fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-%20
149.202.74.222301 Moved Permanently 404 B URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-%20
IP 149.202.74.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 718e636c0c0d7f39aa2c2e3d280d4f72
f4feef8559aa086b9d53cc64824c9f987d503325
8d88bb8599ee9432bcd4717497e7433f73d4e5f835cbe31b5dc5b825e23c2217
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-%20 HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 03 Oct 2022 22:28:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Content-Length: 404
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 21:46:59 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3m6Xd64KG2gDAksXVvK_FDSkEFuzlIdaBGiqJ1lQNt67ReOjb-IXLQ==
Age: 2475
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11326
Expires: Tue, 04 Oct 2022 01:37:00 GMT
Date: Mon, 03 Oct 2022 22:28:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MywNbaDDTmwS7juR3YGVYa8OUDj3TPIyFGBehbPKpXIC29UhosT40w==
age: 61187
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bb391749fb9389ca66b20482252fdb31
8b31a7d0636b3b5255bef81724bd51a20da5bdd9
f13c1e64f7990c777cc11ab25ab81482950f5634def01954b2235a1da8b9905a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F13C1E64F7990C777CC11AB25AB81482950F5634DEF01954B2235A1DA8B9905A"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12813
Expires: Tue, 04 Oct 2022 02:01:47 GMT
Date: Mon, 03 Oct 2022 22:28:14 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 22:28:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
149.202.74.222200 OK 78 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
IP 149.202.74.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41492)
Hash 269a7773d81e9080c92b712aca3e717b
feaad74a3138c5618b085f4178754073d74c9b0a
3adbd8a89b16cfadb7450ddc9dcdfabd6c8bf3336f8c2d01709e8e4a0de1af89
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr; Domain=fr.proxy.al; Path=/
vary: Accept-Encoding
Pragma: no-cache, no-cache
Cache-Control: no-store, no-cache, must-revalidate, private, no-cache, no-store, must-revalidate
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/mobile.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
x-fb-zr-redirect: 02|1664922494|
x-fb-debug: a87xqFmgFM7Wbt0slOYa5CT9z1AeCC1oyITqK2rqsSAYfKO+HohY8cbzyBxUpg2dzSBazdYBJ05f3IRpkCd0vA==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
access-control-allow-origin: *
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3OoQVNtjQr51hWW4aIRrwNHJ68IjR5Un9XWPdpZk_nO_au9miSOUsrxpUcKvPZuPugZvSSpStvHgIF7GbzqHwR
149.202.74.222200 OK 45 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3OoQVNtjQr51hWW4aIRrwNHJ68IjR5Un9XWPdpZk_nO_au9miSOUsrxpUcKvPZuPugZvSSpStvHgIF7GbzqHwR
IP 149.202.74.222:0
File type ASCII text, with very long lines (9101)
Hash 7b2be0bffae3bc0000f20822c0598809
10e7d17ee5f35e424f052b1987e1276110a02165
9f09441b80ac81e70376571d69f5dd1cb3d10bc26cac482ffcda71bf08541f2f
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3OoQVNtjQr51hWW4aIRrwNHJ68IjR5Un9XWPdpZk_nO_au9miSOUsrxpUcKvPZuPugZvSSpStvHgIF7GbzqHwR HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Mon, 02 Oct 2023 21:08:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: YEsGEwjrZ6y7RaOIGHxmag==
x-fb-debug: aFrnJpCFDBCryEfLOI5IG3jvRzodSWe945yH+6VH9npgPL41VX48g34/NS9IwFPkS9XVsowHm6XQkoprq363HA==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
code.jquery.com/jquery-2.2.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.2.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32019)
Hash 5b423a4bde44e2d03668c8fc2e230758
60fb13614d1bfe3685d09e070ffc654f2b0729f4
26a46a57e001319776582d64bc222e2bb0fccb213486d170fa60980996f70bce
GET /jquery-2.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 22:28:15 GMT
content-encoding: gzip
content-length: 29882
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-14e7e"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664836095.dop216.sk1.t,1664836095.cds213.sk1.hn,1664836095.cds263.sk1.c
X-Firefox-Spdy: h2
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1TcCKFlMEInOC1e5Wpe1J~YoT~SOC9v07ZTfI0wzZrAiJ~i5k44N9AXx2s1EM2~C9TaAlF50fv97~oVXPHIKxY
149.202.74.222200 OK 37 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1TcCKFlMEInOC1e5Wpe1J~YoT~SOC9v07ZTfI0wzZrAiJ~i5k44N9AXx2s1EM2~C9TaAlF50fv97~oVXPHIKxY
IP 149.202.74.222:0
File type ASCII text, with very long lines (6639)
Hash 431d8a3cd5852945a9d5e379e82ce207
e395100f8929209939c76f54a1e7d6f48d480e7a
40ac48641fed51cf055aa1faa0129fb4d9ac841f690b448724dae81aab74898e
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1TcCKFlMEInOC1e5Wpe1J~YoT~SOC9v07ZTfI0wzZrAiJ~i5k44N9AXx2s1EM2~C9TaAlF50fv97~oVXPHIKxY HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Mon, 02 Oct 2023 21:08:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QFRtcWzj4J8BmM6MFRqp6Q==
x-fb-debug: eZyj4nuLUmcsUzY9omP18W1V83QbSA94nEfaRPHru9o9mbDcTUoiQr0Bfzxdk8oHWGH3b/fVwSIcEq6M9u7eOw==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc31~L6yTg9vAktUQWcnOFAPmCoXEsvHh1Go7kRaP1BaXab2bR~5mbqLSkAxonsVDi0-
149.202.74.222200 OK 8.1 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc31~L6yTg9vAktUQWcnOFAPmCoXEsvHh1Go7kRaP1BaXab2bR~5mbqLSkAxonsVDi0-
IP 149.202.74.222:0
File type ASCII text, with very long lines (5812)
Hash ea09c93e6e85e735e358aaa66c641ee2
205cdff3ad9849152b6f71ec0af4d05540124951
6ffa8352fa3474985f3218115338361dc580b5791f966b18905a8fdaeb4caebf
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc31~L6yTg9vAktUQWcnOFAPmCoXEsvHh1Go7kRaP1BaXab2bR~5mbqLSkAxonsVDi0- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 04:53:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: keJU2MicAqHLlvY+eMCzXQ==
x-fb-debug: GKVav/5ff8jW6K2Tq1s9ONqA6W7677ftrjjS7Ki6PzRotXpNl/Zqp/KMHJ4dxstote/J64sIFWKfsKIFpIZYhQ==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1EJmt1a901j6k3AoaoFafozufrrmEKK0Uz72TSNbAVYTn1PzJ8P9AC70lCEtJX_v2_gckTlTlJAlAdtBZeERem
149.202.74.222200 OK 40 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1EJmt1a901j6k3AoaoFafozufrrmEKK0Uz72TSNbAVYTn1PzJ8P9AC70lCEtJX_v2_gckTlTlJAlAdtBZeERem
IP 149.202.74.222:0
File type C source, ASCII text, with very long lines (10492)
Hash 0a43c709ccda4eb01999b1c9fe953a42
1103519f09f61eacb49848834fd51c8b42a02d6d
802c281954ac05c6a39c42d2af195c03099573b90c0614e353271805e719670b
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1EJmt1a901j6k3AoaoFafozufrrmEKK0Uz72TSNbAVYTn1PzJ8P9AC70lCEtJX_v2_gckTlTlJAlAdtBZeERem HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 05:10:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: sjZnOd9xkAN5RaIn1RN5zA==
x-fb-debug: jvd6avCIXBr+GaADcsz2xpdQbA8eND3NMKnRUuOOkZlWk2kVC69ehq6urzezOnZacEDtwU1g9G1xwb+NeO0tbg==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc0r0oCh1qInyMrSDrSlXr0HfeYZXC3M2N_Rfptv~SrE62cK8CQWzn_ZzlcBZ52rHxA-
149.202.74.222200 OK 36 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc0r0oCh1qInyMrSDrSlXr0HfeYZXC3M2N_Rfptv~SrE62cK8CQWzn_ZzlcBZ52rHxA-
IP 149.202.74.222:0
File type ASCII text, with very long lines (7852)
Hash 30d2130a91730fc0ef2537045c7bf423
5d672398782f0e6a11e64680eab52f25bce5ba8b
57228b750daba8a160ab935c6264be2bf21233303ad301d86301235a613c0212
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc0r0oCh1qInyMrSDrSlXr0HfeYZXC3M2N_Rfptv~SrE62cK8CQWzn_ZzlcBZ52rHxA- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 04:53:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: xKaPNOFd3tHBxNEHb5LGbw==
x-fb-debug: ie2QZ+T1Pagq7GroupWmh9tLzbj7+9iVZs63IaBONU+kWEN85AQcP9GqX/2r6eqG+aCaOWhz4eRG6DpVEvYbrw==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc14Wy0opnXUHVqPQQGG7_cpjCnoQdgQGJhyl~nXm7~Awc5EY5pe9q3XnnTc4srwsyI4f90QR1X5idtNzY6JhJKZ
149.202.74.222200 OK 19 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc14Wy0opnXUHVqPQQGG7_cpjCnoQdgQGJhyl~nXm7~Awc5EY5pe9q3XnnTc4srwsyI4f90QR1X5idtNzY6JhJKZ
IP 149.202.74.222:0
File type ASCII text, with very long lines (9262)
Hash 82f2b2c17c07981cdf10da4f7def8dc1
43e0e11f36b0ea0c5a2178bf60dd2e44b04a79d2
7625a51b7fd1129ecd6d57d79f2fed965005c2534c60fa449f7ffb3ca6c3ef49
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc14Wy0opnXUHVqPQQGG7_cpjCnoQdgQGJhyl~nXm7~Awc5EY5pe9q3XnnTc4srwsyI4f90QR1X5idtNzY6JhJKZ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 20 Sep 2023 18:36:15 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: I0PbpTzo4HxtoAAo1cJLDg==
x-fb-debug: gVVswWr80iCHM/cBD6xVvd9vqMcYjkF2KoAPFYpXMvdoXp7UuYywfd53k8esbEBgx2qzzwadQIuZVVKxa4gnQQ==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=97
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3wmqibhGFm3~yY6qyX7nWRHGylNT~gZVXOy7Lcme1goWiEoLVra~0bcHLej8jUo0A-
149.202.74.222200 OK 50 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3wmqibhGFm3~yY6qyX7nWRHGylNT~gZVXOy7Lcme1goWiEoLVra~0bcHLej8jUo0A-
IP 149.202.74.222:0
File type ASCII text, with very long lines (5828)
Hash 4a7e9cc9c0a0bf781c65fc0539c874bd
acdaaba7869586727e6b68c6f6e94b57d735b1ea
13e2c865a25be4728dd7667065f0b87e8610a2ed81c280dff89bf08346264ca1
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3wmqibhGFm3~yY6qyX7nWRHGylNT~gZVXOy7Lcme1goWiEoLVra~0bcHLej8jUo0A- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 04:53:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CDWV2BySMG6fu3Teomld6Q==
x-fb-debug: nruVyG4v+RNU9jYyryIZnypy/ByITCL5zaHCP8uC3IRNwDmSiIqRdzIz5OnA9kvT6ltGyKBSaF04RZRSiDWCbQ==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc379exooJok2SBn2ebRdSXGkxXG6pM6hNDUwKKO71VsIEop2FalFaIU79lkaTUG2L8-
149.202.74.222200 OK 27 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc379exooJok2SBn2ebRdSXGkxXG6pM6hNDUwKKO71VsIEop2FalFaIU79lkaTUG2L8-
IP 149.202.74.222:0
File type ASCII text, with very long lines (7256)
Hash ce779b098e464f47863a1b443bcc9bcf
157eb8a9e197574268864933424f21e96aaaabb3
6072b5737204eee7fa3b15361171dac06140dd73bcc91ef819745d63fde6fa18
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc379exooJok2SBn2ebRdSXGkxXG6pM6hNDUwKKO71VsIEop2FalFaIU79lkaTUG2L8- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 04:53:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QaRCR/OxwPYVLp3qhkpMQA==
x-fb-debug: MLl9ipmNW9OJMpCQz9zg1f4r5jmxpNR31YaD+q10cJw8iMBy0iXD2BeTsytHXO28qgqihZ63yN/i1W8lC28EMQ==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1kqf2edyYlsaPzztTUxAcZg5HGt5voRCrqv_TNUPle5Sux1j6hyK9BYEOzs26QATxEfANJdbNc~ZXX42Mevedy
149.202.74.222200 OK 2.9 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1kqf2edyYlsaPzztTUxAcZg5HGt5voRCrqv_TNUPle5Sux1j6hyK9BYEOzs26QATxEfANJdbNc~ZXX42Mevedy
IP 149.202.74.222:0
File type ASCII text, with very long lines (2153)
Hash ff76e5dd22bc6a3754c72fc447512a84
d33cf0191ee4e21fef639793ede123b83426ccbf
d044a7e0b349a77b73489fcd9b3a95516e5ba485992c95bdaf5ff33122b22a61
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1kqf2edyYlsaPzztTUxAcZg5HGt5voRCrqv_TNUPle5Sux1j6hyK9BYEOzs26QATxEfANJdbNc~ZXX42Mevedy HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 27 Sep 2023 16:29:37 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 3uooRztRH/PISmg3mAEnbg==
x-fb-debug: Kyip24vRznLA/IHUahn5ecF/E2EGlGBrof13/n0tIaAf0jZY7rpERlS4UyYZqQUH+fL9k7c30Ipr6nfEJxydFw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Content-Length: 2935
Keep-Alive: timeout=5, max=99
Content-Type: text/css; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d7f815e0a9181f5e8ba654d25a075ef1
bfdfdd6cd4367f69acfa3d80097b58a148e2e61a
5fbb21911c5c727db507f3341388b4d50b3470befb22b11f09e50aa4aec71c60
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5FBB21911C5C727DB507F3341388B4D50B3470BEFB22B11F09E50AA4AEC71C60"
Last-Modified: Sun, 02 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5606
Expires: Tue, 04 Oct 2022 00:01:41 GMT
Date: Mon, 03 Oct 2022 22:28:15 GMT
Connection: keep-alive
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc2DqWZBHho2bZVyYbYUsVVbnjXrTCpm5ILcYlxttY~RXvWUTJhmYP4K3nDLYwPuu2YTjNJu5_QEQ1zbO3_fzSAg
149.202.74.222200 OK 167 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc2DqWZBHho2bZVyYbYUsVVbnjXrTCpm5ILcYlxttY~RXvWUTJhmYP4K3nDLYwPuu2YTjNJu5_QEQ1zbO3_fzSAg
IP 149.202.74.222:0
File type C source, ASCII text, with very long lines (7155)
Size 167 kB (167137 bytes)
Hash ec91d4c3d21fd8f58f004707b86a0d67
0867342ab60691e7abd00735245db80ce583218d
78d926d1fa53b4a619c8012108818144e270422d3b16ad778ee8ae69fa8f0c9f
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc2DqWZBHho2bZVyYbYUsVVbnjXrTCpm5ILcYlxttY~RXvWUTJhmYP4K3nDLYwPuu2YTjNJu5_QEQ1zbO3_fzSAg HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Tue, 03 Oct 2023 09:25:11 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: a5XARDlDRs1NWWWLlKhWIQ==
x-fb-debug: 7PG+hGoG1hgq2ajebwDbhcwnXW4iJIzjAhg4ISK/NxDFRSx7nVysEgBZc/PGfj5Yk9aJX4TdLETKTWGIYNsdmw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 21:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 22:08:43 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zbuRa8A8JCIH5iZ2YEU8qxpVc4RQMw_1Gpp2-Lht0DgBzMQOGFVSxg==
Age: 3522
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6409
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 22:28:15 GMT
Last-Modified: Mon, 03 Oct 2022 20:41:26 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.easycounter.com/counter.php?fattwam
52.1.22.171200 OK 1.8 kB URL HTTP/1.1 www.easycounter.com/counter.php?fattwam
IP 52.1.22.171:0
File type PNG image data, 150 x 20, 8-bit colormap, non-interlaced\012- data
Hash a5f6327c0e1480842a4b7a6815736925
a93c823eb71001fd8442f84bca5869c35b0dc87b
2aebcdfa68b0f8c0e6f6e34bf769c8313b0ffdc867cb614385a410a18f7b373a
GET /counter.php?fattwam HTTP/1.1
Host: www.easycounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 03 Oct 2022 22:28:16 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 22:28:15 +0000
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
fr.proxy.al/secure/n6fZg8TXKf62sTzKt46_bBgythI6Z0trkpCoEbh_JbOhJITHENsWZwhzOOpkuYnDUd~OND~21e7XKqIxdbIY8Q--
149.202.74.222200 OK 78 kB URL HTTP/1.1 fr.proxy.al/secure/n6fZg8TXKf62sTzKt46_bBgythI6Z0trkpCoEbh_JbOhJITHENsWZwhzOOpkuYnDUd~OND~21e7XKqIxdbIY8Q--
IP 149.202.74.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41492)
Hash 5ffe15019eb3074b0ee69a11685f3358
3f107aa6697a8354cad9a7853316f7bc37a409b8
1a011223b2f037fb6002c6e249eb2d7b8a242b7cdb72b74a13cdc348fc847fac
Analyzer Verdict Alert fortinet Phishing
GET /secure/n6fZg8TXKf62sTzKt46_bBgythI6Z0trkpCoEbh_JbOhJITHENsWZwhzOOpkuYnDUd~OND~21e7XKqIxdbIY8Q-- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
vary: Accept-Encoding
Pragma: no-cache, no-cache
Cache-Control: no-store, no-cache, must-revalidate, private, no-cache, no-store, must-revalidate
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/mobile.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
x-fb-zr-redirect: 02|1664922496|
x-fb-debug: ljYphnyJr31fj7GAcY1vDVkvYnM+r39LhdQOmahoxsdCc36hIpdobeA+aOLtyAK3kf6/jbKEgeV0JcuqbXlgfg==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr; Domain=fr.proxy.al; Path=/
access-control-allow-origin: *
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
push.services.mozilla.com/
34.215.107.141101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.107.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HO+KxYP2WRqv2MkF5b/75g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8xETolCZcHFgL2A5lC54IjGP3to=
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc2DqWZBHho2bZVyYbYUsVVbnjXrTCpm5ILcYlxttY~RXvWUTJhmYP4K3nDLYwPuu2YTjNJu5_QEQ1zbO3_fzSAg
149.202.74.222200 OK 167 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc2DqWZBHho2bZVyYbYUsVVbnjXrTCpm5ILcYlxttY~RXvWUTJhmYP4K3nDLYwPuu2YTjNJu5_QEQ1zbO3_fzSAg
IP 149.202.74.222:0
File type C source, ASCII text, with very long lines (7155)
Size 167 kB (167137 bytes)
Hash ec91d4c3d21fd8f58f004707b86a0d67
0867342ab60691e7abd00735245db80ce583218d
78d926d1fa53b4a619c8012108818144e270422d3b16ad778ee8ae69fa8f0c9f
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc2DqWZBHho2bZVyYbYUsVVbnjXrTCpm5ILcYlxttY~RXvWUTJhmYP4K3nDLYwPuu2YTjNJu5_QEQ1zbO3_fzSAg HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Tue, 03 Oct 2023 09:25:11 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: a5XARDlDRs1NWWWLlKhWIQ==
x-fb-debug: 7PG+hGoG1hgq2ajebwDbhcwnXW4iJIzjAhg4ISK/NxDFRSx7nVysEgBZc/PGfj5Yk9aJX4TdLETKTWGIYNsdmw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3l2L3IvUldjN1NKSzRyS3ouanM_X25jX3g9SWozV3A4bGc1S3o-+
149.202.74.222200 OK 8.1 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3l2L3IvUldjN1NKSzRyS3ouanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (5812)
Hash ea09c93e6e85e735e358aaa66c641ee2
205cdff3ad9849152b6f71ec0af4d05540124951
6ffa8352fa3474985f3218115338361dc580b5791f966b18905a8fdaeb4caebf
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3l2L3IvUldjN1NKSzRyS3ouanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 04:53:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: keJU2MicAqHLlvY+eMCzXQ==
x-fb-debug: GKVav/5ff8jW6K2Tq1s9ONqA6W7677ftrjjS7Ki6PzRotXpNl/Zqp/KMHJ4dxstote/J64sIFWKfsKIFpIZYhQ==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaUxsZTQveUIvbC9lbl9VUy9LWl9JdURVQ0JneS5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
149.202.74.222200 OK 40 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaUxsZTQveUIvbC9lbl9VUy9LWl9JdURVQ0JneS5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
IP 149.202.74.222:0
File type C source, ASCII text, with very long lines (10492)
Hash 0a43c709ccda4eb01999b1c9fe953a42
1103519f09f61eacb49848834fd51c8b42a02d6d
802c281954ac05c6a39c42d2af195c03099573b90c0614e353271805e719670b
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaUxsZTQveUIvbC9lbl9VUy9LWl9JdURVQ0JneS5qcz9fbmNfeD1JajNXcDhsZzVLeg--+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 05:10:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: sjZnOd9xkAN5RaIn1RN5zA==
x-fb-debug: jvd6avCIXBr+GaADcsz2xpdQbA8eND3NMKnRUuOOkZlWk2kVC69ehq6urzezOnZacEDtwU1g9G1xwb+NeO0tbg==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 429a962c9e9796af4cd7a3bb499a72b9
01d59b862d62ede70da6aef2ea8ce6731ec3c2f9
5767aa13c4cb06d50991f8e1851e30c6f6d365468353e3b68d5f19af6dda7fad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4988
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 22:28:16 GMT
Last-Modified: Mon, 03 Oct 2022 21:05:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lKL3IvU0w0dnVHa2M5Q0wuanM_X25jX3g9SWozV3A4bGc1S3o-+
149.202.74.222200 OK 36 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lKL3IvU0w0dnVHa2M5Q0wuanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (7852)
Hash 30d2130a91730fc0ef2537045c7bf423
5d672398782f0e6a11e64680eab52f25bce5ba8b
57228b750daba8a160ab935c6264be2bf21233303ad301d86301235a613c0212
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lKL3IvU0w0dnVHa2M5Q0wuanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 04:53:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: xKaPNOFd3tHBxNEHb5LGbw==
x-fb-debug: ie2QZ+T1Pagq7GroupWmh9tLzbj7+9iVZs63IaBONU+kWEN85AQcP9GqX/2r6eqG+aCaOWhz4eRG6DpVEvYbrw==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k2L3IveUV1aFpZMkphakguanM_X25jX3g9SWozV3A4bGc1S3o-+
149.202.74.222200 OK 50 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k2L3IveUV1aFpZMkphakguanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (5828)
Hash 4a7e9cc9c0a0bf781c65fc0539c874bd
acdaaba7869586727e6b68c6f6e94b57d735b1ea
13e2c865a25be4728dd7667065f0b87e8610a2ed81c280dff89bf08346264ca1
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k2L3IveUV1aFpZMkphakguanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 04:53:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CDWV2BySMG6fu3Teomld6Q==
x-fb-debug: nruVyG4v+RNU9jYyryIZnypy/ByITCL5zaHCP8uC3IRNwDmSiIqRdzIz5OnA9kvT6ltGyKBSaF04RZRSiDWCbQ==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=96
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 429a962c9e9796af4cd7a3bb499a72b9
01d59b862d62ede70da6aef2ea8ce6731ec3c2f9
5767aa13c4cb06d50991f8e1851e30c6f6d365468353e3b68d5f19af6dda7fad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4988
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 22:28:16 GMT
Last-Modified: Mon, 03 Oct 2022 21:05:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lyL3IvX29QbEYyVjF1YUYuanM_X25jX3g9SWozV3A4bGc1S3o-+
149.202.74.222200 OK 27 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lyL3IvX29QbEYyVjF1YUYuanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (7256)
Hash ce779b098e464f47863a1b443bcc9bcf
157eb8a9e197574268864933424f21e96aaaabb3
6072b5737204eee7fa3b15361171dac06140dd73bcc91ef819745d63fde6fa18
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lyL3IvX29QbEYyVjF1YUYuanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 04:53:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QaRCR/OxwPYVLp3qhkpMQA==
x-fb-debug: MLl9ipmNW9OJMpCQz9zg1f4r5jmxpNR31YaD+q10cJw8iMBy0iXD2BeTsytHXO28qgqihZ63yN/i1W8lC28EMQ==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=97
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3Ddwz6d4WBqQEBncFfuaNNhkT~QOYL7bASClA7EsSTrg--
149.202.74.222200 OK 14 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3Ddwz6d4WBqQEBncFfuaNNhkT~QOYL7bASClA7EsSTrg--
IP 149.202.74.222:0
File type PNG image data, 301 x 1208, 8-bit colormap, non-interlaced\012- data
Hash e4442ca22fee86bc5cc7fdfe28093789
93cdd53ce314ffead6435fad78313381f00f1527
b1733e3fc609941a74de9c53b960b1de453ec0d26d266ecdd4cf93abe2cf0365
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3Ddwz6d4WBqQEBncFfuaNNhkT~QOYL7bASClA7EsSTrg-- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1kqf2edyYlsaPzztTUxAcZg5HGt5voRCrqv_TNUPle5Sux1j6hyK9BYEOzs26QATxEfANJdbNc~ZXX42Mevedy
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 5EQsoi/uhrxcx/3+KAk3iQ==
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Fri, 29 Sep 2023 06:03:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: NTNjhnQ20xNCKNcJ5dLvKGYfhvfZco3Kvcf6c6a08SqKdjuUpHT8WwhFSZyYCzqyKJJt1MKHifkesKxbUEyohw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=97
Transfer-Encoding: chunked
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 429a962c9e9796af4cd7a3bb499a72b9
01d59b862d62ede70da6aef2ea8ce6731ec3c2f9
5767aa13c4cb06d50991f8e1851e30c6f6d365468353e3b68d5f19af6dda7fad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4988
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 22:28:16 GMT
Last-Modified: Mon, 03 Oct 2022 21:05:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3iLle4/yB/l/en_US/KZ_IuDUCBgy.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLle4/yB/l/en_US/KZ_IuDUCBgy.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (10492)
Hash fe0ae0cc888273616c5b3a44922b2602
5dfbbc7177533d43b5d2c8919366b728d756a12f
0c06722d613180c5806c1ae9e8e068296b12dc719d196b75a013ee426ab26fc3
GET /rsrc.php/v3iLle4/yB/l/en_US/KZ_IuDUCBgy.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:59:53 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: /grgzIiCc2FsWzpEkismAg==
x-fb-debug: CImUAgEVaJAgjPytgbbgNu+1I9qIosTdw1D/FN/iQWcX5RMVutb5qXUWmCfyhgZnlxDZ9y71PN1UxILe96FxDA==
priority: u=3,i
content-length: 12232
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 429a962c9e9796af4cd7a3bb499a72b9
01d59b862d62ede70da6aef2ea8ce6731ec3c2f9
5767aa13c4cb06d50991f8e1851e30c6f6d365468353e3b68d5f19af6dda7fad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 22:28:16 GMT
Last-Modified: Mon, 03 Oct 2022 20:52:25 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 429a962c9e9796af4cd7a3bb499a72b9
01d59b862d62ede70da6aef2ea8ce6731ec3c2f9
5767aa13c4cb06d50991f8e1851e30c6f6d365468353e3b68d5f19af6dda7fad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4988
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 22:28:16 GMT
Last-Modified: Mon, 03 Oct 2022 21:05:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/yr/r/_oPlF2V1uaF.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yr/r/_oPlF2V1uaF.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (7256)
Hash 64ea7e6b59283ac7ec2befd468b47855
c8a859547241badefed3d202d946975b085d3225
c109985bfe7c900c8160e707a04628e7f3eb993c7385906fb83ccb1e2577e95e
GET /rsrc.php/v3/yr/r/_oPlF2V1uaF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:19:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ZOp+a1koOsfsK+/UaLR4VQ==
x-fb-debug: uwuXb6aMCo8a9nIWAeDvG4+TPqsi7uyDMDwFekGTWag0F8hxr0PDehqnSKNlZ3r4YmgMkW8bHniLGtb49xpHiA==
priority: u=3,i
content-length: 8592
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.serveuk7.com/public/cache/fe9be950129735bbb9f4afea4e5b8ab2.js
104.21.0.90200 OK 5.6 kB URL HTTP/2 www.serveuk7.com/public/cache/fe9be950129735bbb9f4afea4e5b8ab2.js
IP 104.21.0.90:0
File type C source, ASCII text, with very long lines (3154)
Hash da2dbdc6e48e0bcc8129b2f19abe45da
bcbd6eda9e73eff7e66938f0b9b9fdfa4fa31a4f
dc0aa212f85f004525dde73a829e7d955adf384ae582caccb19d4f9532fde0af
Analyzer Verdict Alert fortinet Malware
GET /public/cache/fe9be950129735bbb9f4afea4e5b8ab2.js HTTP/1.1
Host: www.serveuk7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 22:28:15 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=9361
etag: W/"2491-5d3674ae04b69"
last-modified: Sat, 18 Dec 2021 08:17:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2678400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WobocE0ppfU25ePKwC9BrIUzXjbjDykJarH8eSSM0CH5qohpXU8sZOOYlLCETQx9EFEIMOzxIVawn4ucfGNG0vpvDJ51UxvwqByHuGL5nNHoYQjcSbhJrwwrg1m%2FMnPUxrcl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75491c1b3ba5b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/SL4vuGkc9CL.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 11 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yJ/r/SL4vuGkc9CL.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (7852)
Hash 31547837f66caa7e831830be5497b540
447bacd76a0bbfef8cb0399a77cd0ad67935c502
6f39c9c8b55b60c1421b80d73d7c085b0ff10c05f5f4c83ea4657e0786ff7f99
GET /rsrc.php/v3/yJ/r/SL4vuGkc9CL.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:19:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: MVR4N/Zsqn6DGDC+VJe1QA==
x-fb-debug: 3Ff0dGUpbiglIERIbQjbQa25y2ckmqjtdIRqjLqboLQXK0wmnlZU60V2mmXFaY1KTvRQ5Zjhtj4gbizrGUSK7w==
content-length: 10718
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/yEuhZY2JajH.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 14 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/yEuhZY2JajH.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5828)
Hash 8994eedaddc14247ca2f243292c62058
09645239e9618f0324c13de93433e16e5bee1d8c
959de457f4bd0371f44926fe0dfd748040f584ff87380344c5a4d3128ed12641
GET /rsrc.php/v3/y6/r/yEuhZY2JajH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:19:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: iZTu2t3BQkfKLyQyksYgWA==
x-fb-debug: RntWihrz3fwJo4C3FkJW82wQjp8Nnn7zeKR1XbRKqF4KgEMOrDiGZPLQm6G8hR053wSknpgo/tOj5OLEg5zLHQ==
content-length: 14530
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3SlIpkpVsh1ujfSwOMSTo3_sJD1d6r0OonNdUcJ4AyKA--
149.202.74.222200 OK 24 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3SlIpkpVsh1ujfSwOMSTo3_sJD1d6r0OonNdUcJ4AyKA--
IP 149.202.74.222:0
File type PNG image data, 124 x 255, 8-bit/color RGBA, non-interlaced\012- data
Hash 85a9381cd17ac16ab2e725f3f10f77e2
4bbd471416fe83f42f70789a4853f5afd4487d2d
f8136751d15a7a0e4942ec9f2f27c2d57044d0050bcaed3be52214fd0ec10269
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3SlIpkpVsh1ujfSwOMSTo3_sJD1d6r0OonNdUcJ4AyKA-- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3OoQVNtjQr51hWW4aIRrwNHJ68IjR5Un9XWPdpZk_nO_au9miSOUsrxpUcKvPZuPugZvSSpStvHgIF7GbzqHwR
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: hak4HNF6wWqy5yXz8Q934g==
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Mon, 02 Oct 2023 18:53:42 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: LwQ7Xc0CMUP1A4u8ynLOuvq0x9tkd/T0l9ZsXsKxpH/q24wNUge8fjjQqHJWBz6EQE/OQPPEjSJVUFhzdILXMA==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=97
Transfer-Encoding: chunked
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 429a962c9e9796af4cd7a3bb499a72b9
01d59b862d62ede70da6aef2ea8ce6731ec3c2f9
5767aa13c4cb06d50991f8e1851e30c6f6d365468353e3b68d5f19af6dda7fad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 22:28:16 GMT
Last-Modified: Mon, 03 Oct 2022 20:52:25 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4614fd870375b9d9c08200cc68ec10ba
22907a1cec6d882ff107f10b7b0ed084704e04a2
acacdfd03a832420f6d7c2e60288f39990c83a719c1c7ad28225abbdb5c4f1cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACACDFD03A832420F6D7C2E60288F39990C83A719C1C7AD28225ABBDB5C4F1CF"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=304
Expires: Mon, 03 Oct 2022 22:33:20 GMT
Date: Mon, 03 Oct 2022 22:28:16 GMT
Connection: keep-alive
servecontent.net/content/www/d/sala.php?zoneid=10&cb=86211442368&charset=UTF-8&loc=https%3A//fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
135.148.245.193200 OK 594 B URL HTTP/1.1 servecontent.net/content/www/d/sala.php?zoneid=10&cb=86211442368&charset=UTF-8&loc=https%3A//fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
IP 135.148.245.193:0
File type ASCII text, with very long lines (542)
Hash 488c3c6d3aabac17a8e0c8d40b44185e
7555c7e3f2f3d344d3bafc693fca9bf3106ea19a
1bc4de2a95777e9802a94a2bea73b92947e5eecfd101487e94073fdd28c121ea
GET /content/www/d/sala.php?zoneid=10&cb=86211442368&charset=UTF-8&loc=https%3A//fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q- HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Tue, 03-Oct-2023 22:28:16 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Length: 594
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
static.xx.fbcdn.net/rsrc.php/v3i8594/y9/l/en_US/WA63AP4cyEc.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3i8594/y9/l/en_US/WA63AP4cyEc.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (6339)
Hash f9b5ef72da62a6a805292bb9c658b90f
1edc1faa46f650646f283ad3b7c36fca852c0db5
3eecfe5f16307ca52d461784ede16e9549ca9886ddd8b34babe56b9d2196f792
GET /rsrc.php/v3i8594/y9/l/en_US/WA63AP4cyEc.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 05:30:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: +bXvctpipqgFKSu5xli5Dw==
x-fb-debug: xuxB1XoTVrt8cYAbz17saj7V1q/HExQ6DWGy0FVcFkzcqrVqvuAGP5W4yGZPKvpfIFIDGjk55YKjLITtbbR7dg==
content-length: 7044
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y1/r/XaJdrZYWMLj.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y1/r/XaJdrZYWMLj.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (8258)
Hash 7cb3ab50049e4e053d36e7f43b124f0d
d9715334d898a23c663ae442a40002a24b3eea2a
ba898f0ef52bb995d0bfedba9c7cff7de58e30d7d11b6c0cd104583f880e1103
GET /rsrc.php/v3/y1/r/XaJdrZYWMLj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:19:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: fLOrUASeTgU9Nuf0OxJPDQ==
x-fb-debug: SWCk5klsEvEBsQMkzsTCkdFnM2VZqJ7ayn36eMVpa2V9xNajrJSL3KWxYvjIxx6p0HhBMQnXB5CGdR05+pPHWA==
content-length: 12016
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/r/9ru_1tgNlcU.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 3.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/9ru_1tgNlcU.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (3402)
Hash 475d21a6584991c2000ed3ee443f8047
8aaaea0fa684dc85e08ada4232fc56793939d24b
03bcc1f122631b89306e3a3a673aaa2f865d450b32736b6adbdda30802952d21
GET /rsrc.php/v3/yi/r/9ru_1tgNlcU.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:50:06 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: R10hplhJkcIADtPuRD+ARw==
x-fb-debug: 6LYKm9LpbvPDwH2gyC7C9yKHmlAfV74r/S2x+CwHqTnlCEo6YKcG3aAY5oy9QvHOZv0Q6s/hdm0bLBYkwr1yfg==
content-length: 3023
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/nRrclXOBDpR.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/nRrclXOBDpR.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (12574)
Hash 4e24ba50b11d81161a1c0d32cbf749cc
6637b7e4fdbfa9d497a218c879d67d76a4f60dec
51ec4e59924aae00662847ac2ad055073dbcfe496325764c6a69ccb9f34e39a9
GET /rsrc.php/v3/y6/r/nRrclXOBDpR.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 01 Oct 2023 17:56:52 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: TiS6ULEdgRYaHA0yy/dJzA==
x-fb-debug: ZNDOg73gLgnhzWXUzhJhkaGKDBIEzM8g5ah72gBOERvwed3ubH2iWHgSA3ShH0kwL0cqU1qB+BiVOYyh6m5DLg==
content-length: 7239
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/wFnhgBAVAb_.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/wFnhgBAVAb_.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (11862)
Hash 7724406dd732802951cdbeaee96db2ed
65d4ec7a4935fc8583c55eb507de6e18b4f04b58
9731bc7ff277a81b73a04871dd411f84b9bb72c79ccfc9d1fa7a51c6aa0b2c4c
GET /rsrc.php/v3/y-/r/wFnhgBAVAb_.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:20:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dyRAbdcygClRzb6u6W2y7Q==
x-fb-debug: te1k7xhEoD2A9snxr6R8tftr0oomgZ9itkNEfgv1issbj8rTi6x8kNrGuAL9KhY1fr0YyiS+5WKtppd1IYvIQQ==
content-length: 6980
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ZFyQ2XtVN7Z.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yo/r/ZFyQ2XtVN7Z.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (7325)
Hash ff5801bb066aaca7b0ad082520d4d4ae
55bf0c69aa94700d1d120843282789ff01d0ed86
3f27a9e798cb3388985ae5e74715c0dc0d59fa3a3ff5fdc65049fc0df62c538a
GET /rsrc.php/v3/yo/r/ZFyQ2XtVN7Z.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 02 Oct 2023 19:06:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: /1gBuwZqrKewrQglINTUrg==
x-fb-debug: Q5wHDNT+RoAQZI6/0i8hzgT148oumfwWxpL0kJJatXjjtv4Oeo6D088aXx3o3eShS8rmvq5zWam3/2VdzLMxnw==
content-length: 4578
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ya/r/aJf13HRCfaQ.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 10 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ya/r/aJf13HRCfaQ.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18913)
Hash 47a0989079075ab388d29378255362b3
a81a5832b5a56ba2ae020bae45c0e6bfbd24eebd
c44cc75c347abb15771ce2fb32210b10cb101072c394d276dbf503f9d9edcf95
GET /rsrc.php/v3/ya/r/aJf13HRCfaQ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fr.proxy.al
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 20 Sep 2023 22:43:06 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: R6CYkHkHWrOI0pN4JVNisw==
x-fb-debug: azEGeB20VzLtDQkDeMRGEhONsS2LrRSS5VETSLdbYOdQRyYd83neL6SIrdET0YpQTX1SsguVsgXpnPaGA3s7yg==
content-length: 10425
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaTg1OTQveTkvbC9lbl9VUy9XQTYzQVA0Y3lFYy5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
149.202.74.222200 OK 22 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaTg1OTQveTkvbC9lbl9VUy9XQTYzQVA0Y3lFYy5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
IP 149.202.74.222:0
File type ASCII text, with very long lines (6339)
Hash 54e3c9dc7eae26948c35296fe176c0b4
8b3323fe5b07403b8c355a439cfeea3eb5479854
ad567e5813cac4883a448dc0efcc4fff61fff0f5f137ed03be21d827ee1d7430
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaTg1OTQveTkvbC9lbl9VUy9XQTYzQVA0Y3lFYy5qcz9fbmNfeD1JajNXcDhsZzVLeg--+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 05:31:34 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5MIWMhQKNINvMZRXoAIXuw==
x-fb-debug: 6pwFZpJG5i1Gjmmk3wC6nF6HOtWd6cW9EKfSAVN9VQnvCtvT2yzWL2kpG2eChGBHy+T06waV9UHqXbZl1GGGtQ==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=96
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3kxL3IvWGFKZHJaWVdNTGouanM_X25jX3g9SWozV3A4bGc1S3o-+
149.202.74.222200 OK 39 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3kxL3IvWGFKZHJaWVdNTGouanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (8258)
Hash 896ab9eeef0e4520ba72fedd9db25105
8575084aa8a17c5ac3f9c3d621eede7785306b27
4b3c58a545762e82de7657a368adf4a669756d9dab35b1ca3bb5563af7ef0e4c
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3kxL3IvWGFKZHJaWVdNTGouanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 04:53:26 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ni8un91714yAG0ZSweK9oQ==
x-fb-debug: UyXs0zE5I6lZJu879WAzUeZ0ewKmIRD7bbSAkvrolfIhXMJOQbdz5ReVDE0Cq98KCCYQpDh1zG9JYYNk5lKu+w==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=96
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lpL3IvOXJ1XzF0Z05sY1UuanM_X25jX3g9SWozV3A4bGc1S3o-+
149.202.74.222200 OK 9.0 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lpL3IvOXJ1XzF0Z05sY1UuanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (3402)
Hash 199e13a3fbcaf41b210e4980a7d65f0f
d4d7a2474a461952d3c8d1fde482d1731ee55559
8bb4fa7baef985d734af6dd3130bbe6cbbd3549e06a05b1a2fbfa29a9c0f1aca
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lpL3IvOXJ1XzF0Z05sY1UuanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 04:53:26 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: gDkISJSfez4vgSlR+AB3dQ==
x-fb-debug: Je4dMPCnXZKNo5dSd3IdEkNfLC1IQEt+21ijqPR+Ux/TRpZzzlJ2iwqU1pPKExd6Nfgac+r/xKMK1vgljXR3rw==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=95
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
servecontent.net/content/www/d/noah.php?bannerid=0&campaignid=0&zoneid=10&loc=https%3A%2F%2Ffr.proxy.al%2Fdirect%2FaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-&cb=a03d83b31f
135.148.245.193200 OK 43 B URL HTTP/1.1 servecontent.net/content/www/d/noah.php?bannerid=0&campaignid=0&zoneid=10&loc=https%3A%2F%2Ffr.proxy.al%2Fdirect%2FaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-&cb=a03d83b31f
IP 135.148.245.193:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /content/www/d/noah.php?bannerid=0&campaignid=0&zoneid=10&loc=https%3A%2F%2Ffr.proxy.al%2Fdirect%2FaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-&cb=a03d83b31f HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Tue, 03-Oct-2023 22:28:16 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Length: 43
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: image/gif
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1680
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: wpNb4ltUkLs2FeKo8xNH+lI+c5aJxX92vbUQXEpWXDhoyZoDmn7GqzZAj9CVSZbXZAVzU6zCRD9s4KyjVUGWPA==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k2L3IvblJyY2xYT0JEcFIuanM_X25jX3g9SWozV3A4bGc1S3o-+
149.202.74.222200 OK 26 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k2L3IvblJyY2xYT0JEcFIuanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (12574)
Hash 08554516aa2943a4d0e81b4d301fcc19
b5ca2f0f0287ea24a0fac48f5a401f2a79690ce8
bbc7b0f6c7a51eac39306a7a5033c47ad05d9c905c57af0e0b76ce9f6be0c11a
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k2L3IvblJyY2xYT0JEcFIuanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sun, 01 Oct 2023 18:22:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: zFjlAEEiPe2RnqaFoCqLEQ==
x-fb-debug: p6nGsjyZeR75G5j+TCgC0yQy6XdnFIeGNQHlTN2dZJdmE3JPnY0b4Nuf1zEHmJrWiPnZ9Zbw0b7mfPROsPNOoQ==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1680
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: CGJAEwNxsFdDhrOUzK2hOtHyNHz+pQQoB/t1e7IlbgjmKvbwVsq6INSU8q1o8BgxKoieSLJsvAQjNiTs0JqU1A==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lhL3IvYUpmMTNIUkNmYVEuanM_X25jX3g9SWozV3A4bGc1S3o-+
149.202.74.222200 OK 25 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lhL3IvYUpmMTNIUkNmYVEuanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (18913)
Hash 0a5714750c5fd0ba5626dc3e7ea61f35
75b5af2e204f300557dd59c95df191c65e11cbba
b2fc921a69e4476f5b042b145da997f48362c01c8e7c4c74a068e32e1fb8656a
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lhL3IvYUpmMTNIUkNmYVEuanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sun, 01 Oct 2023 06:10:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: EEa8RnYeuv4SjHmN9tJl3Q==
x-fb-debug: Ocqxqsw1a7tUKeGj6EJHVM07D9Dgxhs5ITUB3T89ysI+xO/HgdbzVwpQL8d+iXFro2dnW2yXz44tz9NW+FRRow==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=95
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/direct/aHR0cHM6Ly9zY29udGVudC54eC5mYmNkbi5uZXQvaGFkcy1hay1wcm4yLzE0ODc2NDVfNjAxMjQ3NTQxNDY2MF8xNDM5MzkzODYxX24ucG5n+
149.202.74.222200 OK 79 B URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zY29udGVudC54eC5mYmNkbi5uZXQvaGFkcy1hay1wcm4yLzE0ODc2NDVfNjAxMjQ3NTQxNDY2MF8xNDM5MzkzODYxX24ucG5n+
IP 149.202.74.222:0
File type PNG image data, 10 x 10, 8-bit/color RGB, non-interlaced\012- data
Hash 8dc258a49b60fae051e9a7ce11ad05cf
dafef280663f4205fc7f0e47799e9945e6a68d6d
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zY29udGVudC54eC5mYmNkbi5uZXQvaGFkcy1hay1wcm4yLzE0ODc2NDVfNjAxMjQ3NTQxNDY2MF8xNDM5MzkzODYxX24ucG5n+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Mon, 03 Oct 2022 22:28:16 GMT
cross-origin-resource-policy: cross-origin
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
access-control-allow-origin: *
Keep-Alive: timeout=5, max=95
Transfer-Encoding: chunked
Content-Type: image/png
servecontent.net/content/www/d/adale.php?refresh=60&n=a4dc702b&zoneid=8&target=_blank
135.148.245.193200 OK 1.6 kB URL HTTP/1.1 servecontent.net/content/www/d/adale.php?refresh=60&n=a4dc702b&zoneid=8&target=_blank
IP 135.148.245.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (707)
Hash 85beb079bfc9aa1850204bd716640662
df5d8bf0fb2b85f4f9542d159ebe26ed54e44a9b
7cf50b675ab69532efe61c0c9460b779a7c3ad686b3425888f84de4a5eae14c9
GET /content/www/d/adale.php?refresh=60&n=a4dc702b&zoneid=8&target=_blank HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Cookie: OAID=01000111010001000101000001010010
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Tue, 03-Oct-2023 22:28:16 GMT; Max-Age=31536000; path=/; secure; SameSite=none
OAVARS[a4dc702b]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%228%22%7D; path=/; secure; SameSite=none
Content-Length: 1575
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3ktL3Ivd0ZuaGdCQVZBYl8uanM_X25jX3g9SWozV3A4bGc1S3o-+
149.202.74.222200 OK 24 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3ktL3Ivd0ZuaGdCQVZBYl8uanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (11862)
Hash 43eff662cbe421487bace7b90a1f40cb
0645edf473cae5aa595d92fed11642d9caa233ca
b3a65b8b917e75919d02c55ecf0cd6081f19936a6aeedab624043e9da55a98aa
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3ktL3Ivd0ZuaGdCQVZBYl8uanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 05:02:38 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NUJnZWqxws62F1/FWgxvGA==
x-fb-debug: GH+BNde1CpbVFFY7iUee0Gml9dl/fTvckpwO/rFLLWi8TPBthcVlr7f4rzYhjBNP0XaRZBLAD/DoXURuEtmwFQ==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lvL3IvWkZ5UTJYdFZON1ouanM_X25jX3g9SWozV3A4bGc1S3o-+
149.202.74.222200 OK 16 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lvL3IvWkZ5UTJYdFZON1ouanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (7325)
Hash ee5655d9072dce107f83ef09f8bf69d9
0387716ea5b90c6b74145f9ffa08296ee498523a
f37ac910b8a5b7a0d0812a93e148f7e84bf4b86ea0f675d65b205171d7d59e70
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lvL3IvWkZ5UTJYdFZON1ouanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Mon, 02 Oct 2023 19:17:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: 2tPWgeySBMNmIDt4mnGShQ==
x-fb-debug: CXYLa6WGGSzLXUb7fvJ5QJ8tDQG9xqdw72E9Qjo76ZC18qgX9nkC0yHyI/ozJkDeixC2WcH3xpnNUHQ/RmeuFw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=96
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116440 bytes)
Hash 71eae45c5406a44ad3148c8cabd7e053
250b84f4f182d00d6104267824da3f380369060b
ddacc9bab77a1e941bb23f368c2bc4567f7bdcbd88f59251efccee7cb5e2e109
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116440
date: Mon, 03 Oct 2022 22:28:16 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
servecontent.net/content/www/d/adale.php?refresh=60&n=a3bcf696&zoneid=9&target=_blank
135.148.245.193200 OK 1.6 kB URL HTTP/1.1 servecontent.net/content/www/d/adale.php?refresh=60&n=a3bcf696&zoneid=9&target=_blank
IP 135.148.245.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (707)
Hash 6de883895bc18c793a2654a6f08eba4e
c7f65be5e2e86f6bc0502d04d4f7804b18fbee75
bf41c37f62cc2f8a878de7d3b523772880e2d079c4408fe65bb8db90236207a5
GET /content/www/d/adale.php?refresh=60&n=a3bcf696&zoneid=9&target=_blank HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Cookie: OAID=01000111010001000101000001010010
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Tue, 03-Oct-2023 22:28:16 GMT; Max-Age=31536000; path=/; secure; SameSite=none
OAVARS[a3bcf696]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%229%22%7D; path=/; secure; SameSite=none
Content-Length: 1575
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 22:28:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1632
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: IKs3wficG1vFSWGhxBtmgJ9Y8Uiysbz2AY/rYFh6jbm0vm8YbT/PqkVdnkDmCGQLCOfoJS4kTxTw5rrF43En4g==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3K2S7LThq9BxquPdc0Nxiaoc_iywKGVd9~7gQoOWSabg--
149.202.74.222200 OK 6.7 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3K2S7LThq9BxquPdc0Nxiaoc_iywKGVd9~7gQoOWSabg--
IP 149.202.74.222:0
File type PNG image data, 196 x 196, 8-bit colormap, non-interlaced\012- data
Hash 389dfa18be34d8cf767e06fd5cde4ec6
47b751cffab47d076816c63ce08d3e84600376ee
3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3K2S7LThq9BxquPdc0Nxiaoc_iywKGVd9~7gQoOWSabg-- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OJ36GL402M92fgb9XN5Oxg==
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sun, 01 Oct 2023 03:45:43 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 2iiPTfRpe6PXD7gn0FOdXlZ98NYsRuiAF90Dq1vzCgdHh9CPEZyX/vIzdM5wFrFaHUNHOaZSDbx/lnUc/5iesA==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=94
Transfer-Encoding: chunked
Content-Type: image/png
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 03 Oct 2022 20:41:09 GMT
expires: Mon, 03 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
age: 6427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1762
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 0UQBrvA/pNjLwa6d2JkOBZhP7RYUltjusw1KYHVILSeWEmMWGsQzUUMEMm2b1CWMK/OG/CTtWWR2LhrpXBiVKA==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2018
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: BpNvKCG5uY+tbXBYMFZ81eGPYh4BcYu7Tv9DdQVCSl0ki13D7hqAy7goQHtR0NN13pQybkaVTJx70EIXFQ31vQ==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1742
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: J9lT+NqY/sTx4OrnGDkQ2BiT5ovSqV5SGXifQ0LujNyIShkka+qKRUXNsRQMzxw9VRf2NBXtJsTWFg8EeS67rw==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1700
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: M1O66CFkir8EfiKJxPuTLyQIICn/4IeWTJ9v7Y5YTmf2zy5Yh/Qks9WIRhrwhytQ2oUHqyV1r2ommwELN19l8A==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1742
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: t8yjGLz5fXmfXJBy53apPdI/S1i5Q9JeKj0oQt8cTUThngpgrSzetcSlNleyP9jQ8sUfiG/uFjm1uFUIDwJe0A==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1700
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: udbgvx6kEIh6YOEdOyW6xNU2xRKmqMLvSgy2H4qk/9e/UBIx/LYVFacuYNGjQXV8nSJG3/45SY2Wxf1KqfVoCw==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1646
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: PIqv/hCFV3VfQlTf3Rl3YzQKZY19JIdFIYuj3DXgT1gCOaJP2149pJ9k8NmsYoCOKIgImIn5DlKKCQSoOHat5w==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1640
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: sJeSHA8PtQqSS/exBe20luiv1L8MEXPpmLvWMtSjGx7R/Vyl9TQrP2XdBib0vSew9EujGR1d93b8MFho6l0EDA==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1647
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: TkhteK6AJJ4HC4b8NvAXLdu8X90AdwVFpZILox3GvRE+hOYJrCrt0RJvCLOant658be88cxppGkmrWoHNkfznQ==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2018
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: QoxLQmyFul6JWnkF4UaTmsGK96NiF0AHhtUpB9LxRshhowg24WsDfLv6NsTBBQa79F22m0OSQT7WJCnEKRT3sg==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2004
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: XR6oSp5OPeTmYyrMTj0gAEHY5lB9IRkmajEw1/FSeVQF+l6stjmW9jhIzFuirrWdcoPKfp+lQWEy36xIatg7RA==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1882
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: qIcgVfxxMETjJCgL6WxAiL2v1HxcehHxo/RS0jiVc5nvazHKV+LZwqDINpn+qD4KckHILtfRS0ZMbEKac1wiCQ==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2018
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 4LzycuRoo598aTL+QkEvYBiB6B3cWcSf4OS7I0PlI0ESabnYS94zKTtzwNPAhBALrlsmeZj2tQvVD8jA6qx0Vw==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1700
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: gdBTa6liWGUd1T7QCDNa0AK/ao4BJ1aGA41JGH/qpEeJA1k0WDLXe/SNlG7JM2sPiRaqvTWb9rpd10F7NXg+zQ==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1762
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: pm5ez04vj5qA+/HHEh/fFap8T3ZlOj2kBsQ8jDbkpyHpZy9KBv9XZjtJsmpYIyZHjBaF8kwXytbyCCDuTgi84w==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1846
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: HwQxepvdMuWjYx+q1ewQH8dnnC+qMe0iaojHIdi7bwE4Snm3gYC8QY9UxVXsHHEQ8UpiKtCYcORpBrg7DfNR4A==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1742
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: enGjFQIPgGqgiypnmiTU+IWjHbo1EfgG0zTCGSV2vWYjTJ+gsY2u7m4ix8F49cN5h6HkW/YYk7IYhFvZxWicww==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1631
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: zO7vO7hXfj51KE8fOnxwkbZKd/8cGe14sbeOn3gmoYKX2pMGh0KwarfeFxn5F6HVD5Op6Y68olHGUpKFG6jjwA==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1661
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: gDUfbKtAqAN0esmzq35P2yEjez8P5fOyT3d7LULk+JN1yGZKPyNEVYBP/zUwnLwgQf9VU1tWfKUwXkQl9Lff8w==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1645
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ycbhjxO+Glev8vg/5DoMQMc9jEy+1N2ouqsFx2Y6a6MEZlU7LpMCV27hQV4ZmdEIHmJaTmd041mgBGVBS+r7yg==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1635
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: LwXuCjIeHRtigjg+Ai78DJkQ0/4kpfNHz+w0bGY4r0DhCx9g0u5qa5SgwqKPNP5+5FVJxWtGEWfCVojhwSc/lw==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1742
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: aOjGLyV5+X01hke75XELZEudaTlIsikfIxwPklwkzd8iMqAMbOc0Z6wUhwQhJQq/N7eWgjnJ1YTcMbp+xzxG9A==
content-length: 0
date: Mon, 03 Oct 2022 22:28:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
servecontent.net/content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=8&loc=https%3A%2F%2Ffr.proxy.al%2F&cb=be22640c46
135.148.245.193200 OK 43 B URL HTTP/1.1 servecontent.net/content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=8&loc=https%3A%2F%2Ffr.proxy.al%2F&cb=be22640c46
IP 135.148.245.193:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=8&loc=https%3A%2F%2Ffr.proxy.al%2F&cb=be22640c46 HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://servecontent.net/content/www/d/adale.php?refresh=60&n=a4dc702b&zoneid=8&target=_blank
Cookie: OAID=01000111010001000101000001010010; OAVARS[a4dc702b]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%228%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Tue, 03-Oct-2023 22:28:16 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Length: 43
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/gif
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 22:28:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
servecontent.net/images/6071643724afa565b894d47d171636ee.png
135.148.245.193200 OK 24 kB URL HTTP/1.1 servecontent.net/images/6071643724afa565b894d47d171636ee.png
IP 135.148.245.193:0
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 6071643724afa565b894d47d171636ee
8f98aae05d07ea0adf350bd6cd51e9fefc979396
809aa7a19416b5aa3d28da7750b5f065ca3764f0f37a4048fea153deccea1c29
GET /images/6071643724afa565b894d47d171636ee.png HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://servecontent.net/content/www/d/adale.php?refresh=60&n=a4dc702b&zoneid=8&target=_blank
Cookie: OAID=01000111010001000101000001010010; OAVARS[a4dc702b]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%228%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 20 Dec 2021 07:34:26 GMT
ETag: "5f95-5d38eeb193057"
Accept-Ranges: bytes
Content-Length: 24469
Keep-Alive: timeout=1, max=97
Connection: Keep-Alive
Content-Type: image/png
servecontent.net/content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=9&loc=https%3A%2F%2Ffr.proxy.al%2F&cb=3240921ad7
135.148.245.193200 OK 43 B URL HTTP/1.1 servecontent.net/content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=9&loc=https%3A%2F%2Ffr.proxy.al%2F&cb=3240921ad7
IP 135.148.245.193:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=9&loc=https%3A%2F%2Ffr.proxy.al%2F&cb=3240921ad7 HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://servecontent.net/content/www/d/adale.php?refresh=60&n=a3bcf696&zoneid=9&target=_blank
Cookie: OAID=01000111010001000101000001010010; OAVARS[a4dc702b]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%228%22%7D; OAVARS[a3bcf696]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%229%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Tue, 03-Oct-2023 22:28:16 GMT; Max-Age=31535999; path=/; secure; SameSite=none
Content-Length: 43
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: image/gif
fr.proxy.al/direct/aHR0cHM6Ly96Lm1vYXRhZHMuY29tL2FkZHRoaXNtb2F0ZnJhbWU1Njg5MTE5NDE0ODMvbW9hdGZyYW1lLmpz+
149.202.74.222200 OK 1.7 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly96Lm1vYXRhZHMuY29tL2FkZHRoaXNtb2F0ZnJhbWU1Njg5MTE5NDE0ODMvbW9hdGZyYW1lLmpz+
IP 149.202.74.222:0
File type ASCII text, with very long lines (523)
Hash dd1a19cb8d13e4571d2b293c0a0d2ccf
18070dd5c894930a8aef7117bf8d49bd4922a723
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly96Lm1vYXRhZHMuY29tL2FkZHRoaXNtb2F0ZnJhbWU1Njg5MTE5NDE0ODMvbW9hdGZyYW1lLmpz+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
x-amz-id-2: 8hxg0dzAkz9zW3TUrCJ2UPrnjd9MddTKKdoH+9oFtVUpX/FvjMMHItrPqa4FRqsdA014GVE24KY=
x-amz-request-id: E79C77E2AF1AE511
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
accept-ranges: bytes
vary: Accept-Encoding
unused62: 8096267
Cache-Control: no-store, no-cache, must-revalidate, max-age=25868
connection: keep-alive, Keep-Alive
access-control-allow-origin: *
Content-Length: 1705
Keep-Alive: timeout=5, max=93
Content-Type: application/x-javascript
www.facebook.com/csp/reporting/?m=c&minimize=0
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?m=c&minimize=0
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?m=c&minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2221
Origin: https://fr.proxy.al
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: /hd4oZPbA0g4Axrp+56fAJv0hl+HSUdkECLqTiBAg4Z1mJvd4g8mH1F5aoV90U0mGqKTUIm64eQ2JExkgX3A5Q==
content-length: 0
date: Mon, 03 Oct 2022 22:28:17 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7876
Expires: Tue, 04 Oct 2022 00:39:33 GMT
Date: Mon, 03 Oct 2022 22:28:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7876
Expires: Tue, 04 Oct 2022 00:39:33 GMT
Date: Mon, 03 Oct 2022 22:28:17 GMT
Connection: keep-alive
fr.proxy.al/direct/aHR0cHM6Ly92MS5hZGR0aGlzZWRnZS5jb20vbGl2ZS9ib29zdC9yYS01ZTNiYTkyMmNmYTM2OGNkL19hdGUudHJhY2suY29uZmlnX3Jlc3A-+
149.202.74.222200 OK 2.5 kB URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly92MS5hZGR0aGlzZWRnZS5jb20vbGl2ZS9ib29zdC9yYS01ZTNiYTkyMmNmYTM2OGNkL19hdGUudHJhY2suY29uZmlnX3Jlc3A-+
IP 149.202.74.222:0
File type ASCII text, with very long lines (2543), with no line terminators
Hash 7ba0dd97024c069b5d96ad486ad1b265
8f231a28dac059dfb98a87a57a0c4105d44fea13
bbe21191bc5731641bbe4d2272fd79f8522366d435d9f1dbbbdc37d07c77ecbd
Analyzer Verdict Alert fortinet Phishing
GET /direct/aHR0cHM6Ly92MS5hZGR0aGlzZWRnZS5jb20vbGl2ZS9ib29zdC9yYS01ZTNiYTkyMmNmYTM2OGNkL19hdGUudHJhY2suY29uZmlnX3Jlc3A-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr; _ga@proxy.al/=GA1.2.2064313337.1664836097; _ga@fr.proxy.al/=GA1.3.2064313337.1664836097; _ga@mobile.facebook.com/=GA1.1.2064313337.1664836097; _gid@mobile.facebook.com/=GA1.1.330582545.1664836097; _gat@mobile.facebook.com/=1; __atuvc@mobile.facebook.com/=1%7C40; __atuvs@mobile.facebook.com/=633b6200b9363995000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
etag: -1493488983--gzip
content-disposition: attachment; filename=1.txt
Cache-Control: no-store, no-cache, must-revalidate, public, max-age=27, s-maxage=86400
connection: keep-alive, Keep-Alive
vary: Accept-Encoding
access-control-allow-origin: *
Content-Length: 2543
Keep-Alive: timeout=5, max=92
Content-Type: application/javascript;charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7876
Expires: Tue, 04 Oct 2022 00:39:33 GMT
Date: Mon, 03 Oct 2022 22:28:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d0984d7-fe4f-4f96-9f0f-17e0197a5cb6.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d0984d7-fe4f-4f96-9f0f-17e0197a5cb6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78caa2bb8e856110416bc85ed2420d20
1d90e98d3666fc8618130eac15972d3a08addf16
5175905bdbcd0a325ff666148a77503f14d1922d826ad14a9c3d09846d77dff5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d0984d7-fe4f-4f96-9f0f-17e0197a5cb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5857
x-amzn-requestid: 51f3a938-30f6-418e-970b-439bdfbb7c2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHIAIAMF6PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-6d97d5ff3c3589ee1e900a3b;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OModa8qHXEimXsJhr1DiYifYbFLgI-yMvAaKZA2SsRyU1N5CWwoVOg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:16:34 GMT
age: 1029
etag: "1d90e98d3666fc8618130eac15972d3a08addf16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7df28993-57e6-4e7f-9751-93778578bd1e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7df28993-57e6-4e7f-9751-93778578bd1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6258b8768ba4c3edcc049c494dac733a
40e4337611c74e26efbc53633ba1a9ac04d9ae81
b170aaabbd17b712ed861f5e1d13ad2ff3604b47e9ec833077caeb1199f44d08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7df28993-57e6-4e7f-9751-93778578bd1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10595
x-amzn-requestid: 7cc6c91c-4dfc-4c17-b27c-5c0eec4a390a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqdOHTzoAMFYdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5787-11525116257b72eb382ecefa;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qglxUK18M0WVvuSzN-pkwoIagT-hMmp_77qKAVaGq-3vJ4gwwsRzdA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:14:26 GMT
age: 831
etag: "40e4337611c74e26efbc53633ba1a9ac04d9ae81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 2637
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840ae91d-bdbe-4236-ad14-27b04e390b6a.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840ae91d-bdbe-4236-ad14-27b04e390b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb7d0bdcd7cf60e39ee64d92f5694384
0f0c8f45a22563c3c87ab7ec6279fabc96cdfb1f
a6dd1fade6b47e539dd42ed07d2cf58179db10fe946809f201889a1f9c4ef282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840ae91d-bdbe-4236-ad14-27b04e390b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2761
x-amzn-requestid: 00090151-da40-48e8-98f0-a0c579fe6d1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI_EgdIAMFc0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556c-06ceb1750213c44130848bf2;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tnLSKunYCXPQiG357F3pxokcn8BJDjBxvx8MmQo2XwY7_eCzD7ZlIw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:31 GMT
age: 2626
etag: "0f0c8f45a22563c3c87ab7ec6279fabc96cdfb1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 2637
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1MjM5oee1NyGVE2YJ0L5mS1XC2syh~62cSGWhC6vrjMA--
149.202.74.222200 OK 2.7 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1MjM5oee1NyGVE2YJ0L5mS1XC2syh~62cSGWhC6vrjMA--
IP 149.202.74.222:0
File type PNG image data, 189 x 38, 8-bit colormap, non-interlaced\012- data
Hash 703d6d10d2ce3bb86249dfccbee46653
a07b38ba1a5402f53b28f8baa7b6e5d6ba87cfba
2b6ef38941a36abbee130750bd7656c228e75c70479040d001fba37d36fdfc80
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc1MjM5oee1NyGVE2YJ0L5mS1XC2syh~62cSGWhC6vrjMA-- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc14Wy0opnXUHVqPQQGG7_cpjCnoQdgQGJhyl~nXm7~Awc5EY5pe9q3XnnTc4srwsyI4f90QR1X5idtNzY6JhJKZ
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr; _ga@proxy.al/=GA1.2.2064313337.1664836097; _ga@fr.proxy.al/=GA1.3.2064313337.1664836097; _ga@mobile.facebook.com/=GA1.1.2064313337.1664836097; _gid@mobile.facebook.com/=GA1.1.330582545.1664836097; _gat@mobile.facebook.com/=1; __atuvc@mobile.facebook.com/=1%7C40; __atuvs@mobile.facebook.com/=633b6200b9363995000; __atrfs@mobile.facebook.com/=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: cD1tENLOO7hiSd/MvuRmUw==
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Fri, 29 Sep 2023 00:59:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: m9unDb1YVr9A5y36HrtMYjeFQtqcO7zErtARtoLOX7ajRKY/Sl5W63cQDa6/3K+5ezfFDLdiS8+52yBmRwOYQg==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=94
Transfer-Encoding: chunked
Content-Type: image/png
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc2JHzTbtn5Kd92_6rWaPkP_4WUi18Vb0jHH82l6WFF4SQ--
149.202.74.222200 OK 1.8 kB URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc2JHzTbtn5Kd92_6rWaPkP_4WUi18Vb0jHH82l6WFF4SQ--
IP 149.202.74.222:0
File type PNG image data, 92 x 88, 8-bit colormap, non-interlaced\012- data
Hash 16cad9478450eed08c3a60904dae73af
d789cf4882563eef7cf751b43d0003cc75d80008
971f0bc9e893cd3c6efd9570f798e39f71612acff8d2e5bdf9f90f1426ae7354
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc2JHzTbtn5Kd92_6rWaPkP_4WUi18Vb0jHH82l6WFF4SQ-- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc3OoQVNtjQr51hWW4aIRrwNHJ68IjR5Un9XWPdpZk_nO_au9miSOUsrxpUcKvPZuPugZvSSpStvHgIF7GbzqHwR
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr; _ga@proxy.al/=GA1.2.2064313337.1664836097; _ga@fr.proxy.al/=GA1.3.2064313337.1664836097; _ga@mobile.facebook.com/=GA1.1.2064313337.1664836097; _gid@mobile.facebook.com/=GA1.1.330582545.1664836097; _gat@mobile.facebook.com/=1; __atuvc@mobile.facebook.com/=1%7C40; __atuvs@mobile.facebook.com/=633b6200b9363995000; __atrfs@mobile.facebook.com/=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: FsrZR4RQ7tCMOmCQTa5zrw==
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sun, 01 Oct 2023 03:22:22 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: b5JCZZJPRLfZ2Te9xiUMdTxKRly/dI8jiskFIM7Tw2Bgoniva6EDr8XioVF/S/ieid2YwkDs5y4kQ8n+EHfoZQ==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=94
Transfer-Encoding: chunked
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 63926
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Mon, 03 Oct 2022 22:28:17 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=633b62002304909d&bkl=0&bl=1&pdt=798&sid=633b62002304909d&pub=ra-5e3ba922cfa368cd&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=fr.proxy.al&fp=direct%2FaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664836096931&jsl=1&uvs=633b6200b9363995000&skipb=1&callback=addthis.cbs.jsonp__431260916473646950
23.38.200.123200 OK 90 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=633b62002304909d&bkl=0&bl=1&pdt=798&sid=633b62002304909d&pub=ra-5e3ba922cfa368cd&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=fr.proxy.al&fp=direct%2FaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664836096931&jsl=1&uvs=633b6200b9363995000&skipb=1&callback=addthis.cbs.jsonp__431260916473646950
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 4a38ee284f2fcf2a817f0dc91b06cf4b
055df9c55906665c9d23614316ba26376dbd1878
5cf70cdfa3ea96858e3c72cc23c2a09d8db1796e67650077516609cd3c8d1150
GET /live/red_lojson/300lo.json?si=633b62002304909d&bkl=0&bl=1&pdt=798&sid=633b62002304909d&pub=ra-5e3ba922cfa368cd&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=fr.proxy.al&fp=direct%2FaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664836096931&jsl=1&uvs=633b6200b9363995000&skipb=1&callback=addthis.cbs.jsonp__431260916473646950 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.proxy.al/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 03 Oct 2022 22:28:17 GMT
X-Firefox-Spdy: h2
fr.proxy.al/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tL2EvYno_ZmJfZHRzZz1OQWNQdXduQXlkZ3NDRjZCSFktcjZWczV1MmJRM0hfQkVEVUhFdThTeDRiTzNKaEZDZHNpbU5RJTNBMCUzQTAmamF6b2VzdD0yNDgyMSZsc2Q9QVZxWEdxbnFNNnMmX19keW49MUtpZEFHMW13SHdoOC10MEJCQmc5b2RFNGEyaTVVNGUwQzg2dTdFMzl4NjBsVzRvM0J3NEV3azlFNFcwb20wTVUwRDJVUzBzZTIyOXc2dHdkSzBEODF4ODJldzRLd3d3NU53NHZ3YlMxTHc5QyZfX2Nzcj0mX19yZXE9MSZfX2E9QVlrOEdmOUk2Qk9yYXZTSFNzOUxiNkZmcnFHOXFNbElMdHB3ZTBOc2FXX0RpdUM0MjJUeE0tVHpaMDFZWXFpS09zVUFsNzNDV0NfT1BtVXJwSVRjZk1vaEIxdkdIVlM1T0d2MEdZcHpoQ0EzMkEmX191c2VyPTA-+
149.202.74.222200 OK 249 B URL HTTP/1.1 fr.proxy.al/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tL2EvYno_ZmJfZHRzZz1OQWNQdXduQXlkZ3NDRjZCSFktcjZWczV1MmJRM0hfQkVEVUhFdThTeDRiTzNKaEZDZHNpbU5RJTNBMCUzQTAmamF6b2VzdD0yNDgyMSZsc2Q9QVZxWEdxbnFNNnMmX19keW49MUtpZEFHMW13SHdoOC10MEJCQmc5b2RFNGEyaTVVNGUwQzg2dTdFMzl4NjBsVzRvM0J3NEV3azlFNFcwb20wTVUwRDJVUzBzZTIyOXc2dHdkSzBEODF4ODJldzRLd3d3NU53NHZ3YlMxTHc5QyZfX2Nzcj0mX19yZXE9MSZfX2E9QVlrOEdmOUk2Qk9yYXZTSFNzOUxiNkZmcnFHOXFNbElMdHB3ZTBOc2FXX0RpdUM0MjJUeE0tVHpaMDFZWXFpS09zVUFsNzNDV0NfT1BtVXJwSVRjZk1vaEIxdkdIVlM1T0d2MEdZcHpoQ0EzMkEmX191c2VyPTA-+
IP 149.202.74.222:0
File type ASCII text, with no line terminators
Hash 887ff1bd121affa3e6bb004904fd33a9
4fb3c6cf8054c848bdf112ca1dd780e5feef99a9
ee408cc2242a7157f20e306b059b97678f0b3c006e48bb5f5c9d419513eebb29
Analyzer Verdict Alert fortinet Phishing
POST /direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tL2EvYno_ZmJfZHRzZz1OQWNQdXduQXlkZ3NDRjZCSFktcjZWczV1MmJRM0hfQkVEVUhFdThTeDRiTzNKaEZDZHNpbU5RJTNBMCUzQTAmamF6b2VzdD0yNDgyMSZsc2Q9QVZxWEdxbnFNNnMmX19keW49MUtpZEFHMW13SHdoOC10MEJCQmc5b2RFNGEyaTVVNGUwQzg2dTdFMzl4NjBsVzRvM0J3NEV3azlFNFcwb20wTVUwRDJVUzBzZTIyOXc2dHdkSzBEODF4ODJldzRLd3d3NU53NHZ3YlMxTHc5QyZfX2Nzcj0mX19yZXE9MSZfX2E9QVlrOEdmOUk2Qk9yYXZTSFNzOUxiNkZmcnFHOXFNbElMdHB3ZTBOc2FXX0RpdUM0MjJUeE0tVHpaMDFZWXFpS09zVUFsNzNDV0NfT1BtVXJwSVRjZk1vaEIxdkdIVlM1T0d2MEdZcHpoQ0EzMkEmX191c2VyPTA-+ HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
X-Response-Format: JSONStream
X-Requested-With: XMLHttpRequest
X-FB-LSD: AVqXGqnqM6s
X_FB_BACKGROUND_STATE: 1
Content-Type: multipart/form-data; boundary=---------------------------224045707740502395543332379623
Content-Length: 2684
Origin: https://fr.proxy.al
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr; _ga@proxy.al/=GA1.2.2064313337.1664836097; _ga@fr.proxy.al/=GA1.3.2064313337.1664836097; _ga@mobile.facebook.com/=GA1.1.2064313337.1664836097; _gid@mobile.facebook.com/=GA1.1.330582545.1664836097; _gat@mobile.facebook.com/=1; __atuvc@mobile.facebook.com/=1%7C40; __atuvs@mobile.facebook.com/=633b6200b9363995000; __atrfs@mobile.facebook.com/=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
vary: Accept-Encoding
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
_ga@mobile.facebook.com/=deleted; Domain=fr.proxy.al; Path=/
_ga@facebook.com/=deleted; Domain=fr.proxy.al; Path=/
_ga@mobile.facebook.com/=deleted; Domain=fr.proxy.al; Path=/
_gid@mobile.facebook.com/=deleted; Domain=fr.proxy.al; Path=/
_gid@facebook.com/=deleted; Domain=fr.proxy.al; Path=/
_gid@mobile.facebook.com/=deleted; Domain=fr.proxy.al; Path=/
_gat@mobile.facebook.com/=deleted; Domain=fr.proxy.al; Path=/
_gat@facebook.com/=deleted; Domain=fr.proxy.al; Path=/
_gat@mobile.facebook.com/=deleted; Domain=fr.proxy.al; Path=/
__atuvc@mobile.facebook.com/=deleted; Domain=fr.proxy.al; Path=/
__atuvc@facebook.com/=deleted; Domain=fr.proxy.al; Path=/
__atuvc@mobile.facebook.com/=deleted; Domain=fr.proxy.al; Path=/
__atuvs@mobile.facebook.com/=deleted; Domain=fr.proxy.al; Path=/
__atuvs@facebook.com/=deleted; Domain=fr.proxy.al; Path=/
__atuvs@mobile.facebook.com/=deleted; Domain=fr.proxy.al; Path=/
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/mobile.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
Pragma: no-cache, no-cache
Cache-Control: no-store, no-cache, must-revalidate, private, no-cache, no-store, must-revalidate
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-debug: x6TO/KZzu8WiizrUzrAPWdVIfsXsktK/PFbjnU/DcYounAuwN/WljdjA8Kot2Ym+lED19zJa6Tuz7P13Rlhv+Q==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
access-control-allow-origin: *
Content-Length: 249
Keep-Alive: timeout=5, max=91
Content-Type: application/x-javascript; charset=utf-8
fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc0BQF9gierjbcdixtpkts7NrSsT1sQjoKTu_4WqApmU7GkJh2XDQ1arYzBEI3LE794-
149.202.74.222200 OK 0 B URL HTTP/1.1 fr.proxy.al/secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc0BQF9gierjbcdixtpkts7NrSsT1sQjoKTu_4WqApmU7GkJh2XDQ1arYzBEI3LE794-
IP 149.202.74.222:0
Analyzer Verdict Alert fortinet Phishing
GET /secure/jstmqNE1fdFKgkWiWteyXE0Ps2nV5VaUTcDkBis0vc0BQF9gierjbcdixtpkts7NrSsT1sQjoKTu_4WqApmU7GkJh2XDQ1arYzBEI3LE794- HTTP/1.1
Host: fr.proxy.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fr.proxy.al/direct/aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2ltcHJlc3Npb24ucGhwL2ZhMTUyNWYyZjE1ZDk0Lz9hcGlfa2V5PTI2MDg5MDU0NzExNSZsaWQ9MTE1JnBheWxvYWQ9JTdCJTIyc291cmNlJTIyJTNBJTIyanNzZGslMjIlN0Q-
Connection: keep-alive
Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; 4everproxy_referer=https://mobile.facebook.com/login.php?next=https%3A%2F%2Fmobile.facebook.com%2F&refsrc=deprecated&_rdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:28:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.33
Pragma: no-cache
Set-Cookie: 4everproxy=25472370204b5d4e7a3a7468aa6ae59c; path=/; domain=proxy.al
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 30 Sep 2023 19:53:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Yjd8wnQkT0JAL19TKgFhKg==
x-fb-debug: ZKMu00BgreplicfS96ruOUu8jlzaKK+aWrM+65IRLQ9ztBCniDdcp6twcn3phXogHcDjlcSaGuc+/aRT09bs4w==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8