r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8029
Expires: Sat, 04 Feb 2023 04:11:25 GMT
Date: Sat, 04 Feb 2023 01:57:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6369
Expires: Sat, 04 Feb 2023 03:43:45 GMT
Date: Sat, 04 Feb 2023 01:57:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8401
Expires: Sat, 04 Feb 2023 04:17:37 GMT
Date: Sat, 04 Feb 2023 01:57:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 01:43:35 GMT
content-type: application/json
age: 841
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3MGeKjXWoCuB/JLQrUMClMjPkw7YsMYKwB1AOHdG6QWCbKRX3SFdeoEQ8LjfIfBphZMzuvgdilI=
x-amz-request-id: SMQDSGRP4XX6R3W3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 01:52:39 GMT
age: 297
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
webmail.sharonswishes.com/jgyhg5e96u/
188.114.97.1200 OK 14 kB URL HTTP/1.1 webmail.sharonswishes.com/jgyhg5e96u/
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10860), with CRLF line terminators
Hash 19e0882ad5c0622fd4a627f1c6eab253
a1cfa1c0d37d7c7e28667b62e4546256423b0fdf
aed55d97025d52b936f5c43bdd377c788e5adcc3bfb0a3de0c20f6bd30acbc5e
Analyzer Verdict Alert fortinet Phishing
GET /jgyhg5e96u/ HTTP/1.1
Host: webmail.sharonswishes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:57:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mW%2BU9x3%2BCmrKb8vfTn9TPzQXf%2BxC3hRQEuNa%2BiLZz%2B4Dyfugay9bHdjP6rLBo2fOURuiZszIbk1XvLe%2FmB85nT160IWUs8UlrND%2BI3meQabNy54RAInfiVDRIXkQNIe1ewMMrg9X2HprXS5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793fcbe3d96e0b45-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:57:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
i.imgur.com/L4a683e.png
151.101.84.193200 OK 4.0 kB IP 151.101.84.193:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash a835a4ee4b2610361ce1e346d0fc0470
8f11d1812bb4c7181b4ee0a22db0f5952ca6dac6
6d5c4c17f641c4cbddb97269aa5cee5d8a9813e3cd764c9bbc65ea994a7e89aa
GET /L4a683e.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 18 Sep 2022 19:28:38 GMT
etag: "a835a4ee4b2610361ce1e346d0fc0470"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:57:36 GMT
age: 3130636
x-served-by: cache-iad-kjyo7100036-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 12843, 1
x-timer: S1675475856.380130,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 4038
X-Firefox-Spdy: h2
i.imgur.com/7sZUmPO.png
151.101.84.193200 OK 3.1 kB IP 151.101.84.193:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash aa3d36b94ed8a6e27feff28d4dafe329
521490db1e4581dd4eeee8acc5492735e78e019e
55dccfa672fbbe5931b1e4df91468a8775226d4e4314d9ff3dcbec55f52f5ad7
GET /7sZUmPO.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 18 Sep 2022 18:10:11 GMT
etag: "aa3d36b94ed8a6e27feff28d4dafe329"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:57:36 GMT
age: 2829062
x-served-by: cache-iad-kiad7000020-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 8138, 1
x-timer: S1675475856.379983,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 3147
X-Firefox-Spdy: h2
i.imgur.com/FTLIZSb.png
151.101.84.193200 OK 3.0 kB IP 151.101.84.193:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 50ec7ba809f96b42088aafd817893572
679ccfc84395a996520795ef1bd3273c08622c02
588b1c4bfd72f0ddf016007c9ab23246844a93fb0fa4d4c20757d89b01ddfa5e
GET /FTLIZSb.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 18 Sep 2022 19:28:37 GMT
etag: "50ec7ba809f96b42088aafd817893572"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:57:36 GMT
age: 3052731
x-served-by: cache-iad-kcgs7200028-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 3240, 1
x-timer: S1675475856.380333,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 3046
X-Firefox-Spdy: h2
i.imgur.com/P8Gsm1l.png
151.101.84.193200 OK 6.6 kB IP 151.101.84.193:0
File type PNG image data, 156 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash f44ece975fd6bf92ea1f67a874f96da0
0346ef51f91e8730931122c33cc7e52e8858d0bb
7c0bb696c24a2e58f0f4eaec69da283c1e2dd77a711a8f34efaa1fe5a712f4c8
GET /P8Gsm1l.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 15:38:30 GMT
etag: "f44ece975fd6bf92ea1f67a874f96da0"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:57:36 GMT
age: 3037477
x-served-by: cache-iad-kiad7000170-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 9818, 1
x-timer: S1675475856.380471,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6597
X-Firefox-Spdy: h2
i.imgur.com/qTPLmV5.png
151.101.84.193200 OK 5.4 kB IP 151.101.84.193:0
File type PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c764eaeba9a588179c0d28bc81aeaaf6
332b57601a59345b1a938ada18a219a07e993dd0
00928199444dbc014572ac0fffe7fbf934c4d65f7920e24669042af6d808f7d5
GET /qTPLmV5.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 18 Sep 2022 17:03:35 GMT
etag: "c764eaeba9a588179c0d28bc81aeaaf6"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:57:36 GMT
age: 2559845
x-served-by: cache-iad-kcgs7200129-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 6324, 1
x-timer: S1675475856.383693,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 5397
X-Firefox-Spdy: h2
i.imgur.com/EOhpZgM.png
151.101.84.193200 OK 7.7 kB IP 151.101.84.193:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ecef1c67ef18b69abf244f698ca79fc
3a9b116de20400a2d49396f7200b5fb2d1bb0a08
0cd75e03b8fd96f44a698ef72b4d20663442159e2377ce79ca5f01e23ccb9351
GET /EOhpZgM.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 18 Sep 2022 18:27:34 GMT
etag: "1ecef1c67ef18b69abf244f698ca79fc"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:57:36 GMT
age: 2658100
x-served-by: cache-iad-kiad7000041-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 3288, 1
x-timer: S1675475856.385081,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 7726
X-Firefox-Spdy: h2
i.imgur.com/H5EPED1.png
151.101.84.193200 OK 3.4 kB IP 151.101.84.193:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 312fa6a734f96422993aa751ceaf6f9d
bcee3278773af24da138799f0eb661c14d618442
9733742a746615e344dfa5178eadf0b4b24669db49b2bd5f85a70c613402b8e9
GET /H5EPED1.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 18 Sep 2022 18:03:43 GMT
etag: "312fa6a734f96422993aa751ceaf6f9d"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:57:36 GMT
age: 3134574
x-served-by: cache-iad-kcgs7200024-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 10721, 1
x-timer: S1675475856.394443,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 3417
X-Firefox-Spdy: h2
i.imgur.com/6HIOsYS.png
151.101.84.193200 OK 62 kB IP 151.101.84.193:0
File type PNG image data, 450 x 463, 8-bit/color RGB, non-interlaced\012- data
Hash 872386d4da2147eee5c2b6a655fefbbe
816a426fcfae9b781df4b83c63a582995c6cc8f6
3d3564f525c3118d755bf94b6e41e9c15163c0804ae1eab34315ef6a9da7aef2
GET /6HIOsYS.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 20:43:48 GMT
etag: "872386d4da2147eee5c2b6a655fefbbe"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:57:36 GMT
age: 2668731
x-served-by: cache-iad-kcgs7200141-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 6833, 1
x-timer: S1675475856.394357,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 62490
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-88149946-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-88149946-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 2074cbb85d72d981fff8119b499f1af2
bc7ce9e61797a9d2436bb2ba255f2243fbdce67f
3f9fd1ab042dbe48bf81969828cc6ee8b5b7b6f8aef00087014d90e8432ba0dd
GET /gtag/js?id=UA-88149946-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 01:57:36 GMT
expires: Sat, 04 Feb 2023 01:57:36 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43907
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-7WY85MQKRQ
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-7WY85MQKRQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (19467)
Hash 39b9b00f96be213cad2f648dc43541a5
1437289fa065aff52ae14ce94112a92d901a00ef
a89a44862d00017bf05f2fc9ddb15c9b4e669e6cfa58160afc0d2dd03884296c
GET /gtag/js?id=G-7WY85MQKRQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 01:57:36 GMT
expires: Sat, 04 Feb 2023 01:57:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-J4FFZPJQCN
142.250.74.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-J4FFZPJQCN
IP 142.250.74.168:0
File type ASCII text, with very long lines (21849)
Hash 7fd3d785b94e9cc6b4cf102bf84c3d96
5f5c9fabf6bdcf2b27f3d1101414eb1cd8b3de10
689573ef0631e55a11e38b4c0f6cc902c0ac27887216a7f33c9a4f0ebbb7f3f5
GET /gtag/js?id=G-J4FFZPJQCN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 01:57:36 GMT
expires: Sat, 04 Feb 2023 01:57:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77606
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webmail.sharonswishes.com/jgyhg5e96u/emoji.scss
188.114.97.1200 OK 14 kB URL HTTP/1.1 webmail.sharonswishes.com/jgyhg5e96u/emoji.scss
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10860), with CRLF line terminators
Hash fd7b9f03492ae138ebe50c67ef81e2cb
4625960d8bb0e21179985424bc835d41d5321291
3027ab7926134c8b943e864164c5da8b5be8ead00fd7ae6e89437e3b843e5125
Analyzer Verdict Alert fortinet Phishing
GET /jgyhg5e96u/emoji.scss HTTP/1.1
Host: webmail.sharonswishes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/jgyhg5e96u/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:57:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DeTdrd4ZmracydcQ0%2FG7Q3%2Bw80nql%2BHlB4XLAs1RrJ2ygjW6Swc7b7gIPz%2BIoxMqfFH6e%2FtE%2FXI%2Bwl%2BT7mOD2fWGvjUdIwI4dLKAznuB83BZnTI5%2F8QRD9WPUm8MzNht1iLlSebeMkE8uSE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793fcbe5ddf1b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 01:07:19 GMT
age: 3017
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13747
Expires: Sat, 04 Feb 2023 05:46:43 GMT
Date: Sat, 04 Feb 2023 01:57:36 GMT
Connection: keep-alive
push.services.mozilla.com/
54.185.236.64101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.185.236.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xq33IDectcd932F5j5qbiA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gK31ZrEPaG1Cm1hp+nsXZIquI2w=
webmail.sharonswishes.com/jgyhg5e96u/style2.css
188.114.97.1200 OK 14 kB URL HTTP/1.1 webmail.sharonswishes.com/jgyhg5e96u/style2.css
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10860), with CRLF line terminators
Hash edd0ba9c8958184c116abd82c1cb66a5
964c0709522d9e172d0de8c9685d56f4e9985324
31eb72b7bea4e2c37a93600233e6846a347bccc5c5defe21ced07148e8bb44e9
GET /jgyhg5e96u/style2.css HTTP/1.1
Host: webmail.sharonswishes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/jgyhg5e96u/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:57:37 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xY16bItwTELgolRTLsB35eQQ%2Fswyl6B4xFbqvC7DLbRwIP6lo4VdInAJKlpxXUIYb7UiE%2FqXexzgsaEtut7tm1rtj89jfGUZCojpSstPyPkiRMEt2SO7ocXhDErcrSK4Nnxq1ON3sTgXqCE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793fcbe5da070b45-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
1.bp.blogspot.com/-zrHXcoP_nIc/YkIurudu_hI/AAAAAAAAAXo/WejZQOU1b4c4hZ0WXDUNj_puYUg1mGb6gCK4BGAYYCw/s220/4.jpg
142.250.74.161200 OK 2.3 kB URL HTTP/1.1 1.bp.blogspot.com/-zrHXcoP_nIc/YkIurudu_hI/AAAAAAAAAXo/WejZQOU1b4c4hZ0WXDUNj_puYUg1mGb6gCK4BGAYYCw/s220/4.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash 94fb8d6f13358192bfb090839362f5ad
00e20ee1556013f8af5dbb13028078081740c778
743999a1dadf6b177b4455653f033e873812d00cb88b960a646328fa914b24d1
GET /-zrHXcoP_nIc/YkIurudu_hI/AAAAAAAAAXo/WejZQOU1b4c4hZ0WXDUNj_puYUg1mGb6gCK4BGAYYCw/s220/4.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="4.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2330
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:28:03 GMT
Expires: Fri, 03 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 1774
ETag: "v1a1"
Content-Type: image/jpeg
i.imgur.com/oFxODaf.png
151.101.84.193200 OK 17 kB IP 151.101.84.193:0
File type PNG image data, 189 x 194, 8-bit/color RGBA, non-interlaced\012- data
Hash 12b7587d2f95a56946a8a0ad440c32eb
bf9e56f7ea21ce17902f1b15d4e239820edbd1a0
fd35f38ddc48d6ad7dd3c58f0377f62c37ccea5e53856bc4631c4f0674bc3e30
GET /oFxODaf.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 18 Sep 2022 16:07:03 GMT
etag: "12b7587d2f95a56946a8a0ad440c32eb"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:57:37 GMT
age: 3065249
x-served-by: cache-iad-kcgs7200120-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 5934, 1
x-timer: S1675475858.527499,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 17235
X-Firefox-Spdy: h2
webmail.sharonswishes.com/socket.io/?EIO=4&transport=polling&t=OOQ9JCd
188.114.97.1200 OK 119 B URL HTTP/1.1 webmail.sharonswishes.com/socket.io/?EIO=4&transport=polling&t=OOQ9JCd
IP 188.114.97.1:0
File type ASCII text, with no line terminators
Hash 00304c0566bf2db33e1fe3c3a98177a7
190fd9f0f2c830dfef5abbd5b21732473208cfe7
08f842e5ad129e328dbecd52334136e9c1f4d2919d705e5828d0aa88d31585c4
GET /socket.io/?EIO=4&transport=polling&t=OOQ9JCd HTTP/1.1
Host: webmail.sharonswishes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/jgyhg5e96u/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:57:37 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2oyXxkwHXinlDJHSt1p2KAN3CfHtiRniNqhwMgoba%2B9k3t4ftoZ%2FX1QxFI2bTprc%2FvKDl7iYEX8AGNqmAQToOQ%2Fda11nMDR0qYvyTGWHsoYI%2ByrK3YwlU1h%2BazU9M4uOtVam1j7TUlWoQJ4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793fcbed89aab515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
4.bp.blogspot.com/-HYwk2vPCNlQ/YkIvBqLJ3WI/AAAAAAAAAZk/woOkNAX5Gjg8v0ktAoO4jw_2dJpWVTxTQCK4BGAYYCw/s220/17.jpg
142.250.74.161200 OK 3.5 kB URL HTTP/1.1 4.bp.blogspot.com/-HYwk2vPCNlQ/YkIvBqLJ3WI/AAAAAAAAAZk/woOkNAX5Gjg8v0ktAoO4jw_2dJpWVTxTQCK4BGAYYCw/s220/17.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash 35be704b7315e0cf493d5101968b4440
f526225bfb74a482ebcc6863c967b48099c62670
250d90b8bc86df7a2a1ae2b1edf39cfc149bedf13f75b41f863a61b18556985c
GET /-HYwk2vPCNlQ/YkIvBqLJ3WI/AAAAAAAAAZk/woOkNAX5Gjg8v0ktAoO4jw_2dJpWVTxTQCK4BGAYYCw/s220/17.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="17.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3525
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:57:37 GMT
Expires: Fri, 03 Feb 2023 09:28:33 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1a3"
Content-Type: image/jpeg
Age: 0
ocsp.pki.goog/s/gts1p5/kjNaNllcCsY
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/kjNaNllcCsY
IP 142.250.74.163:0
Hash bac5a4790be4607034b0341de118f822
15b537f48e21fa6c88076f1c1e519bde9221671f
e398489b68a548db91ade2565659b96eec0c04a7c8f4d0c62cde3ce104224c18
POST /s/gts1p5/kjNaNllcCsY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-O7PH3oam22g/YkIvFyMBAvI/AAAAAAAAAaA/JlX9oU3zCZch1ByzVuxpQDlzHtXTuoVXACK4BGAYYCw/s220/20.jpg
142.250.74.161200 OK 3.5 kB URL HTTP/1.1 1.bp.blogspot.com/-O7PH3oam22g/YkIvFyMBAvI/AAAAAAAAAaA/JlX9oU3zCZch1ByzVuxpQDlzHtXTuoVXACK4BGAYYCw/s220/20.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash ab57369fdd3cd28e058b9d7df063b75f
062161fa4907c4cf964c3d545b6f478bcf4d1f24
a8105e5668f4e71262cc6fdb184c23944d76557df1ee1b07e69e2e9e95778f35
GET /-O7PH3oam22g/YkIvFyMBAvI/AAAAAAAAAaA/JlX9oU3zCZch1ByzVuxpQDlzHtXTuoVXACK4BGAYYCw/s220/20.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="20.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3458
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:28:03 GMT
Expires: Fri, 03 Feb 2023 10:28:45 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 1775
ETag: "v1a5"
Content-Type: image/jpeg
ocsp.pki.goog/s/gts1p5/kjNaNllcCsY
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/kjNaNllcCsY
IP 142.250.74.163:0
Hash bac5a4790be4607034b0341de118f822
15b537f48e21fa6c88076f1c1e519bde9221671f
e398489b68a548db91ade2565659b96eec0c04a7c8f4d0c62cde3ce104224c18
POST /s/gts1p5/kjNaNllcCsY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vvcomphelpvv.com/leech/new/8.mp4
188.114.97.1206 Partial Content 403 kB URL HTTP/2 vvcomphelpvv.com/leech/new/8.mp4
IP 188.114.97.1:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 403 kB (402687 bytes)
Hash ccf668eeb88a2ceda1890a63b07dc925
3f643d30cbadaf8f734dd3108d04f75498dee950
2b25594d22f1762988b3eec6a719c771172ddd3b50b048bb43a4d7afd0da01bc
GET /leech/new/8.mp4 HTTP/1.1
Host: vvcomphelpvv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sat, 04 Feb 2023 01:57:38 GMT
content-type: video/mp4
content-length: 23048382
last-modified: Fri, 16 Sep 2022 09:42:31 GMT
etag: "63244507-15fb0be"
expires: Sat, 27 Jan 2024 09:45:58 GMT
cache-control: max-age=31536000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
cf-cache-status: HIT
age: 202356
content-range: bytes 0-23048381/23048382
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SaqTvoUG4NTlTwo3jgV70VQGNo%2FM2FT4rZ6iKJAwHPx8rSGJzlDATuPIbXBHt0Wl4gz7QI5AdaqGpRbYnjfY3OCr2z%2FBlhbYLcHKvKYXHr5h563TChPHx5LQujDC8mzu4h%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793fcbf0e84f0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
webmail.sharonswishes.com/socket.io/?EIO=4&transport=polling&t=OOQ9JLO&sid=wUelVhbD8cS6DLJgBE6L
188.114.97.1200 OK 32 B URL HTTP/1.1 webmail.sharonswishes.com/socket.io/?EIO=4&transport=polling&t=OOQ9JLO&sid=wUelVhbD8cS6DLJgBE6L
IP 188.114.97.1:0
File type ASCII text, with no line terminators
Hash 559d90b531072c0b70cfbaa66634a4dd
82bcdd391476e7d60de358ef62df82d9b19d23f0
63a9ef37b9981390b1b2e663560f71de846e748587325e171162a86fd4cfdaf5
GET /socket.io/?EIO=4&transport=polling&t=OOQ9JLO&sid=wUelVhbD8cS6DLJgBE6L HTTP/1.1
Host: webmail.sharonswishes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/jgyhg5e96u/
Cookie: _ga_7WY85MQKRQ=GS1.1.1675475891.1.0.1675475891.0.0.0; _ga=GA1.1.932334685.1675475891; _ga_J4FFZPJQCN=GS1.1.1675475891.1.0.1675475891.0.0.0
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:57:38 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 32
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hy1nekJChwScBhPk%2BcU%2BjQ52gX7zt%2BnSmLQdYoGHfv1gMTd%2Fhyicb6JlZ7GJ2gMy4x7E%2FFqSw5dZ8ZcvKqwZ%2FhanUwo%2BuGJbLj3x3tgQVQPwmvyXcZSrAvZipHJBGTlnq1xnpUgx8DD9bd6S"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793fcbf11dbb0b45-OSL
alt-svc: h2=":443"; ma=60
webmail.sharonswishes.com/socket.io/?EIO=4&transport=polling&t=OOQ9JLN&sid=wUelVhbD8cS6DLJgBE6L
188.114.97.1200 OK 28 B URL HTTP/1.1 webmail.sharonswishes.com/socket.io/?EIO=4&transport=polling&t=OOQ9JLN&sid=wUelVhbD8cS6DLJgBE6L
IP 188.114.97.1:0
File type ASCII text, with no line terminators
Hash 86de097d54457ad4fbf85150ea2dc2fb
194863f4b15ecf7eb4f38bf7ed46b688289be8a4
6301b31e8f84ba8a7465199ebf1c2341253198f21763ad7e7cf6fdebe3d832ec
POST /socket.io/?EIO=4&transport=polling&t=OOQ9JLN&sid=wUelVhbD8cS6DLJgBE6L HTTP/1.1
Host: webmail.sharonswishes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://webmail.sharonswishes.com
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/jgyhg5e96u/
Cookie: _ga_7WY85MQKRQ=GS1.1.1675475891.1.0.1675475891.0.0.0; _ga=GA1.1.932334685.1675475891; _ga_J4FFZPJQCN=GS1.1.1675475891.1.0.1675475891.0.0.0
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:57:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkHn02mmJx9ZL%2BZ0ktClL1vh3lpMtmh9NP%2FqrwEF2uz0JpsRztHlpYMXQrMFidGvLXsqgp8%2BOPqeVW8INHK%2B4nRSmeY%2B3RmrRZ6J6dL4hwKe4jvmPtjDcntCnQitAqgPAIwhnmdwMdfpj5L7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793fcbf10ba1b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
webmail.sharonswishes.com/socket.io/?EIO=4&transport=websocket&sid=wUelVhbD8cS6DLJgBE6L
188.114.97.1101 Switching Protocols 0 B URL HTTP/1.1 webmail.sharonswishes.com/socket.io/?EIO=4&transport=websocket&sid=wUelVhbD8cS6DLJgBE6L
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=4&transport=websocket&sid=wUelVhbD8cS6DLJgBE6L HTTP/1.1
Host: webmail.sharonswishes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://webmail.sharonswishes.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hqX3dC7/KQuGhN3gPHS+Lg==
Connection: keep-alive, Upgrade
Cookie: _ga_7WY85MQKRQ=GS1.1.1675475891.1.0.1675475891.0.0.0; _ga=GA1.1.932334685.1675475891; _ga_J4FFZPJQCN=GS1.1.1675475891.1.0.1675475891.0.0.0
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 04 Feb 2023 01:57:38 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G+A4PRh+l0Ej3/X+ZIv8F1F3dA8=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29SIX10tY%2BBnKGFE5kFrs4f%2FUp%2BokJhTQawRmm45Xt8lHiZ62PmDns6wYlis2WcyCRod3oGROSgYKM319ruJ7e6AAxnOARYKE1v8OvAj23H%2FwMmBMeNJ15B1N%2BuyqFfKt580%2FzipOPn9R90x"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793fcbf11bbbb524-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7855
Expires: Sat, 04 Feb 2023 04:08:33 GMT
Date: Sat, 04 Feb 2023 01:57:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7855
Expires: Sat, 04 Feb 2023 04:08:33 GMT
Date: Sat, 04 Feb 2023 01:57:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7855
Expires: Sat, 04 Feb 2023 04:08:33 GMT
Date: Sat, 04 Feb 2023 01:57:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7855
Expires: Sat, 04 Feb 2023 04:08:33 GMT
Date: Sat, 04 Feb 2023 01:57:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:30:47 GMT
age: 5211
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1.bp.blogspot.com/-gEvumIns2Ng/YkIvEUGDB3I/AAAAAAAAAZ4/NEDrkoO8JycWmQe3wwchiJ-MKaVj0UqtwCK4BGAYYCw/s220/19.jpg
142.250.74.161200 OK 3.9 kB URL HTTP/1.1 1.bp.blogspot.com/-gEvumIns2Ng/YkIvEUGDB3I/AAAAAAAAAZ4/NEDrkoO8JycWmQe3wwchiJ-MKaVj0UqtwCK4BGAYYCw/s220/19.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash 0a9efadda7057e56787893d0043dae6e
d7a8582d9fd2562e2b249e7ca2e686adc8b4db18
595f5b042b32dac6474f82fa5073f9e91162ee47358b42f509504911fa38ef94
GET /-gEvumIns2Ng/YkIvEUGDB3I/AAAAAAAAAZ4/NEDrkoO8JycWmQe3wwchiJ-MKaVj0UqtwCK4BGAYYCw/s220/19.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="19.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3911
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:28:05 GMT
Expires: Fri, 03 Feb 2023 09:28:35 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 1773
ETag: "v1a4"
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 13937
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:47:06 GMT
age: 15032
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41580a501cc07c328e6ab6b167a110dc
a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e
0fa45161e563101b3f1293f951a3edf84c88c9f3b29bed9b54f952ca325bf21d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7101
x-amzn-requestid: 479d8004-430a-45b9-99fa-11cbcc605a7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHxqoAMFaug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-25ac3c54427748bc191fd1ba;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1-NjCSeyrUAwvL2BDl1JXYK0WY0ze5FZz5-chZ6x2IEnDQBw9rEv6w==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:11:51 GMT
age: 13547
etag: "a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f926cd4f39b1a10b152e5959b28ae29e
2b1982d21321071394e363888e007598e968fb35
a51b246a9aa5a2583cae7fd4f0a3bdf73f0b318b7838828d36ea5674a5f26753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13309
x-amzn-requestid: f6a3f0f3-d91b-4f4d-8265-0f87742ba5d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFeBFX4oAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd82bf-5808ceec265756c702d212dc;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:55:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WWjzs8W8GmSAM0-Uc8XBTxz67RJJCIzp3fBYhkoIWZ26UrobmZV8mw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:14:12 GMT
etag: "2b1982d21321071394e363888e007598e968fb35"
content-type: image/jpeg
age: 13406
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 13914
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
webmail.sharonswishes.com/socket.io/?EIO=4&transport=polling&t=OOQ9JOh&sid=wUelVhbD8cS6DLJgBE6L
188.114.97.1200 OK 1 B URL HTTP/1.1 webmail.sharonswishes.com/socket.io/?EIO=4&transport=polling&t=OOQ9JOh&sid=wUelVhbD8cS6DLJgBE6L
IP 188.114.97.1:0
File type very short file (no magic)
Hash 1679091c5a880faf6fb5e6087eb1b2dc
c1dfd96eea8cc2b62785275bca38ac261256e278
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
GET /socket.io/?EIO=4&transport=polling&t=OOQ9JOh&sid=wUelVhbD8cS6DLJgBE6L HTTP/1.1
Host: webmail.sharonswishes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/jgyhg5e96u/
Cookie: _ga_7WY85MQKRQ=GS1.1.1675475891.1.0.1675475891.0.0.0; _ga=GA1.1.932334685.1675475891; _ga_J4FFZPJQCN=GS1.1.1675475891.1.0.1675475891.0.0.0
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:57:38 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 1
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOO4DWi1gItbJnqxjtDdPatCMSo2hj3zAO2otNZOBhfaIRZ%2FNc5Kdpjj7StWjc9thNsZMobJbEO1GA41GOT11wI%2FeIURIGHx5UBQeew%2BMb1UdzlTFgMS4Ks6tk2jpRr4Pq8mJE%2FBkFZNaBIp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793fcbf26c47b515-OSL
alt-svc: h2=":443"; ma=60
region1.google-analytics.com/g/collect?v=2&tid=G-7WY85MQKRQ>m=45je3210&_p=1532718169&cid=932334685.1675475891&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675475891&sct=1&seg=0&dl=http%3A%2F%2Fwebmail.sharonswishes.com%2Fjgyhg5e96u%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-7WY85MQKRQ>m=45je3210&_p=1532718169&cid=932334685.1675475891&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675475891&sct=1&seg=0&dl=http%3A%2F%2Fwebmail.sharonswishes.com%2Fjgyhg5e96u%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7WY85MQKRQ>m=45je3210&_p=1532718169&cid=932334685.1675475891&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675475891&sct=1&seg=0&dl=http%3A%2F%2Fwebmail.sharonswishes.com%2Fjgyhg5e96u%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://webmail.sharonswishes.com
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://webmail.sharonswishes.com
date: Sat, 04 Feb 2023 01:57:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-J4FFZPJQCN>m=45je3210&_p=1532718169&cid=932334685.1675475891&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675475891&sct=1&seg=0&dl=http%3A%2F%2Fwebmail.sharonswishes.com%2Fjgyhg5e96u%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-J4FFZPJQCN>m=45je3210&_p=1532718169&cid=932334685.1675475891&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675475891&sct=1&seg=0&dl=http%3A%2F%2Fwebmail.sharonswishes.com%2Fjgyhg5e96u%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-J4FFZPJQCN>m=45je3210&_p=1532718169&cid=932334685.1675475891&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675475891&sct=1&seg=0&dl=http%3A%2F%2Fwebmail.sharonswishes.com%2Fjgyhg5e96u%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://webmail.sharonswishes.com
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://webmail.sharonswishes.com
date: Sat, 04 Feb 2023 01:57:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 01:44:08 GMT
expires: Sat, 04 Feb 2023 03:44:08 GMT
cache-control: public, max-age=7200
age: 810
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 244ab3fb47f6a03fd70efb8e249fc799
624fcee03dd119242c1edd121985dada6b3bca1a
ab0fa93d5342a50ef1f69aadf2eccc4154c2ac5c4bea98dce08ed6451560acb6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5408
Cache-Control: max-age=160403
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:38 GMT
Etag: "63dd7606-2d7"
Expires: Sun, 05 Feb 2023 22:31:01 GMT
Last-Modified: Fri, 03 Feb 2023 21:00:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 727
www.google-analytics.com/j/collect?v=1&_v=j99&a=1532718169&t=pageview&_s=1&dl=http%3A%2F%2Fwebmail.sharonswishes.com%2Fjgyhg5e96u%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=2016466407&gjid=1782424860&cid=932334685.1675475891&tid=UA-88149946-1&_gid=1732381035.1675475892&_r=1&_slc=1>m=457e3210&z=1088174296
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1532718169&t=pageview&_s=1&dl=http%3A%2F%2Fwebmail.sharonswishes.com%2Fjgyhg5e96u%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=2016466407&gjid=1782424860&cid=932334685.1675475891&tid=UA-88149946-1&_gid=1732381035.1675475892&_r=1&_slc=1>m=457e3210&z=1088174296
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1532718169&t=pageview&_s=1&dl=http%3A%2F%2Fwebmail.sharonswishes.com%2Fjgyhg5e96u%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=2016466407&gjid=1782424860&cid=932334685.1675475891&tid=UA-88149946-1&_gid=1732381035.1675475892&_r=1&_slc=1>m=457e3210&z=1088174296 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://webmail.sharonswishes.com
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://webmail.sharonswishes.com
date: Sat, 04 Feb 2023 01:57:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
webmail.sharonswishes.com/favicon.ico
188.114.97.1404 Not Found 237 B URL HTTP/1.1 webmail.sharonswishes.com/favicon.ico
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 8ad75668cf2f76167ef472da09f335e4
69b56273016edb8c6fa70e5603086a327c7110f7
f9a6fa8e4c6a823eb09771064433ca39f34e23c2767df258903ed9364d6e449b
GET /favicon.ico HTTP/1.1
Host: webmail.sharonswishes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/jgyhg5e96u/
Cookie: _ga_7WY85MQKRQ=GS1.1.1675475891.1.0.1675475891.0.0.0; _ga=GA1.1.932334685.1675475891; _ga_J4FFZPJQCN=GS1.1.1675475891.1.0.1675475891.0.0.0
HTTP/1.1 404 Not Found
Date: Sat, 04 Feb 2023 01:57:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCrQwv%2Fai2xbf%2FGb%2FOX5JPy4JsETEUoegbNjHA8aZpPkwAHu1ZLekwWgfXAstI%2FmgpIQhL8HiKBMTT%2FyCnZ%2BB4U9yiXuKoBxNmbyjl9tp1Yr2tOn5ZOxHNiTVZpkGhmZzXOhM0aOdvOPbDCg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793fcbf4fd55b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-0joo3x_HmEA/YDliRVbZCQI/AAAAAAABP64/3vvRrN7DSXQXmkEnh4RL3mJrmtoiUue7gCLcBGAsYHQ/s0/no_avatar.jpg
142.250.74.161200 OK 1.3 kB URL HTTP/2 1.bp.blogspot.com/-0joo3x_HmEA/YDliRVbZCQI/AAAAAAABP64/3vvRrN7DSXQXmkEnh4RL3mJrmtoiUue7gCLcBGAsYHQ/s0/no_avatar.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 100x100, components 3\012- data
Hash 75872205c6859ce2a747847d367bbdb9
738b608af67d4358e5dd11e8d02170f3684d9284
fc678930e3ca735466aa83305290fc821faa5fe7480cbe08d99b060136514d39
GET /-0joo3x_HmEA/YDliRVbZCQI/AAAAAAABP64/3vvRrN7DSXQXmkEnh4RL3mJrmtoiUue7gCLcBGAsYHQ/s0/no_avatar.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="no_avatar.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1291
x-xss-protection: 0
date: Sat, 04 Feb 2023 01:28:09 GMT
expires: Sat, 28 Jan 2023 05:04:59 GMT
cache-control: public, max-age=86400, no-transform
age: 1770
etag: "v13fb0"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
photo-cms-kienthuc.epicdn.me/zoom/800/uploaded/ctvkhoahoc/2020_05_29/hotgirl-cuu-kiem-3d-sexy-cu-livestream-la-anh-em-game-thu-mat-mau.jpg
103.39.92.95200 OK 123 kB URL HTTP/2 photo-cms-kienthuc.epicdn.me/zoom/800/uploaded/ctvkhoahoc/2020_05_29/hotgirl-cuu-kiem-3d-sexy-cu-livestream-la-anh-em-game-thu-mat-mau.jpg
IP 103.39.92.95:0
ASN #18403 FPT Telecom Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3\012- data
Size 123 kB (122979 bytes)
Hash b7408acf55cb40e9d7a733a3e137b4ca
d77e6aa7eee33a67bf4de46b80ecb03b1c2ca098
0905df78fe846ca59792b659dad5f2bf4fc2e991f509e522f5f4ecb1021886e0
GET /zoom/800/uploaded/ctvkhoahoc/2020_05_29/hotgirl-cuu-kiem-3d-sexy-cu-livestream-la-anh-em-game-thu-mat-mau.jpg HTTP/1.1
Host: photo-cms-kienthuc.epicdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
server: Universe
cache-control: max-age=7776000,no-transform
expires: Fri, 05 May 2023 01:57:38 GMT
date: Sat, 04 Feb 2023 01:57:38 GMT
last-modified: Sat, 04 Feb 2023 01:57:38 GMT
content-length: 122979
content-type: image/jpeg
X-Firefox-Spdy: h2
4.bp.blogspot.com/-9VtBx-YogUM/YkIu3z0gLKI/AAAAAAAAAYw/kCyXiqKIjxg76f988-48iID0USZG5pIQACK4BGAYYCw/s220/12.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/1.1 4.bp.blogspot.com/-9VtBx-YogUM/YkIu3z0gLKI/AAAAAAAAAYw/kCyXiqKIjxg76f988-48iID0USZG5pIQACK4BGAYYCw/s220/12.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash bb142a80b5d10aea174eea693bc6c283
05c3cb9ca1d1014011265303e15ca95271bd5500
516860c862f6de0906fb54d9ec06363f954292a71ca7d1e8ea8fcc18c1ff4466
GET /-9VtBx-YogUM/YkIu3z0gLKI/AAAAAAAAAYw/kCyXiqKIjxg76f988-48iID0USZG5pIQACK4BGAYYCw/s220/12.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="12.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2641
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:28:03 GMT
Expires: Fri, 03 Feb 2023 10:28:40 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 1777
ETag: "v1a4"
Content-Type: image/jpeg
1.bp.blogspot.com/-pPQuvI2YrW4/YkIu0kvOFvI/AAAAAAAAAYg/gh27SiFb834neeQu9Ls_Zqgo0sww0QsYQCK4BGAYYCw/s220/10.jpg
142.250.74.161200 OK 2.7 kB URL HTTP/1.1 1.bp.blogspot.com/-pPQuvI2YrW4/YkIu0kvOFvI/AAAAAAAAAYg/gh27SiFb834neeQu9Ls_Zqgo0sww0QsYQCK4BGAYYCw/s220/10.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash 469f0352ca90219699b972375c3eea25
10b2a522f48f7bb948a9bc798a3866a88dcb9b17
4917740d27e4c5d8115dba528dd0c2bd81c2581f251ae730ae76f515c091d3b6
GET /-pPQuvI2YrW4/YkIu0kvOFvI/AAAAAAAAAYg/gh27SiFb834neeQu9Ls_Zqgo0sww0QsYQCK4BGAYYCw/s220/10.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="10.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2698
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:28:03 GMT
Expires: Fri, 03 Feb 2023 09:28:40 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 1779
ETag: "v1a5"
Content-Type: image/jpeg
3.bp.blogspot.com/-5vBkXxC5ENo/YkIuxtYwAqI/AAAAAAAAAYQ/SzE0VMcc3tcPMD6XdCEt4q-doLam4m-XQCK4BGAYYCw/s220/8.jpg
142.250.74.161200 OK 3.6 kB URL HTTP/1.1 3.bp.blogspot.com/-5vBkXxC5ENo/YkIuxtYwAqI/AAAAAAAAAYQ/SzE0VMcc3tcPMD6XdCEt4q-doLam4m-XQCK4BGAYYCw/s220/8.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash f531f2c827aa48b6cf06233c2ccb399f
796cf8977e05155a0a53b0ae1862764f547e546b
1bd9c8392b32b9f542d99d29c7d3efeb8c8713e12b371b1110397582530b24bb
GET /-5vBkXxC5ENo/YkIuxtYwAqI/AAAAAAAAAYQ/SzE0VMcc3tcPMD6XdCEt4q-doLam4m-XQCK4BGAYYCw/s220/8.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="8.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3558
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:57:43 GMT
Expires: Fri, 03 Feb 2023 10:54:11 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1a4"
Content-Type: image/jpeg
Age: 0
cdn.socket.io/3.0.0/socket.io.min.js
143.204.55.115200 OK 0 B URL HTTP/2 cdn.socket.io/3.0.0/socket.io.min.js
IP 143.204.55.115:0
GET /3.0.0/socket.io.min.js HTTP/1.1
Host: cdn.socket.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.sharonswishes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="socket.io.min.js"
content-encoding: gzip
date: Sat, 05 Nov 2022 22:34:53 GMT
etag: W/"508a736853f79cae3e5c99042616b6f5"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::67cpx-1667687693316-d8c7618aca4a
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zIah9jvEwp8ZGAQcBMo7Od3AOyz25Va4kAzq8N15MURSEciL5MYYgw==
age: 7788163
X-Firefox-Spdy: h2