r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6840
Expires: Sat, 10 Dec 2022 13:13:28 GMT
Date: Sat, 10 Dec 2022 11:19:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14046
Expires: Sat, 10 Dec 2022 15:13:34 GMT
Date: Sat, 10 Dec 2022 11:19:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6493
Expires: Sat, 10 Dec 2022 13:07:41 GMT
Date: Sat, 10 Dec 2022 11:19:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 11:08:23 GMT
content-type: application/json
age: 665
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ONekjQkCq6QbiRvLstAc2+W9Q2SnR0hOQUoXi+xmwBBiBsw6ozTQahkBBupFZUNUn2i1jXSrmDM=
x-amz-request-id: 3XQT05GAKCJSX10P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 10:48:45 GMT
age: 1843
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.secretswipes.com/x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US
172.67.222.188200 OK 1.3 kB URL HTTP/1.1 www.secretswipes.com/x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US
IP 172.67.222.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2302)
Hash 38919e77cb16205ec914bc087bccf08b
c1c170e36e508d6437e4fe5258e3375ed83dd53c
92fb68097cab97b35239a7e349f37ff9f5b8b83aa7410b6b1188681951cbc57d
GET /x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 11:19:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FJ3siFJoQx7shqfAeRdATuasY9QRRVD01LNfoqpr7pyjbAuvByNF14SS9bXoToo94adX68w7WNirzW8HWTJs%2BfrNwJ2M6kz7YqedSdLmHTNPpnAE0pykwRqRNAj12MxQX6cCd%2FpDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777595f39c06b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 11:19:28 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8cb3e9d21df17ecdd16c24efd683bde9
32f7d2ac537748fcbfe94a4bb82cb6279b268d13
b9c8bf773209c17a79c62d2adb59cd0671d618d65f40befcc7c565851473e591
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3630
Cache-Control: max-age=129257
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 11:19:29 GMT
Etag: "6393b2fc-117"
Expires: Sun, 11 Dec 2022 23:13:46 GMT
Last-Modified: Fri, 09 Dec 2022 22:13:16 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 279
www.secretswipes.com/js/app.js
172.67.222.188200 OK 674 B URL HTTP/1.1 www.secretswipes.com/js/app.js
IP 172.67.222.188:0
Hash 061b68d44cfa4a131cd8596ad94ff02c
e25d045fd5ea13cea15575bb2d5643ce2c891e3a
8d28da6f804ba1b617c264575118684fbb63423e54eb4950946635b4dec96dc2
Analyzer Verdict Alert fortinet Phishing
GET /js/app.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 11:19:29 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sat, 17 Sep 2022 17:19:51 GMT
vary: Accept-Encoding
etag: W/"632601b7-504"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9I4TgXD%2F2kVj8mFZYeLD4ylHaJSy3%2FR1iV1uC5a5eQ3kcc9ar9BKgy7BbBHjwMMADRWdQoQ2R%2FvYX70%2Fu2mAwn1SmQleQXAtP2pjfXgf94pKHn9eHcuczA5ta7NWo5RwbwMsplBuBg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777595f5ae71b506-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8cb3e9d21df17ecdd16c24efd683bde9
32f7d2ac537748fcbfe94a4bb82cb6279b268d13
b9c8bf773209c17a79c62d2adb59cd0671d618d65f40befcc7c565851473e591
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125627
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 11:19:29 GMT
Etag: "6393b2fc-117"
Expires: Sun, 11 Dec 2022 22:13:16 GMT
Last-Modified: Fri, 09 Dec 2022 22:13:16 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8cb3e9d21df17ecdd16c24efd683bde9
32f7d2ac537748fcbfe94a4bb82cb6279b268d13
b9c8bf773209c17a79c62d2adb59cd0671d618d65f40befcc7c565851473e591
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3630
Cache-Control: max-age=129257
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 11:19:29 GMT
Etag: "6393b2fc-117"
Expires: Sun, 11 Dec 2022 23:13:46 GMT
Last-Modified: Fri, 09 Dec 2022 22:13:16 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 21697c745ba69ea1cf647d3064a5a14f
ceeb38674cd3e2dde0484a1542b730b1152e9713
9a875600b4b105ce4b0d325b82fd242eb82f4e0aaa7c2ab5f51369893738f608
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9A875600B4B105CE4B0D325B82FD242EB82F4E0AAA7C2AB5F51369893738F608"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12651
Expires: Sat, 10 Dec 2022 14:50:20 GMT
Date: Sat, 10 Dec 2022 11:19:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 165a6d5b7aecfaa26b0d9111a62bd8d6
7451b4e5166c5db04d0eb39c1a6bb731fc8979d8
044e3e1a63e9539837fdb57c48cfd56612c24cdb114a98d43da1e6d78261fdc8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4763
Cache-Control: max-age=166758
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 11:19:29 GMT
Etag: "6394410c-116"
Expires: Mon, 12 Dec 2022 09:38:47 GMT
Last-Modified: Sat, 10 Dec 2022 08:19:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 11:07:55 GMT
age: 694
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
app.api-push.com/get-keys
172.64.163.28204 No Content 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Dec 2022 11:19:29 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x0ZVP2RHft8EhSla20zHxjGQmTOg%2FL6SpK8Fg%2FMOc1b%2BLwkBcSA8Hir%2Ft%2BJtKs%2FcdFVETkyALWCp7qZGSbss1k6Cgb2ApWlnOK9SRlEg1LZHD3niLx43Wdyzo%2BRYb%2FQJtoy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777595f7e87088a9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secretswipes.com/x/wqk20dkm2/files/EN.png
172.67.222.188200 OK 29 kB URL HTTP/1.1 www.secretswipes.com/x/wqk20dkm2/files/EN.png
IP 172.67.222.188:0
File type PNG image data, 330 x 135, 8-bit/color RGBA, non-interlaced\012- data
Hash b2f28b3000420066f48af164639a7e5e
50d1ad22e100ac9a02b6f1f73d48ce2215d3611e
74d002f1041cf271e8d7a63363f0fd4d8b7ef75938f18e6f24144dea6a199fce
GET /x/wqk20dkm2/files/EN.png HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 11:19:29 GMT
Content-Type: image/png
Content-Length: 28702
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-701e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50OhTXsKdoyF%2FvauV2jqhSb4XnnQKOLhSTNElfoTxCgXb2VMl6pIpOwJjGFb%2Bl9LTeGniWj7eIRI9QviJ1nmgYho6VBRvL14N%2FeVK2S0RZnWZp8NzFKvI1ZiP2ASQI%2BxxYZqGlLREw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 777595f68f80b506-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 165a6d5b7aecfaa26b0d9111a62bd8d6
7451b4e5166c5db04d0eb39c1a6bb731fc8979d8
044e3e1a63e9539837fdb57c48cfd56612c24cdb114a98d43da1e6d78261fdc8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6225
Cache-Control: max-age=168220
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 11:19:29 GMT
Etag: "6394410c-116"
Expires: Mon, 12 Dec 2022 10:03:09 GMT
Last-Modified: Sat, 10 Dec 2022 08:19:24 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
app.api-push.com/get-keys
172.64.163.28200 OK 1.3 kB URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
File type JSON data\012- , ASCII text, with very long lines (2183), with no line terminators
Hash 99f36b47617eb61f2c0dc2cdace4c229
34b4d5ed39b03a0a2eacc60fcc50470183aa850f
5e19cecbb1e79c6c41da265d846fc0cad6a3410b94149d835cec81f418740f77
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US
Content-Length: 89
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 11:19:29 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEc5CHm3gKxVaPzVUaj0xxiEbDkhdekYLmnP6nsgWe5Qo1JAotoNIkXxkD%2FbDIzILacRnn7cFyUlFXb53SCX7blGOn5W7w7aAfVjfkviTSdslXqxp2oPYEjXR1aTAf0DZcir"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777595f8895888a9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 44d4574b46375a2d215ae74bc5eae610
5257ed3edeb56231a9bee921671bb2e0c566000e
923454b28e4fa10085df809768a75c2d9f58f104afa016c06ccca7a26479073b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4624
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 11:19:29 GMT
Last-Modified: Sat, 10 Dec 2022 10:02:25 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
tag.swpush.com/action-track
172.67.146.180204 No Content 0 B URL HTTP/2 tag.swpush.com/action-track
IP 172.67.146.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Dec 2022 11:19:29 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTGcjEzK87reKcX%2ByZC2dicmjq5luWG%2BFZ%2F7YtE8dcu6XwpT5bME%2FCK6RVlSGAwqKcUgqBhJJ98MxfqjQjIQZ6VDQgHN8iJU2GJtrU%2FmB2GFHI%2F853KaRIP%2Bv2c37Axmsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777595f8cffa0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tag.swpush.com/action-track
172.67.146.180204 No Content 0 B URL HTTP/2 tag.swpush.com/action-track
IP 172.67.146.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Dec 2022 11:19:29 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2SyB8HbPCFcPXFX2cfSYruWMbrlBzUk2oDoW9ALDE%2BT6uQaazzY1fxbAypUVtDGuA%2FPMWXLohs%2BmF3MOPrUOgfqpXMtAE24cbJEC21p51zCCMtOW0%2Fw1d8PrZImGuEo4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777595f8d8010b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tag.swpush.com/action-track
172.67.146.180400 Bad Request 41 B URL HTTP/2 tag.swpush.com/action-track
IP 172.67.146.180:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b3d1dfa17a6e2be3f51bc4daf604435
374418a2d177a4012685476a2c1643e15e546e64
6bfccd30af11322070311b7f99ff7682ae00513fade6ecec5bf5bd10c34e2d1d
POST /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US
Content-Length: 64
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
date: Sat, 10 Dec 2022 11:19:29 GMT
content-type: application/json; charset=utf-8
content-length: 41
vary: Origin
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW0LzP8dvErK%2FlDWURlq1ISP4NZtfA%2B2Hw%2B3RUPh8Q0gZ%2Fuw4W%2BhkPMJ6mAS6hMXQfB%2BsD%2FIUlyrb7zivO1u9th32vvyzOZpoSrlv9%2FZ2%2Br0Q8tSynMBLxLjPUDwp6WxSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777595f9e8c50b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tag.swpush.com/action-track
172.67.146.180400 Bad Request 41 B URL HTTP/2 tag.swpush.com/action-track
IP 172.67.146.180:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b3d1dfa17a6e2be3f51bc4daf604435
374418a2d177a4012685476a2c1643e15e546e64
6bfccd30af11322070311b7f99ff7682ae00513fade6ecec5bf5bd10c34e2d1d
POST /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US
Content-Length: 64
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
date: Sat, 10 Dec 2022 11:19:29 GMT
content-type: application/json; charset=utf-8
content-length: 41
vary: Origin
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6OBnKY79fr4h15CrfOAR51lost2DcuY8hPLyeuNkadiFpbJRwfocBjZvJBa%2FIG6WgCPWo3B9c%2Fz14s4mX0Paiog4aVcRK8IRzBeSHF4GpqZbfWxl5qwr2QCX1Q3vep0Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777595f9d8bf0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
172.64.163.28204 No Content 0 B URL HTTP/2 subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8 HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 10 Dec 2022 11:19:29 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MWCoqus6Jlp9FUhK0C2LfX4bedyiEpuNNeWxEq4NgVBkXVIbK%2BJpAoAdMu8QNfxTr51hI3ugr2DEoCpgsiIgu5MjqFOOba8mOB2ZiCdtS9iKfpa4lPTamAF8D58GuR84gc%2B1nVtTrhO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777595f9eaf688a9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.242.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.242.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jbooE+JFbGz2LFD0AEF+ug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L314YjgC6ydo3i/B1Y2DTQVykJU=
subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
172.64.163.28200 OK 5 B URL HTTP/2 subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
IP 172.64.163.28:0
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8 HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 11:19:29 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KI5XJq6HAf5Ds3%2B%2BEjKbSAs%2BmDlzcHQFb%2FUGvq%2F2QGUDaHvbHSqKWz9yDbx1aILqGxAICtFWy0RXPJkD7Oo%2ButIRBcIvR6g4ZZIDi8PYhRxXFVuZaLm7eezPlZYpF642qppUhsvyjm97"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777595fb2c6388a9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secretswipes.com/x/wqk20dkm2/files/4.webp
172.67.222.188200 OK 1.7 MB URL HTTP/1.1 www.secretswipes.com/x/wqk20dkm2/files/4.webp
IP 172.67.222.188:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 1.7 MB (1693620 bytes)
Hash 9c4eac537772a435220c7af39e496f00
fe76679d54d72a0a7d381617c05e54b290022ae9
374b24bd266f0f1a59f3a1896c2b8c3a3a625eed4d18454a5dbfc37460a22d84
Analyzer Verdict Alert fortinet Phishing
GET /x/wqk20dkm2/files/4.webp HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 11:19:29 GMT
Content-Type: image/webp
Content-Length: 1693620
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-19d7b4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sabAxvk7fDSw7XqZZTVau2CjPWJgg20w1ojWBFuYcKM5OigFf%2FYdJo%2BTd142JA2D4Wc0KRnNcZ6l8mxATNSobMP3m2lyNf%2FD2k0nos9vjx7hUqt1D%2FY4k9lMKvjr16UKM1A2pLYpPw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 777595f69c5db51d-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/favicon.ico
172.67.222.188200 OK 3.5 kB URL HTTP/1.1 www.secretswipes.com/favicon.ico
IP 172.67.222.188:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1afd0490a7c54f3762f6d69a39fda96f
60ff08ef286f291f51397f5f64265b5785255f3e
acb0653f24a2eb7cadc905929864bb742896201ad86d5899c4ca44b77f14e96d
GET /favicon.ico HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/wqk20dkm2/?cep=90_ALoJXZnQ-r4whLC_ZadvcTrm8KnA3ue76tsrlP9pQgyBTe-VTbjOPGiFS9_xhxR4plt9WhEhMXjdAF4YTuHQTG9EnPtuqIR-anHOwxIdk4fE1g7KqLD15XkgSyn1FCv4r7QDXqC_fnrh9fTMfFVwAVhY0VnlfNWJQdeHJF1uE2aBd76AvreLK_rOaO7lh8R3CWuBcq_RrTWEMAD-FjpQ1nWA85UaZgDVMFsD3aKrVlfB3v6GaElhHUwRc0pQtj1vP37NmaRXh-In-422qSLK2hdwFzofOghCjV7FBZYT76QWI8gmoQksq8u5cuWl6FdU-1LycTNBkctum-oPngQEJzham-ofcfxXS0HHGc2188waHMO_QxHdW2hcG22tM9Uvx3GDXa17wuKrkrA12EQZko5FPQ8cBQKe6tMOqF-A6JTZLn3913XyDe_sW2mMp2DoOORLQgKyseyYv41L31A&lptoken=16dd70b6671729eb523d&pub=9881&source=_us&externalid=263946b2fcbea36.47104532&_ocid=ws6t62hkupridr2l20qhu25a&autocamp=_US
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 11:19:30 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 10 Oct 2021 05:17:00 GMT
vary: Accept-Encoding
etag: W/"6162774c-d90"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUBRdffSfbxurOFwYvvOHJ1eipdqjHDdsvDDU4eqMjFBmFyIcO995Wj3kp52SR4w9Fzm%2Ffe%2ByxhBvKF77ck1wox2gCjGimICIQmhbz0aUZFiORgfKZdz0aMrV%2BUrdUMfc9HIDfxixQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777595fbcd90b506-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 11:19:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 11:19:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 11:19:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 11:19:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a164807db41edd8da259af2cec18b328
99f89631065869ff2f25762feb2f39af108b5ed8
400c635040d3d141ec35237e64380b7cd1ba02016a90e36e8376afc41a14cb0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3357
x-amzn-requestid: 860c993a-e391-474a-b306-064c0faabc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eLwFaSoAMFwfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4b-30dcd029382c1d825f2a0791;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -MI_dPaTXZPndQzYo2R9p-UiDQNyRh76-XU2fhwjXyKiTVRLjNc3fQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:04 GMT
age: 47726
etag: "99f89631065869ff2f25762feb2f39af108b5ed8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ccbd106eb57e1a4f6d60408118fe2dd
cc916150425f00b44ede3ec473e3e248afabaf8d
740c62dfdd20f2fb7270ea602825ba7eaad99c4fe5ab8d726072909c6b73c87f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: a740ddf7-5325-4ac1-a694-aaa3d4345fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNUGIroAMFdlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-08856c7b0757108a5c6811c9;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1MetqwAsoOgTEJAPG8IneF4rj2579sLBLD_gw-745LeAncWCHW6J2Q==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:54 GMT
age: 47676
etag: "cc916150425f00b44ede3ec473e3e248afabaf8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YTqJN92gTy04q3obEXe4P1gmG2h9b2IQjjSkkUXyqnfFOL67uobN4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:58:18 GMT
age: 48072
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bVrZoVci4YfYCRAZqXhH60jeZdSTx3uS0lLKZB9DOfHBiqFvyAAkfw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:17 GMT
age: 48373
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg
34.120.237.76200 OK 1.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f6cfc43170be4dd0264f2b0b6bcc329
9ad22ea868f3b72832243fd11315c68117c7542b
f5cc67d46241c2f5aebc2515bf8828889f8ceda8112b78cdf925a260b82fd833
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 1584
x-amzn-requestid: 7743c8a6-118c-4c69-b833-a9e2f5561a54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw5VEGV8IAMFcOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903c20-41fdf6d004b388f51fa70833;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:09:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C-rch8kHcmyOYLHuNpf9UV4PSpU_VZPtF_GVMhp7hybdbo6zbw5Pzw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 04:52:30 GMT
age: 23220
etag: "9ad22ea868f3b72832243fd11315c68117c7542b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34fa3dbc-1a29-4161-8687-d9c7b1b04f14.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34fa3dbc-1a29-4161-8687-d9c7b1b04f14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 386207bd6fea7388d5df993a32147431
d513b937a9be6e95bfe0fcea0f3f0cb7e611c0de
40fa6a8207008d1fceb11fc9fb37c458e1ed2deac83a2fb5fcac80d9b7ca32fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34fa3dbc-1a29-4161-8687-d9c7b1b04f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9592
x-amzn-requestid: 1a8dca24-1776-4407-84d4-33fb975e49cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3fOXFSxoAMF-EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392df28-5ab03a853cf9c5ca57f4391f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FW-CGlMPjenlq0gPVxsJzPU5muMwgH_nzzNoQItyyQPOBEJdOFLdsw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 03:20:23 GMT
age: 28747
etag: "d513b937a9be6e95bfe0fcea0f3f0cb7e611c0de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn-dt.fcdn.info/cal2.min.js?_=1
104.21.234.86200 OK 0 B URL HTTP/2 cdn-dt.fcdn.info/cal2.min.js?_=1
IP 104.21.234.86:0
GET /cal2.min.js?_=1 HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 11:19:29 GMT
content-type: application/javascript
last-modified: Wed, 10 Feb 2021 18:52:34 GMT
etag: W/"60242b72-18e8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1492797
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fJtptBjdnSf%2BkvOw7PusBIw%2BkEJYZrSJ7vxbqaxfE6X23K9ZPU9ct3Fvk6b%2BqygoYtEUF0%2BKvAinfA4L%2BvrDIqThpAx3%2F9bAxuUKaQRMt%2BXGGZQDNguxzVzVSV%2FnTTwrUOW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 777595f68ff2dc29-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn-dt.fcdn.info/swpush.min.js
104.21.234.86200 OK 0 B URL HTTP/2 cdn-dt.fcdn.info/swpush.min.js
IP 104.21.234.86:0
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 11:19:29 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 829361
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcaPMOYNcdK6jg0gAn0gwAFYBC5DOKARDets1VrOWx2CUZoEiDrOEBuvHVfYBPWYqwaxbJOGyQmZkCYcauxEIoNHNtidl2OOxkD5wVM9LCV%2BdOUq2Gt85reKb2b8BRc%2B%2BnON"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 777595f69822dc29-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjam.com/cdn/sdialog.min.css?_=4
172.67.166.71200 OK 0 B URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP 172.67.166.71:0
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 11:19:30 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Hf9rd9M4FpF5T3VQ3qitaqSl88PqBWF5h86KjFlVdoisgrV9otIWcqYryQ%2B1zlQ7zs9ur%2BFFtKElDBFsMM25MUbAiEJ%2BJvi%2B6p4W8feAh%2FfmL1lYmm2QfJec%2FEq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777596029d2d0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theemforest.com/p/1
172.67.193.142200 OK 0 B IP 172.67.193.142:0
GET /p/1 HTTP/1.1
Host: theemforest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 11:19:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHUOT0xub2FVCjR%2FT5399%2Ffh4mHKaAThvZ4sOhqSJG7fYe4BYhUIALIP0uzXFoae6FAkwvtSPl8Jw%2FcZWce613Ab1USUmkchy7JgEaLeL5rJBlKZTBu6yFlvVjvMs%2F87OSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777595f7af03b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2