82e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1827
Cache-Control: max-age=125765
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:38 GMT
Etag: "638a787c-117"
Expires: Sun, 04 Dec 2022 22:43:43 GMT
Last-Modified: Fri, 02 Dec 2022 22:13:16 GMT
Server: ECS (amb/6BB5)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2b07acbbb3f504f8706680cb9c656921
836573ed2d2e678951f150321d130fc9da01f8fe
f1c3c6f0c160511dfc06e013b44dda64210272b87d9ba7558a02f8b5f47e82e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2065
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:38 GMT
Last-Modified: Sat, 03 Dec 2022 11:13:13 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
www.secretswipes.com/x/jk1289xas/files/styles.css
188.114.96.1200 OK 1.9 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/styles.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (7988), with no line terminators
Hash 2c17626e9773700d2f56af402e2f9d30
312bcacc69a3d5fd488fc0a6706b6be5885191a6
b484a637dd7beec358688ea952cc23cd1e0f56e3f65a431c4fb60edd7dfe073f
GET /x/jk1289xas/files/styles.css HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
vary: Accept-Encoding
etag: W/"628e85c2-1f34"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAxL8AL1xwIZh94%2BbHcIb6%2Bm8SKwxoCi%2B8uUewbjGsmgJ0j2tFIZeK6budApcUvy2djNicwfTOMXboYn3vNpHmhIUSUlKLb5t6rEZ0bPrhg5ijkiThtEom1MsyiLGcbGwhJc8a5nxg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 773c1194de250b4d-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/x/jk1289xas/files/showhide.js
188.114.96.1200 OK 486 B URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/showhide.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (821)
Hash 391e200089c15a13609cb1ff1579f534
ac6da778593c36163e40a49dccc3d137fdbc8447
ece57f103b9f0f63eae18b732f63aae399bdc466c650a11ba0ccb06a1a140db4
Analyzer Verdict Alert fortinet Phishing
GET /x/jk1289xas/files/showhide.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
vary: Accept-Encoding
etag: W/"628e85c2-6b1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5zX3sa6sHfo03qm%2BtKfB%2F4ExACPUnNS7edZNJAeDwZORNX3wi6S9k3nnOQIXPsN8sObY7QXT7NBWpNuVZ5Ck57wEetvPMHDL6r7giffK6MNVklW251XYWlUvE8LE35J1J6izRboFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 773c1194d8eeb4f7-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/x/jk1289xas/files/function.js
188.114.96.1200 OK 125 B URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/function.js
IP 188.114.96.1:0
File type ASCII text, with no line terminators
Hash 91f476ac618b410e7141772f825c89de
595d87b95c26823ec93db1d602082ada5a0274cd
a485fc7c3567664f5b6769758dbf5fca4003a27cf790bb309b8b1a390249b1d7
Analyzer Verdict Alert fortinet Phishing
GET /x/jk1289xas/files/function.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: W/"628e85c2-79"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nssE2BCDHn5xB1c6Jt5NQ2D4vDB1mT73PxSeb8ErzbhR%2B8PfGAzX8Cb5fDvKFMFOQDFd3CHn4bmrqkV3wHHQhVYcQ%2B5dNNKgpmuI12x9IM4kGR63fHknyeUVzFm3bwF6yOi3IkqZvw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c1194edb4b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.secretswipes.com/js/app.js
188.114.96.1200 OK 674 B URL HTTP/1.1 www.secretswipes.com/js/app.js
IP 188.114.96.1:0
Hash 061b68d44cfa4a131cd8596ad94ff02c
e25d045fd5ea13cea15575bb2d5643ce2c891e3a
8d28da6f804ba1b617c264575118684fbb63423e54eb4950946635b4dec96dc2
Analyzer Verdict Alert fortinet Phishing
GET /js/app.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sat, 17 Sep 2022 17:19:51 GMT
vary: Accept-Encoding
etag: W/"632601b7-504"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIDHei1Ax0qi2WtdrPkiQ8WxmvCEUchSr7iT3hGXPvLvfHfWizutcxgePArZ0ZTg9fwN9JUD1SWn%2B54vQrLmTCAt7%2B0mvi5tWWaVzquBcmnVMM0DhTq%2BibHxXO6evIaB5qDkTrEaSw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 773c1195084c1bfa-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.secretswipes.com/x/jk1289xas/files/jquery.min.js
188.114.96.1200 OK 30 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/jquery.min.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 30383dbf70a4fee8fc9362726e102f93
12cfd136eb72f6fabb1fa5404715c2882a63abf2
bbec4a319e466240038dea909154b9472f669e99aa43d10c013deecdba705ba4
Analyzer Verdict Alert fortinet Phishing
GET /x/jk1289xas/files/jquery.min.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
vary: Accept-Encoding
etag: W/"628e85c2-14e44"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDkPJ0V6QPcFP4dYPeH2LPFnyfAC9eA4W20lWNw2erpF0wmM%2B%2BCGARfOF0Ioy4MAKg5QCHjOG4qDLG6kYBGMPwQ45IwLOlSuX%2Fw0DreuwxXEu5pkDMmxW%2BCBg0sppKaJm%2BlzGBFnFg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 773c1194ddb2b521-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 11:11:17 GMT
cache-control: public,max-age=3600
age: 2181
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-dt.fcdn.info/cal2.min.js?_=1
104.21.234.86200 OK 33 kB URL HTTP/2 cdn-dt.fcdn.info/cal2.min.js?_=1
IP 104.21.234.86:0
File type ASCII text, with very long lines (6375)
Hash 4cf1c3e4b6262c191556721471d921fa
309fbb156ba37dacf0d97424430c5d29b669fe17
f3ec48825fc549d3807cc43e462e541e418bce29feecf93ebedcf6e84fb633b7
GET /cal2.min.js?_=1 HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:47:38 GMT
content-type: application/javascript
last-modified: Wed, 10 Feb 2021 18:52:34 GMT
etag: W/"60242b72-18e8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 964243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22uUh2CwSA1mZyB8Y6QtJhHYZW3FMgO93nKFbd429FnNwchig9KPNGUXunlEKpLeJmZ43jlES9jBAqnowyj63uW%2BNf73PXsMMn4cWfA2SHpjYOHl0lUybKfdorRF22Iq1QAn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c1195cf30750d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2133
Cache-Control: max-age=165286
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:38 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:42:24 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
tag.swpush.com/action-track
188.114.96.1204 No Content 0 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 11:47:38 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHlzgJpOdk8UByB7HuwErQNexfHUmEwt1yTH4Gl6B7zd1QRdBo%2B6kLnitYhXV46DUDOGUlOACEhzzhXHHHtkzH%2FBaFJ%2BbetWxyvJDJa2FfRPz0CkqC4JoVW499%2BMM%2BFCRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c1197fd87b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 999e2810699805f508822dfef8a7941c
02223388c11ce158a03aeab09b2bff1fb2b9258b
a9053eab6c72a3ad28a9de8df060d4b0580f6f6a7472a924878c77232f7a0320
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2197
Cache-Control: max-age=162509
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:38 GMT
Etag: "638b0692-118"
Expires: Mon, 05 Dec 2022 08:56:07 GMT
Last-Modified: Sat, 03 Dec 2022 08:19:30 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 752148900f4327e34a1eef7756148cce
21f0a4a57f66b0be125a62f7764a9b61810aafca
4ceeb8b73eae6b2834925b8c6723c739526f1956240026341e7df19b2a7aecfb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4CEEB8B73EAE6B2834925B8C6723C739526F1956240026341E7DF19B2A7AECFB"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7112
Expires: Sat, 03 Dec 2022 13:46:11 GMT
Date: Sat, 03 Dec 2022 11:47:39 GMT
Connection: keep-alive
cdn-dt.fcdn.info/swpush.min.js
104.21.234.86200 OK 11 kB URL HTTP/2 cdn-dt.fcdn.info/swpush.min.js
IP 104.21.234.86:0
File type ASCII text, with very long lines (34449)
Hash 06fd10c15cb7d9518c48a7434d811ca7
01ed736653a5e1e517568af784bac66269cfbab6
5e7513ecc9b7c3ba1e5e52ec834601cba7e6d672f46510f8ac03a00969f96306
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:47:38 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 866672
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGZBz9GnlbS9PbtY%2F8LRCS8N%2FJOav1IQZuOnq2Og6uPFaWt87S6jwE%2BwxPzKdW3el6dQSsPQ79qoN2P%2Bu2vkWPvHfScgjhMM5P2zWOB7y6jwJ1qvWSSv9LF3taBV4Qqw%2FkSg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c1195aefa750d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secretswipes.com/x/jk1289xas/files/bg2.jpg
188.114.96.1200 OK 27 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/bg2.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3\012- data
Hash 436f23275831ecfb616ebeb0a6764f23
99a9c48be4bb379506eeb8eecbef019c1bcd6b40
7a22cacf5ed80b8a868c4626147ac374d209ef163fefac4c817c11ac7359274a
GET /x/jk1289xas/files/bg2.jpg HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:39 GMT
Content-Type: image/jpeg
Content-Length: 26588
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-67dc"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mP2MKreYsMICm3DpECypr1HYR%2BYUgloOFiaHaGMl45eXptv0NYTzyW80Hg3pZGOC%2Bn1qPzx0%2BjzXhp04L6jqtV6wQv0afU8Iq%2FuCAS7YNXAtzyLSqn2JZQGw%2BCNO6wRERxM7sOWJtg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c11971fca0b4d-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/x/jk1289xas/files/bg4.jpg
188.114.96.1200 OK 28 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/bg4.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3\012- data
Hash f991107bbb60e393392d613ecba9889c
6924dd0e882f1d7d0adfb21be6aac32e607e2ed2
6b7c3b470d975ee9914cbc54c0f27f6a7844d4a131685baca4b4a7b2791f181f
GET /x/jk1289xas/files/bg4.jpg HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:39 GMT
Content-Type: image/jpeg
Content-Length: 27631
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-6bef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNa6wnSOTQvzENQZ3OvVHnuinLEOkLGmaETBvbM%2FI1kW3Hhh1uixz8aqxJGYdkrCbT2tH7PgUyI8G2k1dL0hw9gC8GhCi%2BObWMIb13iRo%2FCWmnh4apR9Y6C%2FlF%2Bc9nnpvLX4h%2Bi23w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c11971ae1b4f7-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/x/jk1289xas/files/bg5.jpg
188.114.96.1200 OK 27 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/bg5.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3\012- data
Hash d0463dc81f32719cda181af92a18bbe2
180954b20a34ddc4a49e1089df455a54074aab50
f26f756eb9d8a74c8880ffb25abbab77a96cc42bba39476d7226e804a0eac91a
GET /x/jk1289xas/files/bg5.jpg HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:39 GMT
Content-Type: image/jpeg
Content-Length: 26977
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-6961"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHuhVoS4xAlSYYayblbg5rESrwdpgIlL0kHML0M9hd7%2F%2B%2Bj23kXvrawfJj5%2B%2FKB9hKgKlegFvWw1SNGsI5wZYNTCq0TiIg34isju03KlH3Vpwcnf2EIimlIraUqcF4c5BNDPddtMPw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c11971cf40b02-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/x/jk1289xas/files/bg1.jpg
188.114.96.1200 OK 31 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/bg1.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3\012- data
Hash 1402f29aa77e82069d530d08be3c7e36
6d0586c19da360e3ce8dd45b451c53258dd2971b
2b0944e5b0df6219b91a8ba48c7246b5ad37c6b82f4b610b7025e124840690b1
GET /x/jk1289xas/files/bg1.jpg HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:39 GMT
Content-Type: image/jpeg
Content-Length: 31088
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-7970"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yV%2B5QDNIiNdLB1xMR%2Fk9Npp2xBhArA7CCK3Ys48VzT1QBPaGgdiB%2BFkzCRMiWh5pyAyDGPNhZAPhqdRvn3QNwJf79SoOfbPnUAtdHraNvIVG%2B%2FhmHA8gw341Ncu1XW8TdGl80R78oA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c1197182db521-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/x/jk1289xas/files/bg3.jpg
188.114.96.1200 OK 29 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/bg3.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3\012- data
Hash 1d82a9c16d537de6dc7da58e7e937cf0
309837e0e7df136b7ee0ae65b033af0147008f45
61918ed8a633086b73ec4ca84e1971ac7e4e5111a3ecd3c66a763cf0ab55b981
GET /x/jk1289xas/files/bg3.jpg HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:39 GMT
Content-Type: image/jpeg
Content-Length: 28731
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-703b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCQvUDz2oaWSCY%2F8r7KSTwOkAPhELHLrguz7ApOjTGZuzzXF0HfnKJuhdsuUpoh6nSDhNyE0%2B0qeH92PM69kjky%2B%2FuIEBxCK%2FIgfvJBsAmv5xWNynvoHTUjcFJgg1GA51GQrKftSeg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c119719c91bfa-OSL
alt-svc: h2=":443"; ma=60
tag.swpush.com/action-track
188.114.96.1400 Bad Request 41 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.96.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b3d1dfa17a6e2be3f51bc4daf604435
374418a2d177a4012685476a2c1643e15e546e64
6bfccd30af11322070311b7f99ff7682ae00513fade6ecec5bf5bd10c34e2d1d
POST /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Content-Length: 64
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
date: Sat, 03 Dec 2022 11:47:39 GMT
content-type: application/json; charset=utf-8
content-length: 41
vary: Origin
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmvqflSUP7N541AzmefwM4W8kzQ0HqE5K7m18iCPC0BhbMkLeC8GWkCXBeA94TYon1vFrndF4c67sRwDhFdo2cljhWhDMi%2B4vl8MgYkWXayv4LQrGmMVv1wy8f6INrcc1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c1198ae26b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap
142.250.74.106200 OK 550 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap
IP 142.250.74.106:0
Hash cebdfdd825efecc935b3409aff2776c4
63263d3eb264b1c47f80e9f52da0e40adc521714
5dfaa890bdf745922f00d7eda274c15080018c60212ef8178db74be781d6181b
GET /css2?family=Montserrat:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 11:47:38 GMT
date: Sat, 03 Dec 2022 11:47:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tag.swpush.com/action-track
188.114.96.1400 Bad Request 41 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.96.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b3d1dfa17a6e2be3f51bc4daf604435
374418a2d177a4012685476a2c1643e15e546e64
6bfccd30af11322070311b7f99ff7682ae00513fade6ecec5bf5bd10c34e2d1d
POST /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Content-Length: 64
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
date: Sat, 03 Dec 2022 11:47:39 GMT
content-type: application/json; charset=utf-8
content-length: 41
vary: Origin
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTkaH0%2B7ot3t2D9qDgY6rgCpBNRlboeOJdz6MjkYDxsmOnhKsBuXCzZNOoBeX3v5nbYOq5At6OTkMMfQk9Om4MVIyRZLUDp7aY4yd9TqURKtl0%2Fj9pB7D33iCK150yZT%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c11990e86b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secretswipes.com/x/jk1289xas/files/logo_user.png
188.114.96.1200 OK 2.7 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/logo_user.png
IP 188.114.96.1:0
File type PNG image data, 106 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash a45cbe874cc4a0052afb718c348dcb18
42470b0690ea1bdae19affa072cf560b4a29d7db
8d919905b98631ac02ce395cb20950f2379bcd9cea4f2e9f144f89a3e90e0bd1
GET /x/jk1289xas/files/logo_user.png HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/files/styles.css
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:39 GMT
Content-Type: image/png
Content-Length: 2734
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-aae"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umX3%2F2QHrRlGJ8iyvCkZ0x4K8tMOs37AVZ3bputezNcdlXHyseJOoKknwE38YJdHeq4WPpYuv3xDD8ttq56wTEXdk3jBNsdHlgPX6o8lhhg4uxYUjUQh9fXmDiPg2n4hDxzkxIulKw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c1199296f0b4d-OSL
alt-svc: h2=":443"; ma=60
app.api-push.com/get-keys
172.64.163.28200 OK 1.3 kB URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
File type JSON data\012- , ASCII text, with very long lines (2183), with no line terminators
Hash 53d93b03fcfe9d912e0f58a57bded64a
5aa37147a641ff5fc683b96e8e061ebb91b60d0e
8bf104923c75577205c561ae99a96ca3fe02a14cd474d2753f82d5b4433d333a
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Content-Length: 89
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:47:39 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OLQ7n%2FWCHm6h2dwvnkUCtUY6t5j1UI2J860xWrVkVRwTDWxJ4ww1p%2B%2FgNh5ZK0a7fT%2BzKSxrP3UzipMat%2F9eKKIwvfDUk8XhGT%2FEjlvZcbfqZ33UTzN0NPGIBEfVQeCSXcJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c11997baa7749-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FBq25xMDRyNIGBhclscnmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wYFu+27av/4kKyGR0FEfpT7howM=
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 999e2810699805f508822dfef8a7941c
02223388c11ce158a03aeab09b2bff1fb2b9258b
a9053eab6c72a3ad28a9de8df060d4b0580f6f6a7472a924878c77232f7a0320
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160311
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:39 GMT
Etag: "638b0692-118"
Expires: Mon, 05 Dec 2022 08:19:30 GMT
Last-Modified: Sat, 03 Dec 2022 08:19:30 GMT
Server: nginx
Content-Length: 280
subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
172.64.163.28204 No Content 0 B URL HTTP/2 subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8 HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 11:47:39 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4R1Ni%2BEjjRS0ylyc%2FvNmpMcDZXHTNpN96sMtEjLfxuNJavRf9UpfcqJN9IxU%2B2zvJfQK8KKeuaQlhnai5Mel%2BL2rtvDF7%2FujdUMlLoaIKa4W9wMXZ8oD3KSiO41W9aFDLs8oE9pCDxaR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c119afe357749-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
172.64.163.28200 OK 5 B URL HTTP/2 subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
IP 172.64.163.28:0
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8 HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:47:39 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvd7SLAi08ABs%2Fstqc3HJFKqz8r5Mfuvh%2FCJcroyNgf2N9wqdjOmMDB%2Fj0ZEIhj0s45ZSinloJ%2F1tUL1IShKcc7jm8nzXsjU%2F5PlNX2SQvaPUlauYyM%2Bk8SSXSXnWhU72w1AoGCZO2vx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c119b7f027749-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secretswipes.com/favicon.ico
188.114.96.1200 OK 3.5 kB URL HTTP/1.1 www.secretswipes.com/favicon.ico
IP 188.114.96.1:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1afd0490a7c54f3762f6d69a39fda96f
60ff08ef286f291f51397f5f64265b5785255f3e
acb0653f24a2eb7cadc905929864bb742896201ad86d5899c4ca44b77f14e96d
GET /favicon.ico HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=5c29o18R0K4cWOuGp-2W1LD2yXbZeFWGyD0Jy22ryENlgMVJYk5WmaZstCx2gUYXPoGXt1j2qINk1U0fdJG8n4boB89S0sYQ9cD6f8vh7X5ZReXzEnDWL3bmE_tUrTCBU_ngEwCflWBNHSujY85mxM9cD_RhE9hiKrDuIb8rxo011HkLgzNZ3Zpd6_c317ej--RaeECaq4VET-bWjKJ6_gSzav9fvihclkH5plBiGAIbVGph_rD8zJFqDex8OieFhjhfYHgvsaRgRVNXOFgp4U9T9puPnyTRUK5FTO4c1WDreiBIiQf5TgeV0zgDNIIhmvFxXg0r7d5DxxF3xVQ6DZYBQLvYWrwZPvAbyYLKMMEHTAOTYYJbiab7w29Y7qGagov4RMoq84VjP8LcMrp2v1Z9ucJK7D5n2i3LxBPBsjg_iGi29iSxN2FCFtYEu9R9adIsSSWoAoc80qYGmnQQqKRi8EZz0WuAHj3pErm49X2OX3F4vKw7wiEIELnTaepw&lptoken=162f706f066798a1504f&pub=696&source=Default&externalid=0638b374dd2eaa7.53889279&uid=aa0896271bec1593fcd0e0f17235dd09&cs_id=4c27eed5-f6cb-480b-a84d-50a1b979eba5
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:39 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 10 Oct 2021 05:17:00 GMT
vary: Accept-Encoding
etag: W/"6162774c-d90"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2a6GlVr3oO2%2FetwxpTRPIOuJ5EDZrcFY8l1%2B6KTxYpxduWVF35DJwHH73ZHQbSp2UICAWqrAT8O1LXxo4%2F%2FgkVsXttoF17z%2F7pKafpBPTAu7QCAsceStnQ37e9sAbu2l2IgeH%2Fx5mw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 773c119bfd67b521-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/x/jk1289xas/files/gif_main.gif
188.114.96.1200 OK 868 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/gif_main.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 270 x 480\012- data
Size 868 kB (868026 bytes)
Hash 545ddbb65ca2cecb6fed09a513c1618f
a5e00e6164892ba3ba7950b796c5a22b1724166a
35654f03499d2dd1945ea1bdcd17c4cc2ca4a152e812dd42994f881d879604d9
GET /x/jk1289xas/files/gif_main.gif HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/files/styles.css
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:47:39 GMT
Content-Type: image/gif
Content-Length: 868026
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-d3eba"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUKQT%2FNP4to6teRpaNaZXvgXgNs5ws0c%2Fv%2BCxjHCYaSLUXdkcDPLL9jxlsOlh0J4BO6DfT2gkB8d2plpnzQHvNY%2F5o7%2FSaR1YYctbd%2F0iCmZndUZNVZDtcj6X%2FmizNCMsGojtviw4A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c119798d7b521-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13291
Expires: Sat, 03 Dec 2022 15:29:11 GMT
Date: Sat, 03 Dec 2022 11:47:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13291
Expires: Sat, 03 Dec 2022 15:29:11 GMT
Date: Sat, 03 Dec 2022 11:47:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13291
Expires: Sat, 03 Dec 2022 15:29:11 GMT
Date: Sat, 03 Dec 2022 11:47:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13291
Expires: Sat, 03 Dec 2022 15:29:11 GMT
Date: Sat, 03 Dec 2022 11:47:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 06:00:50 GMT
age: 20810
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GBhAilKMKo9RvIzqzF9V4jTZbvpa2rPZeoy6Jy8fMc1-JO078OAYzQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:53:40 GMT
age: 21240
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbee75c6c314655f738b57b828bef016
bb36d39c7adf764e8a7dcf7f91125001623975b4
fd40949b9711db01be746d1723f78c2bb04d356063c6249b8b5ae1470532367a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10877
x-amzn-requestid: bebc4f7f-7349-4973-99f5-d6c3b8a27072
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1G2uIAMFryg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-0637a1a946db78074bc19dc3;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wtaahzdJXnHSYwqIlHyqFy-LsdPl1Nh-CThm-x57bU3dUEgrfB1Gvw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 50993
etag: "bb36d39c7adf764e8a7dcf7f91125001623975b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:39:04 GMT
age: 47316
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:54 GMT
age: 50986
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 50993
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 60b21b4f32da0819a4df2afccca4ef0f
2a2a0c17d71527673b810fb7d4d42df739a0a43e
5e69c209b02595ab9beb1592a9280ede55e61814d7c1f78e732f7c6fffab1039
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4665
Cache-Control: max-age=97965
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:40 GMT
Etag: "638a00d0-117"
Expires: Sun, 04 Dec 2022 15:00:25 GMT
Last-Modified: Fri, 02 Dec 2022 13:42:40 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 60b21b4f32da0819a4df2afccca4ef0f
2a2a0c17d71527673b810fb7d4d42df739a0a43e
5e69c209b02595ab9beb1592a9280ede55e61814d7c1f78e732f7c6fffab1039
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93300
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:47:40 GMT
Etag: "638a00d0-117"
Expires: Sun, 04 Dec 2022 13:42:40 GMT
Last-Modified: Fri, 02 Dec 2022 13:42:40 GMT
Server: nginx
Content-Length: 279
theemforest.com/p/1
104.21.49.212200 OK 0 B IP 104.21.49.212:0
GET /p/1 HTTP/1.1
Host: theemforest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:47:39 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP02oaUconnEpCOQ4kGPgrMdW2BYpPJW2NrWlxitdqWduRP8B4pMDDQ%2F8ZZx8Ny6zxnL117PeCiA%2BN5oGWEnZcupk9F%2BxXh7BHGWFFjV9PtDbkx7Vm9mvRwcmz3pQj6P2ao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c1198cf491c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjam.com/cdn/sdialog.min.css?_=4
172.67.166.71200 OK 0 B URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP 172.67.166.71:0
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:47:40 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4063
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tj0aEDEVC8DM5YAAYJDiui7Tocloc%2BhDo1iZ0P3%2BkYx5ExwOuWERW9vrPzMetslctuXcrExjyWlE6i7AHePYe7Ia%2FUVZCbVdIpdtiOSvvEGMC5vQJ8CXPBkSS0EN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c11a32f46b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2