www.secretswipes.com/x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68
188.114.96.1200 OK 1.4 kB URL HTTP/1.1 www.secretswipes.com/x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3913)
Hash a73fbba708fa3c87d7d3aabac6ead216
4b98966070c3c6d1a66dca84bacab22f1e0c8aed
b7ccb6b39be5294403bc9210f26694c880c4436e812122368e61cd54a98fb861
GET /x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68 HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:29:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNeHJwsMJ1MSpMIylZWId06ds812KtrsAIB4DQGAg%2B6Jw7vyBAc%2F0k%2B5LccFuS42mtEcGp9WDcu6iwRmY%2F%2BDVD4t2u4ddVyxr6zaJ3TDOluszVhEY5aBS063BIj0C242k2%2BUI2dowA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7800589f3bebb51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb20c18681040b740ab1730562beb45c
abedefb801b0e13987d6619a77e0368771f9dfcb
288c1832db391da57e3d74ffa893ec2c47ef9c1945f85b88473c563b55a3dfb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "288C1832DB391DA57E3D74FFA893EC2C47EF9C1945F85B88473C563B55A3DFB3"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2919
Expires: Tue, 27 Dec 2022 08:18:16 GMT
Date: Tue, 27 Dec 2022 07:29:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9cce060ddc316540d079e6816a1e7412
709a74969d1996d2b35ef0f7f34ae18455169f1e
6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3507
Expires: Tue, 27 Dec 2022 08:28:04 GMT
Date: Tue, 27 Dec 2022 07:29:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 27 Dec 2022 06:46:38 GMT
content-type: application/json
age: 2579
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c298d0b2a05562a7ece94adf3589dacd
266befe104baa47e94fe0b9d00d10f96518b6525
a00a7433c6ee020d40e43fb5c821b8f2b835107852be361317fd2dfdcc4f0a15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A00A7433C6EE020D40E43FB5C821B8F2B835107852BE361317FD2DFDCC4F0A15"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3238
Expires: Tue, 27 Dec 2022 08:23:35 GMT
Date: Tue, 27 Dec 2022 07:29:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mbCD+C+n91NdKJLNjzp6flCmJZtAAjEwVe7ADGELo9NNd2cQP78+sdJvCNcmgn52+XvbnLKmYy8=
x-amz-request-id: Y5N9ZE1Q95EA78EN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Dec 2022 06:55:38 GMT
age: 2039
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 07:29:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.secretswipes.com/js/app.js
188.114.96.1200 OK 674 B URL HTTP/1.1 www.secretswipes.com/js/app.js
IP 188.114.96.1:0
Hash 061b68d44cfa4a131cd8596ad94ff02c
e25d045fd5ea13cea15575bb2d5643ce2c891e3a
8d28da6f804ba1b617c264575118684fbb63423e54eb4950946635b4dec96dc2
Analyzer Verdict Alert fortinet Phishing
GET /js/app.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:29:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sat, 17 Sep 2022 17:19:51 GMT
vary: Accept-Encoding
etag: W/"632601b7-504"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaMHGcRigud4BqcHVOwaNF1CKEcJrQ79yId3r4YtMrGHLiBeVHjla2qaEQ6D64k1BRjuFRr3D5cQz1DT4b2f%2FeH%2Fo3ndlxV%2B7fmtaIKMJG0%2FvixNqfIX8a1uts4J54uw2JWFlDchKw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 780058a1cf55b529-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 86dbac6ed80415f3b03c825f0d979f07
f84a9953c92b9b15e1b558733f5c3d016e6534a3
aef2213617254452ed58bdc3e8026cf5554f2accb9ca78f448ff92dac4549d46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 98
Cache-Control: max-age=139524
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:37 GMT
Etag: "63aa1c83-117"
Expires: Wed, 28 Dec 2022 22:15:01 GMT
Last-Modified: Mon, 26 Dec 2022 22:13:23 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 86dbac6ed80415f3b03c825f0d979f07
f84a9953c92b9b15e1b558733f5c3d016e6534a3
aef2213617254452ed58bdc3e8026cf5554f2accb9ca78f448ff92dac4549d46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=139426
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:37 GMT
Etag: "63aa1c83-117"
Expires: Wed, 28 Dec 2022 22:13:23 GMT
Last-Modified: Mon, 26 Dec 2022 22:13:23 GMT
Server: nginx
Content-Length: 279
cdn-dt.fcdn.info/cal2.min.js?_=1
104.21.234.86200 OK 2.5 kB URL HTTP/2 cdn-dt.fcdn.info/cal2.min.js?_=1
IP 104.21.234.86:0
File type ASCII text, with very long lines (6375)
Hash 9f88ab6f2bf0cd8e1b2563a2b1eab3ff
749ba9d728a61b485752840288efcd657c776b59
d07e5a109723129c9562977d70b5274151dc2990219ee95f80950574183022d6
GET /cal2.min.js?_=1 HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Dec 2022 07:29:37 GMT
content-type: application/javascript
last-modified: Wed, 10 Feb 2021 18:52:34 GMT
etag: W/"60242b72-18e8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 303061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0t8yoWShGqvT3XZxnfkTWQBB7gl0rPRewD6qCqkU7TApuBmwS6a7t12wszquoxffJfdQ4w6zY3pn5pIRQetKIKgwgTQLI18h2ku%2BRIs2v9vOB0gBYLzGZyJab8i5wUzAgY7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780058a2b9ef891e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secretswipes.com/x/qdkj289xd/files/jquery-3.5.1.min.js
188.114.96.1200 OK 31 kB URL HTTP/1.1 www.secretswipes.com/x/qdkj289xd/files/jquery-3.5.1.min.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (65451)
Hash afc5d07cd09f82e0b39ed2d05f6f16f5
41f2b25919d6493209e8ec1cd79ee006d1e1baa2
75fa5b5e9a01bb1488649ba9f0751bcdee5815038557bd17716ca8af5f24c030
Analyzer Verdict Alert fortinet Phishing
GET /x/qdkj289xd/files/jquery-3.5.1.min.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:29:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
vary: Accept-Encoding
etag: W/"628e85c2-15d84"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkwUSayI%2Fp9p7dTCjd4XSDQfpJnDHQg%2B9PISm9g4Tsefq3sduHivMGuyxDR%2FacKVxh1IiDgQ7fWmZDRKiVdvCunK5ko4viOKLbjvYrPz%2BBEn8rM8MeU8Uf5znbKFsEcERgYElWXmMw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 780058a1bdc0b51b-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 27 Dec 2022 07:08:07 GMT
age: 1290
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d2c92293802ea021b4890b93ce1940e
e2db47f90eae4316fd3e50efa65c6decd15d5766
313ac006f09b85b35633bb6c03fd1b98d3539aed6c4a15b6e22eeb1f9e50e283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 761
Cache-Control: max-age=121470
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:38 GMT
Etag: "63a9d367-117"
Expires: Wed, 28 Dec 2022 17:14:08 GMT
Last-Modified: Mon, 26 Dec 2022 17:01:27 GMT
Server: ECS (amb/6BA7)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d2c92293802ea021b4890b93ce1940e
e2db47f90eae4316fd3e50efa65c6decd15d5766
313ac006f09b85b35633bb6c03fd1b98d3539aed6c4a15b6e22eeb1f9e50e283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3834
Cache-Control: max-age=124543
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:38 GMT
Etag: "63a9d367-117"
Expires: Wed, 28 Dec 2022 18:05:21 GMT
Last-Modified: Mon, 26 Dec 2022 17:01:27 GMT
Server: ECS (amb/6B9F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d2c92293802ea021b4890b93ce1940e
e2db47f90eae4316fd3e50efa65c6decd15d5766
313ac006f09b85b35633bb6c03fd1b98d3539aed6c4a15b6e22eeb1f9e50e283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120709
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:38 GMT
Etag: "63a9d367-117"
Expires: Wed, 28 Dec 2022 17:01:27 GMT
Last-Modified: Mon, 26 Dec 2022 17:01:27 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d2c92293802ea021b4890b93ce1940e
e2db47f90eae4316fd3e50efa65c6decd15d5766
313ac006f09b85b35633bb6c03fd1b98d3539aed6c4a15b6e22eeb1f9e50e283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120709
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:38 GMT
Etag: "63a9d367-117"
Expires: Wed, 28 Dec 2022 17:01:27 GMT
Last-Modified: Mon, 26 Dec 2022 17:01:27 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68ee4e2891b5a52719997e4ef8cb7aab
ae2e49eff010551d7f3dcf005a51530ee2910480
2bae50a834a34f248f6a79cf6f191dcf709c24b884f2d3da7fa43985c6b2d48b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 978
Cache-Control: max-age=93208
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:38 GMT
Etag: "63a96428-1d7"
Expires: Wed, 28 Dec 2022 09:23:06 GMT
Last-Modified: Mon, 26 Dec 2022 09:06:48 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP 142.250.74.131:0
Hash e493efe44a076b24e146ead82d801718
5729d1fe656595a370af4c64c6cb5007e9a22c5d
7119074c02b108adba4bdeebfbe3894ff912b055f2693e96e2b8a620bc912e1b
POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.secretswipes.com/x/qdkj289xd/files/logo.png
188.114.96.1200 OK 19 kB URL HTTP/1.1 www.secretswipes.com/x/qdkj289xd/files/logo.png
IP 188.114.96.1:0
File type PNG image data, 250 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e03865b16d4dad040136153a89a11db
9a588bddf7f92992327d40f9138cc5d1163a740d
1970ecb21395cf905459f0dc299c6230ed1b0fc00d99d6e8cf627651d525e46d
GET /x/qdkj289xd/files/logo.png HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:29:38 GMT
Content-Type: image/png
Content-Length: 19184
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-4af0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBHrIokuw5wxuPPRqE%2FvYx%2FIynuX61JhGueKG2Hmwymb%2FwDamtMECmaq%2FU1gLqba0MpUhgWGX5b0McmcZnTCxqfhBx0tP04LhI4nJtK9MIk7Egiw%2B2z0aR%2FHUBMaYUo3eaOiXrPc7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 780058a3e8f0b529-OSL
alt-svc: h2=":443"; ma=60
tag.swpush.com/action-track
188.114.97.1204 No Content 0 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 27 Dec 2022 07:29:38 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFkI17v2DBgg1lKpmIDLSm%2BD5TUZ%2BmRfqZyJ71tZJAraEGB8wTFZN0FxJYZAI%2FFrZi8ZrxNT4K4f1MFvz8zJVAgd1VNNbMZDcbILZiNic5YS1pd1JsI5a59zhyV1vfmoww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 780058a599a40b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be666089eb763fcf8d9e36f24b934041
8b9587fa765fd533d95d398e10275f414e2f4a09
ef45683b4b2920d824902ced2145a1c92a9e7fc398406070248d451d7451cc4d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EF45683B4B2920D824902CED2145A1C92A9E7FC398406070248D451D7451CC4D"
Last-Modified: Sun, 25 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Tue, 27 Dec 2022 13:29:27 GMT
Date: Tue, 27 Dec 2022 07:29:38 GMT
Connection: keep-alive
app.api-push.com/get-keys
172.64.163.28204 No Content 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 27 Dec 2022 07:29:38 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS8EgXfhWXuxxR7dr6NEFkg7mAEMcSWj7Q3iXCNc1Vy%2BKGGIU9ylr2dd%2BnMfLj4BE21KErdpucbrF0qXtO11kGqJIXe5xaif4tnQ9qtC45%2FgT%2BY3hTyFLqV3pVCLKKXpXD5K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 780058a5cf8523c4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d2c92293802ea021b4890b93ce1940e
e2db47f90eae4316fd3e50efa65c6decd15d5766
313ac006f09b85b35633bb6c03fd1b98d3539aed6c4a15b6e22eeb1f9e50e283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 761
Cache-Control: max-age=121470
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:38 GMT
Etag: "63a9d367-117"
Expires: Wed, 28 Dec 2022 17:14:08 GMT
Last-Modified: Mon, 26 Dec 2022 17:01:27 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
tag.swpush.com/action-track
188.114.97.1400 Bad Request 41 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.97.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b3d1dfa17a6e2be3f51bc4daf604435
374418a2d177a4012685476a2c1643e15e546e64
6bfccd30af11322070311b7f99ff7682ae00513fade6ecec5bf5bd10c34e2d1d
POST /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68
Content-Length: 64
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
date: Tue, 27 Dec 2022 07:29:38 GMT
content-type: application/json; charset=utf-8
content-length: 41
vary: Origin
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sarUzrsZa8hmg1Wh4AfH%2FsZC9v0C8blz%2FjUPMiLrZQ%2FW3rw3F1QCBWp%2FmGIsOVjiixWsUSXx8Vbnijin4wKtqBp7B1oK79l0LWs%2B2TYlgkzVhTUcuYL9HNgDTC7gOSQFPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 780058a64a140b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP 142.250.74.131:0
Hash e493efe44a076b24e146ead82d801718
5729d1fe656595a370af4c64c6cb5007e9a22c5d
7119074c02b108adba4bdeebfbe3894ff912b055f2693e96e2b8a620bc912e1b
POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.158.219101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.158.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aStsN8E/1/uYMwQKF8QOlg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yprX0ylIKgdyl3Uxr4btAumzHJo=
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be666089eb763fcf8d9e36f24b934041
8b9587fa765fd533d95d398e10275f414e2f4a09
ef45683b4b2920d824902ced2145a1c92a9e7fc398406070248d451d7451cc4d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EF45683B4B2920D824902CED2145A1C92A9E7FC398406070248D451D7451CC4D"
Last-Modified: Sun, 25 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Tue, 27 Dec 2022 13:29:27 GMT
Date: Tue, 27 Dec 2022 07:29:38 GMT
Connection: keep-alive
subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
172.64.163.28204 No Content 0 B URL HTTP/2 subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8 HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 27 Dec 2022 07:29:38 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qx2BdsiGPOu6WS8P19rXeVranQGC8BZza0Tq32SFxNSLWIhUZgqrRQSYj7udzhNgrsDAFYDM1pM0og%2FOo5ZxfXBXoGNVLwsgscio%2F%2BrfWy0h%2BsO1ztgN5SYQr5UAPy9hUwrtVwmkAw8r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 780058a7892e23c4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tag.swpush.com/action-track
188.114.97.1204 No Content 0 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 27 Dec 2022 07:29:38 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XS4Qt%2BN%2BFXSagwhKeqmeBhcsfPsaWm%2Bird4CibMBRPdqGul48paaELK79McoRI30fbd1uaQ%2FffOoqWtHhejdHFmAwJs8M%2BuZuyURfw6z8M1sTywLVuvxev0luG9EyX1hA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 780058a5698b0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
172.64.163.28200 OK 5 B URL HTTP/2 subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
IP 172.64.163.28:0
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8 HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 07:29:38 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiZqMiv196fQEgKPYBbpPs%2BS%2FIgtyk6I3HAhfeCLBOQG5bhwAtfDnSYaKhqErvZrDg0MNZmNNX34L4vPYcLb9PSJhlh0Ow0gnwsDkTcP7iqOZtVKiXMvs%2FnszUh%2Be983Dr%2FoIdZeIORJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 780058a849dc23c4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tag.swpush.com/action-track
188.114.97.1400 Bad Request 41 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.97.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b3d1dfa17a6e2be3f51bc4daf604435
374418a2d177a4012685476a2c1643e15e546e64
6bfccd30af11322070311b7f99ff7682ae00513fade6ecec5bf5bd10c34e2d1d
POST /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68
Content-Length: 64
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
date: Tue, 27 Dec 2022 07:29:38 GMT
content-type: application/json; charset=utf-8
content-length: 41
vary: Origin
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE4NWJFN2BlP1a%2FDYqqdPgw41ZYQVbiCh7dA8I3HvgVx%2F3YQhFFekwNgsDi%2FYaK9f3kGNxqEwvo6DNsf4onlFLDdEq4P2gvjZ0hFbhAysDRz81g0DMwJeTcdJCzB7OIQMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 780058a8db640b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secretswipes.com/x/qdkj289xd/files/main.gif
188.114.96.1200 OK 1.4 MB URL HTTP/1.1 www.secretswipes.com/x/qdkj289xd/files/main.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 389 x 470\012- data
Size 1.4 MB (1354105 bytes)
Hash fd0e9e5a2114d9fd600a8d25196ce086
e139ac1bb02dd8af02f784597c03d2e430ecefb9
c266d86e80238ce33f0d3ded82c8259ad43b2e7cc8314d6da402d84713eb156f
GET /x/qdkj289xd/files/main.gif HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:29:38 GMT
Content-Type: image/gif
Content-Length: 1354105
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-14a979"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKp12qrXs%2BbOcit1Ta%2F6h8Pnd%2Fgc3I43KUMfKwzUzstd16Xvbpn6ivSN6imIolYopsUP6MSLTRThCV9NvSsaD19IUT%2Bcll05tgHQKtlhugBkols%2Fo54vqeBOPo6H6XPRKYAZFPxVHw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 780058a3ed49b505-OSL
alt-svc: h2=":443"; ma=60
theemforest.com/p/1
172.67.193.142200 OK 506 B IP 172.67.193.142:0
Hash 273d240a58161fc168ee84052e560a66
2604c2ecc29a5380698f35fdda15aba067b8ec35
047bdae409be83f1a3e1f793e733b6a6a4f6faafa0d4e437a80b83529c356103
GET /p/1 HTTP/1.1
Host: theemforest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Dec 2022 07:29:38 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wm0WuKHqWhS4u%2B9pl9YFDadoqkjwqs0UmWr1S85PwFLkcEqWWy77pF0pRb7%2BQzIzUoPTPM4%2B6REhE2MNEunTV3DzLj0fX94kijAQG2dv%2FzMYpOvE5zBQwzTFW8%2FHl33UK%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 780058a669eab51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15369
Expires: Tue, 27 Dec 2022 11:45:48 GMT
Date: Tue, 27 Dec 2022 07:29:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15369
Expires: Tue, 27 Dec 2022 11:45:48 GMT
Date: Tue, 27 Dec 2022 07:29:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15369
Expires: Tue, 27 Dec 2022 11:45:48 GMT
Date: Tue, 27 Dec 2022 07:29:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4a7ec0fdc177ed09c8949dcd68efb35
8ad28905291f4a184c0f32292415d1af0db3cead
7862e695c7eea224263bccaabcc54fc337ea533d6f1fafe0426b8699f3880922
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7924
x-amzn-requestid: 30d67a34-fa95-4aa8-84d7-7c769a9e7fc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYgEnNoAMF7ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129c-743b9f4845f2c6f312463662;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DARBFo3gGdqpiutH2AJvUFtxyaamlecRtekmlCERttcXoXZ9FNswGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:45:05 GMT
age: 35074
etag: "8ad28905291f4a184c0f32292415d1af0db3cead"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4b903e264b412e69e5f22091bf423ea
92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f
8d5d90968489731604a2286d9e2b9a307147a3cc0b1ffd32f1186ceea9b8fcff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15371
x-amzn-requestid: 63d10011-ae3d-48fb-b892-26d94dc6ef83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVs8EVDIAMFTOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4031f-3da712a621773d56567c014f;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2dVU6KIg3WiMurg-pgSmReyT89IjMeJUptYrHaPJiDTOaPr0PqrO6Q==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 07:24:37 GMT
age: 302
etag: "92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b373925ce249ca67e6984c436f5cd2b8
ddbc25025b933587990f8e9c32e91c9773256840
7d3c992b715283efeba9bee2e5c08042267017e76074ca6aad870e1dd45b4564
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9007
x-amzn-requestid: 15b3b2e5-d493-4b54-aab4-7374bf892e83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: drrFbESxIAMFikw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7beef-37f4ab8e7738b186705bb1db;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 03:09:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SgjNBdI4lkk3DIdROxkZ8sdadoe-pewXA9Q5M55pGe-LNk012lLFmQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 03:27:32 GMT
age: 14527
etag: "ddbc25025b933587990f8e9c32e91c9773256840"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8dfaac9e14198dfaa9db2d01c9ef304e
2f6bbbabb48431a27150219ef872d1ca10c73399
2c4fad9cc8a8c0ee6f54cc4eeb905eee1d8f028a528e3c8deb01f2c0cef250cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12451
x-amzn-requestid: 1fd618ca-f052-4a46-9b71-04a5df1f858c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYVFHqIAMFWPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129b-658fe5884efdcebb567d3747;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rP7UvSlN0uYvoMo5af_T1_A-41sONiTOxS7noQ7RMo9atlXmwPdhAQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 35083
etag: "2f6bbbabb48431a27150219ef872d1ca10c73399"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F305f952f-68d1-4090-b1d7-04817f0a2ab7.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F305f952f-68d1-4090-b1d7-04817f0a2ab7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be693dc109dd4beeee6f7f3ae2061dae
349168c24483cf12e3c10e176643b5f02316cbf4
2e4cf6b6d7f4e75d4dfd631a76a921734f3824563f039a6da20826d0bb3afc0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F305f952f-68d1-4090-b1d7-04817f0a2ab7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10281
x-amzn-requestid: 6f952ba1-d992-4521-83f7-ce18a4b75798
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYMFdtIAMFwyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129a-5b1ad9041a52fc8f049d37eb;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H3u62So8Z-Pe1gQiIpOjTUEvozSDuV3d2wZMKlZMDioFrtIwYjrV5Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 35083
etag: "349168c24483cf12e3c10e176643b5f02316cbf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea5eddeb14380ea8cac42aa38148db64
7c114dabd868011f04129602f8b1453cdf319afc
de8361a33abff7d78e8c87eb563f66f0aff9b23069b3136cfb132a5b9a17f377
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9262
x-amzn-requestid: 35b8f5ad-65a3-42c8-92b9-b5fdf1b54163
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVs6HH1oAMFRhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4031f-0588e63179f4cb152d048f03;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eb-FvrQ0mNDlvCFDWNUWeK_g0i3k62Jtoh0I5nnLysyI27dmB2OqrA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 11:43:33 GMT
age: 71166
etag: "7c114dabd868011f04129602f8b1453cdf319afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/EmMTM2F0_rU
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/EmMTM2F0_rU
IP 142.250.74.131:0
Hash adb7e59a076023ef2211b201c608422b
e2a0a4ad3e12c86a3a46bcafe96299a8e0ee7821
7a1bd6e2e8f898928a308ff34aa9ab33e5fd9305cf9fc5cb065f5f8538dcbbb1
POST /s/gts1p5/EmMTM2F0_rU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:29:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjam.com/cdn/sdialog.min.css?_=4
188.114.97.1200 OK 1.8 kB URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP 188.114.97.1:0
File type ASCII text, with very long lines (6775)
Hash 88b0f1269665b515ab171312b10e261b
e82666775ab2b47aa653560a6b20039a34b67247
94393aaf5940cc8eca25ee16035c104caf508ca17a665d4f5e03a969cb7a9896
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Dec 2022 07:29:39 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5PeciincwTGXNzkeH%2Ft8W%2Fvny8ladTGv7QcmU5161KH0ZORtrCAzeJwCkIRdeIudGg6KWQWnrM795UkVnvQBlS%2B5HYuk%2BiwzC0C7xC6x7EYuruHulSiloEigmHo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 780058b0af4e1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn-dt.fcdn.info/swpush.min.js
104.21.234.86200 OK 0 B URL HTTP/2 cdn-dt.fcdn.info/swpush.min.js
IP 104.21.234.86:0
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Dec 2022 07:29:37 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506590
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h91%2B4Gca2HifguX40%2FGHZW9pB%2F3NxwTbKQ06Hc1HGt5wT22NLC6MZBPqwu35aPayyAEgQsBANx12wZjRp3Z1b3iuMlzaLU1W1%2B60YoF%2F3PrbdqfrG8EgoTnAjguOT0D%2F%2FgaE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780058a299d5891e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.api-push.com/get-keys
172.64.163.28200 OK 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/qdkj289xd/?cep=yVF_R8W3V2Cj-oOtDa4FzVx_ivfGC2rywWQjStvMtbN3ige0FbTA2vQlRpL0PsNG-YPq6NWGyGcLOdtT9NCo-ycTRrXbZB_ki6xqxhDKf3oI_cnNrn9iult8nlZEs-aGEajziks50LumALWvhaL2Ys8Z6q3lhHVsoG4pLXCWmvR-8a4_IRvUoMZZ3PFFAh7ePQDeZK2MUBjheRuqAeoB6Qdiwf38FOqf77uiMiWErMQ2UYVTjW8it6XtJZks2Q_2TmDaMPVoWyKbo15ehCACtfIDpfS6_6pe2Ts-09MN016uM7zbG7Rl610O_fpUsbWwbzFDwxtPmRaOfX-JaR6EwaKEVToJSaIpYMQ-trJmhNwqHHczEEr2yRU0g8XXk4WO4pjHemYZC6dFRfLowx_MiBbrazg1RHB7Bh4IUig8Jh-BGjeRZuLoBj0LrebvL5luEHSSwo1z8L92ZJhAENLJcpj5P9qodfZcKcM0W6FDJyE&lptoken=16ef72f0120579c260db&pub=1003&source=Default&externalid=163aa9ed08d31c1.58028741&cs_id=f2954ee1-a5bd-4a16-aa14-b5bff5ceba68
Content-Length: 89
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 07:29:38 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCPfae0tFtCOHrQExHfRpVrPw9wApeFQF%2BF9T6849xGZYHWtXzz2%2BmN%2FYZuZ2hMEhSTBrDhzQEwLzkzPCXOy4nAF5f8b%2F6JcKREgaB459C0orj8InkKlf5CfV%2Bz%2BsFCY%2FnCy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 780058a6681c23c4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2