lps1.thesecretmarkets.com Open in urlscan Pro
2606:4700:3033::681f:5a40  Public Scan

Submitted URL: http://4d9f2a26-1672-47c5-9d48-062c90106a33.theedge.work/
Effective URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Submission: On January 12 via manual from HK

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3033::681f:5a40, located in United States and belongs to CLOUDFLARENET, US. The main domain is lps1.thesecretmarkets.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 8th 2020. Valid for: a year.
This is the only time lps1.thesecretmarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.64.119.254 22612 (NAMECHEAP...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
8 165.22.207.20 14061 (DIGITALOC...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
28 7
Domain Requested by
13 lps1.thesecretmarkets.com lps1.thesecretmarkets.com
8 fontawesomes.com lps1.thesecretmarkets.com
2 cdn.dolly.media
2 embed.videodelivery.net lps1.thesecretmarkets.com
embed.videodelivery.net
1 get.geojs.io ajax.googleapis.com
1 ajax.googleapis.com lps1.thesecretmarkets.com
1 platform.fargoleads.com 1 redirects
1 4d9f2a26-1672-47c5-9d48-062c90106a33.theedge.work 1 redirects
28 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-12-08 -
2021-12-07
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
fontawesomes.com
Let's Encrypt Authority X3
2020-11-29 -
2021-02-27
3 months crt.sh

This page contains 2 frames:

Primary Page: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Frame ID: 1A45E89E978E12EC1C6DD07EE19EFA3E
Requests: 27 HTTP requests in this frame

Frame: https://embed.videodelivery.net/embed/iframe.fla9.a0141b9.html?videoId=c89f2157da847c518d1bc7fdca1c52f9
Frame ID: 309A1BEE97884A2F15A44B99D76513D0
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://4d9f2a26-1672-47c5-9d48-062c90106a33.theedge.work/ HTTP 302
    https://platform.fargoleads.com/u/b/2958031/UJ2Q6ktVmg4E?MPC_4=007 HTTP 302
    https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

28
Requests

96 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

444 kB
Transfer

1444 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://4d9f2a26-1672-47c5-9d48-062c90106a33.theedge.work/ HTTP 302
    https://platform.fargoleads.com/u/b/2958031/UJ2Q6ktVmg4E?MPC_4=007 HTTP 302
    https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lps1.thesecretmarkets.com/Maximizer/
Redirect Chain
  • http://4d9f2a26-1672-47c5-9d48-062c90106a33.theedge.work/
  • https://platform.fargoleads.com/u/b/2958031/UJ2Q6ktVmg4E?MPC_4=007
  • https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
18 KB
5 KB
Document
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
786b72e12f09159baf2cf6536f4974c3cb8553f4028be86ec4708198ef73b769

Request headers

:method
GET
:authority
lps1.thesecretmarkets.com
:scheme
https
:path
/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:01 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d02440396af81cb02c4597b21ff7821291610452501; expires=Thu, 11-Feb-21 11:55:01 GMT; path=/; domain=.thesecretmarkets.com; HttpOnly; SameSite=Lax lbwl=j%3A%7B%22pid%22%3A%225f8108287fec050011afad0b%22%2C%22fn%22%3A%22Maximizer%22%7D; Max-Age=1200; Path=/; Expires=Tue, 12 Jan 2021 12:15:01 GMT; HttpOnly
vary
Accept-Encoding
x-powered-by
Express
cache-control
public, max-age=0
last-modified
Sat, 10 Oct 2020 01:02:37 GMT
cf-cache-status
BYPASS
cf-request-id
07980c1c1e00002b7da30fd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sX0ITKEkMKyHd4egL3WSn%2FXuDX6ngxzujwgaVHUpHyt5AmEHhHdzOxfEWHr3ki0TsrV6Nj52yfen1r5uFYWCTCxzeFEnptMoG%2FqqLnFNHEN3DV1ck%2BdMKNXoCQT9fpJKw00s6YZs"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6106afa69f212b7d-FRA
content-encoding
br

Redirect headers

date
Tue, 12 Jan 2021 11:55:01 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df70ba525894dd8e4ab8292e3ae6926a51610452501; expires=Thu, 11-Feb-21 11:55:01 GMT; path=/; domain=.fargoleads.com; HttpOnly; SameSite=Lax; Secure AWSALB=0209joxk4NJyY+eRWmmA5PNt2sHpy8/28GKyYgSIin+ExiBM/d3tw5urEzykjPm1c1aQOteQ2AS4jfgUIrnB2VqnZjU6RZVU3ffWKVFkP4rajG1Nc+FmyfUre0sd; Expires=Tue, 19 Jan 2021 11:55:01 GMT; Path=/ AWSALBCORS=0209joxk4NJyY+eRWmmA5PNt2sHpy8/28GKyYgSIin+ExiBM/d3tw5urEzykjPm1c1aQOteQ2AS4jfgUIrnB2VqnZjU6RZVU3ffWKVFkP4rajG1Nc+FmyfUre0sd; Expires=Tue, 19 Jan 2021 11:55:01 GMT; Path=/; SameSite=None aici=e4e2d19d06a455b18f08e9237a2a2cca; expires=Tue, 12-Jan-2021 12:16:01 GMT; Max-Age=1260; path=/; domain=.fargoleads.com; secure; HttpOnly; SameSite=None
x-powered-by
PHP/7.4.13
access-control-allow-origin
*
location
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
cf-cache-status
DYNAMIC
cf-request-id
07980c1adf0000d705fcb22000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tYVXE3OJ6MSmzggBGF0ROLFspakpfERaJHcEyKgqcKsSiHEiD5QJOKzbf7O56LI4t5G8dcY8CJ2c%2B7gJ%2F3meCtfOXnJB1adfkDSzvwrmFAkhl2Tqs%2FE1FEnTuQws2th2GTkjLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6106afa49cadd705-FRA
I7G4SM68W83Z.css
lps1.thesecretmarkets.com/Maximizer/css/
345 KB
43 KB
Stylesheet
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/css/I7G4SM68W83Z.css
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8fc8005625b82e24e06805ee1c1d660f6a7f6ae49ef6c433ae0fcaace7033849

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:02 GMT
content-encoding
br
etag
W/"5658c-1751007f4c6"
cf-cache-status
EXPIRED
last-modified
Sat, 10 Oct 2020 01:02:38 GMT
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pk3tCCe5sQxxXXkxEOApOGEBDBID0cBLSsprj%2Bc4kHKnKgfi1rGv2xUaWvA%2Fr8%2FSuKxQZ06O5NiAUfPfWwTEEr%2FKt4Fj0%2BkNk5tjkelp6tfEcrTxV23cdhkjpjJXhABKqp0%2B0NWN"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=2678400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6106afa96d032b7d-FRA
cf-request-id
07980c1dde00002b7de4239000000001
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/
86 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 06:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19497
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jan 2022 06:30:04 GMT
r4xu.fla9.latest.js
lps1.thesecretmarkets.com/Maximizer/js/
807 KB
213 KB
Script
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/js/r4xu.fla9.latest.js
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
489654ea12a5bd3966d9a5f719e382f06a776d36eec7f26394bcb33e7396465d

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:03 GMT
content-encoding
br
etag
W/"c9a16-1751007f2bf"
cf-cache-status
EXPIRED
last-modified
Sat, 10 Oct 2020 01:02:37 GMT
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F2IB5xqaaLw5HHpfCF59TIK%2F9upepbFSVuZlCR5wOukdQNlLmBfngRgvr26k2oHm39ITCo6IxE%2FIz4hYfAPQJJyMW%2FqctlzTiALj%2FF824XVok%2BoTRyyXSV4XOoMpOGjAfl%2FwwQo1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2678400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6106afaeb99d2b7d-FRA
cf-request-id
07980c213600002b7d888d0000000001
J0YVK68Q2JIO.png
lps1.thesecretmarkets.com/Maximizer/images/
11 KB
11 KB
Image
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/images/J0YVK68Q2JIO.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0d7e67f637e50aff50201e03de34fa33613e1142a73ff7a994bc60a7b16ae3ff

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:03 GMT
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-length
10889
cf-request-id
07980c214600002b7dd8071000000001
last-modified
Sat, 10 Oct 2020 01:02:37 GMT
server
cloudflare
etag
W/"2a89-1751007f23c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oc3a8sYskne9Y0Kb55JILeAcIOJAvYuJr3OXr0gccSEX7uH%2BpJ38awMlOLZzYKTLE8%2BskxbiKvIlNUCKHJnyYWLiD0cS%2BZaFKTv64TtkpiQtfrbt6YOVWa1TujROBM5Vly%2F4h2Wv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6106afaed9d22b7d-FRA
GFPOL30LS20V.png
lps1.thesecretmarkets.com/Maximizer/images/
13 KB
13 KB
Image
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/images/GFPOL30LS20V.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
42a831d2aaba676f8113a024900f0a6326cb016f963bb1bf35c6ea63351a1853

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:03 GMT
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-length
13089
cf-request-id
07980c214600002b7db8138000000001
last-modified
Sat, 10 Oct 2020 01:02:37 GMT
server
cloudflare
etag
W/"3321-1751007f226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7TqafGAEBoeKLZh7ZcuScaLVLKwc1zwKatwr1F2ioTG22rxzly8EwCLK74w6QhZ1qj7kTacO05gUfUGQJljifCHN71zZFleCD11gGtoMMFqILTOdg%2BJVUBsRBtMtmKRKzzctkVEY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6106afaed9d32b7d-FRA
ALQ1UIMZ5V4A.png
lps1.thesecretmarkets.com/Maximizer/images/
6 KB
6 KB
Image
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/images/ALQ1UIMZ5V4A.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
313d488ddc2b5f43b82e2fd090177f90605c847dc1f7d3b25e7d06f5b07bff22

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:03 GMT
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-length
5856
cf-request-id
07980c214600002b7d87b95000000001
last-modified
Sat, 10 Oct 2020 01:02:37 GMT
server
cloudflare
etag
W/"16e0-1751007f259"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VDl41ldJjcJ2z%2Fdqdq0WJkwQuOXom%2BDMykrFxelfNhljHFIi58CtuoiDjtCWFFuHEXI7As8HxssicX15MOypI8Ot1wghv08f%2F4KYRzaJMQjQ4ZkEgy34PmmKSY1Erf5tGEtWkObn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6106afaed9d42b7d-FRA
TG6ZITPGRY8R.jpg
lps1.thesecretmarkets.com/Maximizer/images/
4 KB
5 KB
Image
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/images/TG6ZITPGRY8R.jpg
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
aefc9aa112b3f35b393bb5a6092eef0eb8c35d20b121a371a4f7eb2564da6891

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:03 GMT
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-length
4559
cf-request-id
07980c214600002b7d01347000000001
last-modified
Sat, 10 Oct 2020 01:02:37 GMT
server
cloudflare
etag
W/"11cf-1751007f270"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XeW5800M4%2FdW3lAby8WXaMGb6p2N1ta8U%2FNRPhkRURYiFhhOQ%2BXiX92abRoznwT038Raw3%2BKsljFgnSyXbgDUcaGIV%2B1G7Q7dwWrSuG3UiwR9QIoBeyZ7GGRfZUbjLkFrwBYeqGb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6106afaed9d52b7d-FRA
widget.js
lps1.thesecretmarkets.com/Maximizer/js/
4 KB
2 KB
Script
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/js/widget.js
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
62d0e7dbc37f4418568a86a468e65fe5de681fae589bdf763373b160ccf88fbe

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:02 GMT
content-encoding
br
etag
W/"10ec-1751007f2df"
cf-cache-status
EXPIRED
last-modified
Sat, 10 Oct 2020 01:02:37 GMT
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zd%2Bt9t7PzcmzNBR2B4heHFRvAEKkGizgJAY8H3z7mvQYXgZ1uFltqb2zFSJBOckQWNUi8jL5O57im5zZPDAw1Zg2cOusbhUAYq5o45mFsAznj1Ihm6ogcWVTs1qSdXuwajo93Ug6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2678400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6106afa97d252b7d-FRA
cf-request-id
07980c1dea00002b7da29e4000000001
7HSJH4TP3LLV.js
lps1.thesecretmarkets.com/Maximizer/js/
36 KB
4 KB
Script
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/js/7HSJH4TP3LLV.js
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2e1019bd9fbedade343b47e94984289a6428cb05c854c9b6fe40e524afbc6fa4

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:02 GMT
content-encoding
br
etag
W/"90c0-1751007f293"
cf-cache-status
EXPIRED
last-modified
Sat, 10 Oct 2020 01:02:37 GMT
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cwAE7aH7BjmiRAB4TZ8Gm5W5gLCk7VF1VjPkKX1Hzd2Af%2BxjIfexYDtq6kWBD8ICBLjgGEEeS9%2FZDKjCTBBXNKD2HFQQt61SiWi3gjlM3%2BPK27rTS5%2BbO1GQhyxw%2BobXuw%2BqB5CZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2678400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6106afac0b542b7d-FRA
cf-request-id
07980c1f8700002b7ddebd0000000001
W5U080303NQU.jpg
lps1.thesecretmarkets.com/Maximizer/images/
65 KB
65 KB
Image
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/images/W5U080303NQU.jpg
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/css/I7G4SM68W83Z.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
89d45d8548c1a69952490a9ced20b32963c8939f8c24f566b6ad638fc5b3209c

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/css/I7G4SM68W83Z.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:03 GMT
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-length
66402
cf-request-id
07980c214900002b7d9f0b1000000001
last-modified
Sat, 10 Oct 2020 01:02:39 GMT
server
cloudflare
etag
W/"10362-1751007f7cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZHPJOw2NvpEn8OoKqj43fECdDBufzYYq1egGB1q5V0UxGMRJ%2FRKrx6Z7k9E2yvSTR3NEkm%2FqIlVjRHmxPoQKLz%2FesrwkD2%2BbNDLK9vvMTxZbO7TCwMGWoTxecZTwAsy4%2Fu69IKnA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6106afaed9df2b7d-FRA
85SJULHL8LQV.png
lps1.thesecretmarkets.com/Maximizer/images/
2 KB
3 KB
Image
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/images/85SJULHL8LQV.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/css/I7G4SM68W83Z.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d553f5baf81d71299fe56ff0026841d646147abdc3564d55d57f37427970cd60

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/css/I7G4SM68W83Z.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:03 GMT
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-length
2224
cf-request-id
07980c214900002b7d91a04000000001
last-modified
Sat, 10 Oct 2020 01:02:38 GMT
server
cloudflare
etag
W/"8b0-1751007f51e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wU%2FvbVr61HZpoALhXzVM7GGivvlS%2Bal2PlM50rLPKh5l%2B%2Fwn6%2FUj6XV9A7E1NspqdO3ULlOfGIO5%2Bf701NnVNlEnlTCNnAwG%2FHqZchQnnthPbongJuU3D3HNCY34ySk1aNQbyW30"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6106afaed9e32b7d-FRA
5G8YI2GYV57B.png
lps1.thesecretmarkets.com/Maximizer/images/
3 KB
3 KB
Image
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/images/5G8YI2GYV57B.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/css/I7G4SM68W83Z.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c651d1dbeafca4ac2f2eda346631a7f8c93084f5a54434e1d0ba9ee57f2dcb67

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/css/I7G4SM68W83Z.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:03 GMT
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-length
3237
cf-request-id
07980c214900002b7dabbcd000000001
last-modified
Sat, 10 Oct 2020 01:02:38 GMT
server
cloudflare
etag
W/"ca5-1751007f4e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q4yeOCxZdaYE9RNn08xmC5ITufleIARxcjd5vHj2AVl4qHON8gMGFPXvXlwM1n7hgIwlICQtPaXitZuZplKgCnP1MmC%2BifeiPxJiPkuICNZEQRw8EwDJ2z8D0Aqqq%2BOVBAVgwJYT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6106afaed9e52b7d-FRA
T02ZUP7ZKONU.png
lps1.thesecretmarkets.com/Maximizer/images/
5 KB
5 KB
Image
General
Full URL
https://lps1.thesecretmarkets.com/Maximizer/images/T02ZUP7ZKONU.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/css/I7G4SM68W83Z.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
673aa99931850b632b85a7cadae9031378954448fe555721b10880d5a6676eab

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/css/I7G4SM68W83Z.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:03 GMT
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-length
4798
cf-request-id
07980c217400002b7d9a2e8000000001
last-modified
Sat, 10 Oct 2020 01:02:38 GMT
server
cloudflare
etag
W/"12be-1751007f538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9YIY2WjrBVJIWsGIfqQJve%2FEmD81JDxSGHZtcTjfoS2E9lETZTdP1NGwmGTAL2zgswISwk3hFCnclUl2hL0XlMRaJqE3JJaQerz0QCDM55S%2Fpu8G5JtRzSpiM4Vpb0W8qbJk7aST"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6106afaf1a8f2b7d-FRA
geo.json
get.geojs.io/v1/ip/
304 B
970 B
XHR
General
Full URL
https://get.geojs.io/v1/ip/geo.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8a51a3627d47f033bb3e8baee3ab6b74a07781b930a5204b1ede5f1975b55e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET
cf-request-id
07980c21b300001782b92c0000000001
x-request-id
61a27063329b55a311e77fd02a837c7f-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ekMXbzvVoV%2Bzz0Jj83V1mej2f6C3yTyfFsfB%2Fy9IT4FmwqIqVKBdlYHjJJHe090l2kzQwscyOaWq6XGLHjPl8uMihDCvMU%2FsE3I%2FUVb3v1PM5IQvUyZKCsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
6106afaf893c1782-FRA
btc.png
fontawesomes.com/crypto/
3 KB
3 KB
Image
General
Full URL
https://fontawesomes.com/crypto/btc.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.22.207.20 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
480ab7007e9f1b19e932807a96d668508b4ed1b26061a9f1baf98f007f9553be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:03 GMT
last-modified
Thu, 19 Nov 2020 03:28:14 GMT
server
nginx/1.19.4
etag
"5fb5e64e-b45"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
2885
iframe-host-init-chunk.acbce25c.chunk.js
embed.videodelivery.net/embed/
11 KB
4 KB
Script
General
Full URL
https://embed.videodelivery.net/embed/iframe-host-init-chunk.acbce25c.chunk.js
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/js/r4xu.fla9.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:164b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12fed2669032c6884b98e8f17e66716d39e69d82e0bd7d6e4145314e9b074aa1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:04 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
stream-dw-version
2021.1.0
timing-add-origin
*
cf-request-id
07980c24da0000178ac50fe000000001
last-modified
Mon, 28 Sep 2020 15:51:02 GMT
server
cloudflare
etag
W/"ebefba53ce289384faf247f98fa43149"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=180
access-control-expose-header
cf-ray
cf-ray
6106afb49c94178a-FRA
expires
Tue, 12 Jan 2021 11:55:34 GMT
cc30a369-ecd2-42d5-9a80-e434dcce3594
https://lps1.thesecretmarkets.com/
31 B
0
Other
General
Full URL
blob:https://lps1.thesecretmarkets.com/cc30a369-ecd2-42d5-9a80-e434dcce3594
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
iframe.fla9.a0141b9.html
embed.videodelivery.net/embed/ Frame 309A
0
0
Document
General
Full URL
https://embed.videodelivery.net/embed/iframe.fla9.a0141b9.html?videoId=c89f2157da847c518d1bc7fdca1c52f9
Requested by
Host: embed.videodelivery.net
URL: https://embed.videodelivery.net/embed/iframe-host-init-chunk.acbce25c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:164b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
embed.videodelivery.net
:scheme
https
:path
/embed/iframe.fla9.a0141b9.html?videoId=c89f2157da847c518d1bc7fdca1c52f9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24

Response headers

date
Tue, 12 Jan 2021 11:55:05 GMT
content-type
text/html
cf-ray
6106afb93cc8178a-FRA
cache-control
max-age=180
etag
W/"2706a32f653b07320aa4f22f24b742db"
expires
Tue, 12 Jan 2021 11:55:35 GMT
last-modified
Mon, 28 Sep 2020 15:51:03 GMT
cf-cache-status
REVALIDATED
access-control-expose-header
cf-ray
cf-request-id
07980c27ca0000178a9a92e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
stream-dw-version
2021.1.0
timing-add-origin
*
vary
Accept-Encoding
strict-transport-security
max-age=15552000
server
cloudflare
content-encoding
gzip
btc.png
fontawesomes.com/crypto/
3 KB
3 KB
Image
General
Full URL
https://fontawesomes.com/crypto/btc.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.22.207.20 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
480ab7007e9f1b19e932807a96d668508b4ed1b26061a9f1baf98f007f9553be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:06 GMT
last-modified
Thu, 19 Nov 2020 03:28:14 GMT
server
nginx/1.19.4
etag
"5fb5e64e-b45"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
2885
btc.png
fontawesomes.com/crypto/
3 KB
3 KB
Image
General
Full URL
https://fontawesomes.com/crypto/btc.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.22.207.20 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
480ab7007e9f1b19e932807a96d668508b4ed1b26061a9f1baf98f007f9553be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:08 GMT
last-modified
Thu, 19 Nov 2020 03:28:14 GMT
server
nginx/1.19.4
etag
"5fb5e64e-b45"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
2885
ZG1POV4HVIJR.jpg
cdn.dolly.media/822b805de5837cdd0cae64921bc248ad/
3 KB
3 KB
Image
General
Full URL
https://cdn.dolly.media/822b805de5837cdd0cae64921bc248ad/ZG1POV4HVIJR.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:741f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b9ed5769725f14fc97f84143c59e58c9f399632eec07715916ef36dd0de8688

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:09 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1643
cf-ray
6106afda3ce12c26-FRA
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
2733
x-amz-id-2
Aq6UJMYFflYOgCSko6hzQDTXh2+Sf35Iou54aDSl1m1/mTBOLxck/Iub6nYuxyEjGelB8O94U/Y=
last-modified
Sun, 17 May 2020 11:11:53 GMT
server
cloudflare
etag
"31be7acce98552f112f62d1650d6014f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ic34hE3yi%2F7ZjXqAVOGRN%2Brg3XccBJALKJ%2FpWV3soSVIInwM8eRfro4q0xUJADBZnhTvv02SDdoBeV56ue85PKYjTEY7OVUZG6Ol1UX0s0T4kqGcvqv%2F0O7%2F7%2FU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
E65CBE5B2581C55B
cache-control
max-age=14400
cf-request-id
07980c3c5f00002c26222ba000000001
accept-ranges
bytes
content-type
image/jpeg
btc.png
fontawesomes.com/crypto/
3 KB
3 KB
Image
General
Full URL
https://fontawesomes.com/crypto/btc.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.22.207.20 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
480ab7007e9f1b19e932807a96d668508b4ed1b26061a9f1baf98f007f9553be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:10 GMT
last-modified
Thu, 19 Nov 2020 03:28:14 GMT
server
nginx/1.19.4
etag
"5fb5e64e-b45"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
2885
btc.png
fontawesomes.com/crypto/
3 KB
3 KB
Image
General
Full URL
https://fontawesomes.com/crypto/btc.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.22.207.20 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
480ab7007e9f1b19e932807a96d668508b4ed1b26061a9f1baf98f007f9553be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:12 GMT
last-modified
Thu, 19 Nov 2020 03:28:14 GMT
server
nginx/1.19.4
etag
"5fb5e64e-b45"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
2885
btc.png
fontawesomes.com/crypto/
3 KB
3 KB
Image
General
Full URL
https://fontawesomes.com/crypto/btc.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.22.207.20 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
480ab7007e9f1b19e932807a96d668508b4ed1b26061a9f1baf98f007f9553be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:14 GMT
last-modified
Thu, 19 Nov 2020 03:28:14 GMT
server
nginx/1.19.4
etag
"5fb5e64e-b45"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
2885
QYHECYB9V6BN.jpg
cdn.dolly.media/822b805de5837cdd0cae64921bc248ad/
2 KB
3 KB
Image
General
Full URL
https://cdn.dolly.media/822b805de5837cdd0cae64921bc248ad/QYHECYB9V6BN.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:741f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4d64a9b17022a3db653c171387d7574f4d152b8af7fc5b0ef11a07081eab7f

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:15 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2285
cf-ray
6106afff7a842c26-FRA
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
2225
x-amz-id-2
MjuwMxuoy6vCJq/dMvSjKqfrgS3dTm0f3Ee4VBzsfTCAOxPU5HQO8QaJ4PAh6L+jGV0v12XWqrQ=
last-modified
Sun, 17 May 2020 11:50:41 GMT
server
cloudflare
etag
"72598ed4a31a228faef414f6478a5c68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qCapKC67UEo14p%2FLAe8fNonoVDKeQX%2BqAXLnTeEQjuwwcxuawJKYgDHNO6pp4XJiUDljUL0UqA8nHPZrH7BSt5LGgMYDZatDNx0B82kqc%2F6CptsoX%2B6hBmu5d2A%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
3X7Q6MDV7Y0KDY3J
cache-control
max-age=14400
cf-request-id
07980c53ac00002c266b3e8000000001
accept-ranges
bytes
content-type
image/jpeg
btc.png
fontawesomes.com/crypto/
3 KB
3 KB
Image
General
Full URL
https://fontawesomes.com/crypto/btc.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.22.207.20 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
480ab7007e9f1b19e932807a96d668508b4ed1b26061a9f1baf98f007f9553be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:16 GMT
last-modified
Thu, 19 Nov 2020 03:28:14 GMT
server
nginx/1.19.4
etag
"5fb5e64e-b45"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
2885
btc.png
fontawesomes.com/crypto/
3 KB
3 KB
Image
General
Full URL
https://fontawesomes.com/crypto/btc.png
Requested by
Host: lps1.thesecretmarkets.com
URL: https://lps1.thesecretmarkets.com/Maximizer/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.22.207.20 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
480ab7007e9f1b19e932807a96d668508b4ed1b26061a9f1baf98f007f9553be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lps1.thesecretmarkets.com/Maximizer/?MPC_4=007&ai=2958031&altid=UJ2Q6ktVmg4E&ci=15&gi=18&oi=24
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:55:18 GMT
last-modified
Thu, 19 Nov 2020 03:28:14 GMT
server
nginx/1.19.4
etag
"5fb5e64e-b45"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
2885

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| notification_array function| namesByRegion object| country_array object| randomPersonObj number| copies function| randNum function| runNames function| rndCopies object| _currency_widget string| countryContainer string| isoContainer string| flagContainer string| currencyContainer string| func function| getData object| stream_jsonpFunction object| SENTRY_RELEASE object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| vttjs function| WebVTT object| __stream

2 Cookies

Domain/Path Name / Value
lps1.thesecretmarkets.com/ Name: lbwl
Value: j%3A%7B%22pid%22%3A%225f8108287fec050011afad0b%22%2C%22fn%22%3A%22Maximizer%22%7D
.thesecretmarkets.com/ Name: __cfduid
Value: d02440396af81cb02c4597b21ff7821291610452501

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d9f2a26-1672-47c5-9d48-062c90106a33.theedge.work
ajax.googleapis.com
cdn.dolly.media
embed.videodelivery.net
fontawesomes.com
get.geojs.io
lps1.thesecretmarkets.com
platform.fargoleads.com
165.22.207.20
192.64.119.254
2606:4700:20::ac43:46e9
2606:4700:3032::681f:5a01
2606:4700:3033::681f:5a40
2606:4700:3035::6818:741f
2606:4700::6811:164b
2a00:1450:4001:800::200a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d7e67f637e50aff50201e03de34fa33613e1142a73ff7a994bc60a7b16ae3ff
12fed2669032c6884b98e8f17e66716d39e69d82e0bd7d6e4145314e9b074aa1
1b9ed5769725f14fc97f84143c59e58c9f399632eec07715916ef36dd0de8688
2e1019bd9fbedade343b47e94984289a6428cb05c854c9b6fe40e524afbc6fa4
313d488ddc2b5f43b82e2fd090177f90605c847dc1f7d3b25e7d06f5b07bff22
3f4d64a9b17022a3db653c171387d7574f4d152b8af7fc5b0ef11a07081eab7f
42a831d2aaba676f8113a024900f0a6326cb016f963bb1bf35c6ea63351a1853
480ab7007e9f1b19e932807a96d668508b4ed1b26061a9f1baf98f007f9553be
489654ea12a5bd3966d9a5f719e382f06a776d36eec7f26394bcb33e7396465d
62d0e7dbc37f4418568a86a468e65fe5de681fae589bdf763373b160ccf88fbe
673aa99931850b632b85a7cadae9031378954448fe555721b10880d5a6676eab
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
786b72e12f09159baf2cf6536f4974c3cb8553f4028be86ec4708198ef73b769
89d45d8548c1a69952490a9ced20b32963c8939f8c24f566b6ad638fc5b3209c
8fc8005625b82e24e06805ee1c1d660f6a7f6ae49ef6c433ae0fcaace7033849
9f8a51a3627d47f033bb3e8baee3ab6b74a07781b930a5204b1ede5f1975b55e
aefc9aa112b3f35b393bb5a6092eef0eb8c35d20b121a371a4f7eb2564da6891
c651d1dbeafca4ac2f2eda346631a7f8c93084f5a54434e1d0ba9ee57f2dcb67
d553f5baf81d71299fe56ff0026841d646147abdc3564d55d57f37427970cd60