| facebookk.life/profile.10002023097121973 | 168.220.91.95 | 308 Permanent Redirect | 0 B |
URL HTTP/1.1facebookk.life/profile.10002023097121973 IP168.220.91.95:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to Suspicious *.life Domain |
GET /profile.10002023097121973 HTTP/1.1
Host: facebookk.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://facebookk.life/profile.10002023097121973
Date: Thu, 09 Feb 2023 12:32:45 GMT
Content-Length: 0
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb7407cc102d62a5acd5e61f8a79bed36 c2f4890a62454e514962b55b7fc14228339c8e90 be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4864
Expires: Thu, 09 Feb 2023 13:53:49 GMT
Date: Thu, 09 Feb 2023 12:32:45 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash565c1bbc5c1c40be1988b3bf6fd9dc1a cfdba5bc597130461dd67bf6cda53183be592493 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6756
Expires: Thu, 09 Feb 2023 14:25:21 GMT
Date: Thu, 09 Feb 2023 12:32:45 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashcc14b0d2f7c451f6431dc87ba54d1d60 bab8bfda6fa3e2f17125353f5147211787dc25d0 b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2255
Expires: Thu, 09 Feb 2023 13:10:20 GMT
Date: Thu, 09 Feb 2023 12:32:45 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashbf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 11:34:15 GMT
content-type: application/json
age: 3510
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LZwIiIxyZ7CbsfhXMDQdpKWrTyL8yTx2kvBjiBCOZZfkvMhmC/44+T73MlTL6WZ+O0w7k++8oTQ=
x-amz-request-id: ZTM98M2D6EBEN6QG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 11:46:23 GMT
age: 2782
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:32:45 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash6d5882eafc87e0fd208339050fb4a553 11505fa91a1395b6639120faef4d4350087af794 bed94db046ef3d739b6e1f8f63c9cdc1e42d8e2cb59606fb93902942c1cf8c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6139
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:32:46 GMT
Last-Modified: Thu, 09 Feb 2023 10:50:27 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 11:51:21 GMT
age: 2485
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash6d5882eafc87e0fd208339050fb4a553 11505fa91a1395b6639120faef4d4350087af794 bed94db046ef3d739b6e1f8f63c9cdc1e42d8e2cb59606fb93902942c1cf8c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6139
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:32:46 GMT
Last-Modified: Thu, 09 Feb 2023 10:50:27 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash248ce16379b12f11927ecc3142aec450 fa5b189f2d9182479170cb61cc1723571e437bd2 a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4066
Expires: Thu, 09 Feb 2023 13:40:32 GMT
Date: Thu, 09 Feb 2023 12:32:46 GMT
Connection: keep-alive
|
|
| static.xx.fbcdn.net/rsrc.php/v3/y8/r/kgCswNiKScM.js?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 387 B |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/y8/r/kgCswNiKScM.js?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (416) Hash168cfb14444da8fb01e1bc92f38d3d89 ea091156b04c1dbf0528303d1b1c55ffc0a56344 d1b8b36fa318e30282f486370d1ce6b3c268603389207425a586fee5374800b7
GET /rsrc.php/v3/y8/r/kgCswNiKScM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 02 Feb 2024 14:53:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Foz7FERNqPsB4byS8409iQ==
x-fb-debug: XiNqocGUs46MD/GCFgiMH8Mm6IDSDmaJ4cLotA0rEdS3YqYgZTTwKp4pKAyN4KbSEilR5x26LvVTTm5As356Mw==
content-length: 387
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/R3oVdNt4k9c.css?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 1.8 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/R3oVdNt4k9c.css?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (1384) Hash89a1542311bd3f56cdf4128309b186bf e5c44892c46b595939b787ba699664b6035a2fc0 ffe0976d58aa82f3dee454cb9a85ef6384a51feea50128eb3bbffd1c43e32ff5
GET /rsrc.php/v3/yr/l/0,cross/R3oVdNt4k9c.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 08 Feb 2024 18:39:21 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: iaFUIxG9P1bN9BKDCbGGvw==
x-fb-debug: D8ZZYs21PWroszMbC3fBcKE6SEkDMA8xpljdU/qSafVeJ+P3W1lZqYxulTvKQfehQTS5jqNg6A9Px9fjEAXCwA==
content-length: 1767
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/cXgAIpWxFW2.css?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 1.5 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/cXgAIpWxFW2.css?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (4526) Hash1c99e210c97b2f4a5e979ad0b96b51ee ffe085f493e3f8291b8160fa7e9eb6de90b09bd6 4c94f88fde3be72ce39984dd66d3be3d8e842fa4d82b61cceb7516e91003e149
GET /rsrc.php/v3/yH/l/0,cross/cXgAIpWxFW2.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 04 Feb 2024 17:49:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: HJniEMl7L0pel5rQuWtR7g==
x-fb-debug: L2rjsyn7ibxtmf0/MgArAYflifWbr4N2Dv5YCDp3CuNXEsFP1IZwMjnmYkT4DSiqyaZ1YGUL98+QBbmyzxygbA==
priority: u=3,i
content-length: 1500
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/y8/r/9LgNeX-IY5B.js?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 1.2 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/y8/r/9LgNeX-IY5B.js?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (1559) Hash988af700907b50f96d8708e06f539b1e 6f73ce0c0f6d13823392eba7080cc085393ced4e c9bdc498204e3437e08e09580e4c9062de9d43db4eaa201b716b9a366cb1efa1
GET /rsrc.php/v3/y8/r/9LgNeX-IY5B.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 09 Feb 2024 03:27:57 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: mIr3AJB7UPlthwjgb1ObHg==
x-fb-debug: GYIJtLxVdX6ByMw8XV2hXT2kaZevsLCOskpLSmfOfEG0IcGv39TSxBsyeLCgP5seNroqf4HgATQLUnON22V41A==
priority: u=3,i
content-length: 1204
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/ozu1W6JGNbi.css?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 4.3 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/ozu1W6JGNbi.css?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (3836) Hashaafb7e72872cc7227850ac85330ebce3 a9d11a86d8f9a24e56cf81435397357bd9af8fc3 f3130e787efd6f315e837ce87ec7530985da89dc3d4fec6a66ec5fe2c877211e
GET /rsrc.php/v3/yI/l/0,cross/ozu1W6JGNbi.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 08 Feb 2024 18:05:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: qvt+cocsxyJ4UKyFMw684w==
x-fb-debug: YZCcNFxO8bqQ/K94UY2kbq4oqnDOJoruaSp2stOVeSfO2VT18ofFDRj9vaOcZHcOBoJmDQl7kwwWtEhid56R2g==
content-length: 4273
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/fwtrqygxPED.css?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 7.4 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/fwtrqygxPED.css?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (4583) Hash604bf0b3f2be74e40184f77f86989260 6ed398a03adcc83db0bfa976748ae536c2137ab4 4c57990ca14999c53d64d89f22dd9b26ee6a16a7c8b1249e2cde7e778a0933a7
GET /rsrc.php/v3/yL/l/0,cross/fwtrqygxPED.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 06 Feb 2024 19:32:22 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: YEvws/K+dOQBhPd/hpiSYA==
x-fb-debug: hk/dJXkCINyi5P3LPXEwrEPlZsWuDLPotzQ8t+yxHVC7sV5udnvRBzbVsZJwZlsfj14WcRYHNrvw/XIUMomRGw==
content-length: 7382
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/y-/r/qu9vi-bmWl3.js?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 2.9 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/y-/r/qu9vi-bmWl3.js?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (1747) Hashc9bbd77181b1fcf7c7d8156dbd5de540 2350487ad41cf11b99d9ca8181c68831480bd83a ca5549eb72b27073aa2a0120e2662bc396d96ebf8eef62d935ddf486752cfa7e
GET /rsrc.php/v3/y-/r/qu9vi-bmWl3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 01 Feb 2024 20:45:19 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: ybvXcYGx/PfH2BVtvV3lQA==
x-fb-debug: VvpB+spmdmz2GbYUQFUtwMtZDU0c7/U6y79ztgSq679KJ+Gs9W9VDGbLaGN5yV0qrcS72iIQBy0OTWxJPG5NOQ==
content-length: 2895
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3i7M54/yL/l/en_US/SucD2A87jjf.js?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 16 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3i7M54/yL/l/en_US/SucD2A87jjf.js?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (42355) Hash9eb6c00ea4f2e198652bc08be61a7121 9135336815821e612e950c3891b472436f4856ff 355bb07a56aac03bb52c7f7d090921b00601658caf28310132a754f7c06dd93f
GET /rsrc.php/v3i7M54/yL/l/en_US/SucD2A87jjf.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 09 Feb 2024 01:52:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: nrbADqTy4ZhlK8CL5hpxIQ==
x-fb-debug: DHh/vJ7r6KvOYYwDULofGMHc7qqPv+LVtJmhA4UFTAmOA+scI/51FeDzkjDaE9CQV3ni8hLYK6u6QPLm2R1thw==
priority: u=3,i
content-length: 16320
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/cyVgkcGsJ4Y.css?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 5.7 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/cyVgkcGsJ4Y.css?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (4208) Hash433e376e4f9f67405b349d30a081bfae 2862b3a4ea260fb8e7bacd6f4ab832e541bf84a1 f0db146abc77ada92b439249b8cea2d303ab61871e6669cdac35c124d87b21d6
GET /rsrc.php/v3/ya/l/0,cross/cyVgkcGsJ4Y.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 08 Feb 2024 19:10:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Qz43bk+fZ0BbNJ0woIG/rg==
x-fb-debug: mDr1JzZrdp2MtPiyfbzJz4wLFkZ+NVNoxknuYIXbyLV4LVnY4HMgAMtAcoC0QD7HHixoYKR3uX3JkaCRWdothQ==
content-length: 5695
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/wr1zxrk-G50.css?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 473 B |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/wr1zxrk-G50.css?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (1421) Hashc8e8613ff1bcc7199996e225f557fe33 e4381334500c27327fe5606dec849b9421fb990b 4378e353b1856cb33b941e0ce928dead09f325620469eec2b926a6436a4baea1
GET /rsrc.php/v3/yr/l/0,cross/wr1zxrk-G50.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 08 Feb 2024 22:06:38 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: yOhhP/G8xxmZluIl9Vf+Mw==
x-fb-debug: TFqxEpoW5RBs5Hik5teJgshSuRR9OAvmCXUtaLJirAMr0Q8FupRoA6v53LWRclQmGUopEwLl0MqAn9qVSvn92w==
content-length: 473
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/dQCUcyllNfc.css?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 1.9 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/dQCUcyllNfc.css?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (2583) Hash2feec26f44fc20359d3a4ce7f0be44e1 79730feefa40f83474150d06c663fbca5e2cf9aa d211fca53cc85d607e844f88e06f522706eb57143c649c6705782020bf0727e5
GET /rsrc.php/v3/yO/l/0,cross/dQCUcyllNfc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 02 Feb 2024 01:08:20 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: L+7Cb0T8IDWdOkzn8L5E4Q==
x-fb-debug: LU5gHfDmARVNW547iIt42pNEIBn97kvX2hbt1fiYM6YqsXxvskV4mbxgc7utSIEKNbVeLz3YR09viwwu8HOeSA==
content-length: 1909
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/yR/r/UmkunxOHDy5.js?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 85 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/yR/r/UmkunxOHDy5.js?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (18631) Hash2a35eafc8dea10e95718dbb7a07c9222 f9bac00ea22279414b633fd5089c56525d2df37c 9b0dec8ca03fabb07140aba916fc8f46784dfc13c829c52b082e9bae90e97aa0
GET /rsrc.php/v3/yR/r/UmkunxOHDy5.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 09 Feb 2024 05:26:30 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: KjXq/I3qEOlXGNu3oHySIg==
x-fb-debug: GQH4GY+H/pFHo0L5SiM9BYcsY7jU0anUp9M4asgc73YhPm0gGqGI9vXgZ+BpZLCZOuJ6kH3gEN0MDRGD9K39Ng==
priority: u=3,i
content-length: 85239
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/y_/r/0kgi9b3SWKu.js?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 108 B |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/y_/r/0kgi9b3SWKu.js?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
Hashaf15035f1b87b8402cb6d8cb74441576 a94a38a4949f4deaa8ec907d2ba0ec81bf9730ac 025a3056b58db94ae162ab58c0613993de72e86c2e550a9cd200134ee715d1a5
GET /rsrc.php/v3/y_/r/0kgi9b3SWKu.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: rxUDXxuHuEAsttjLdEQVdg==
expires: Fri, 09 Feb 2024 03:26:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: wHiPjscCfYhmCjiVTyCTpY45PcImn8qGZJDsW74HtGPDsQnQOdS8JYtS11Akkjt/goqwS9k+mMr5WSChGQ5o5A==
content-length: 108
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/cxd3odJZkjy.css?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 1.6 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/cxd3odJZkjy.css?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (3832) Hashaafaab31f21294972fb76752f6fb1257 70b882c6e728e2843955c57690f0e67fd29d594f a37e99e833f2a50b3732f1c211c5c1b97e06f0c6ee602f7f5ee4fb84acde68ca
GET /rsrc.php/v3/yx/l/0,cross/cxd3odJZkjy.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 08 Feb 2024 17:23:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: qvqrMfISlJcvt2dS9vsSVw==
x-fb-debug: Puumvo9FOlGZ4Vm9KzzL9I8CglzEvg06uOiF1zpKBTNH0HkxXkefvZLSEQzbwI9LYhMYnKR4VgAA0MuW171I7w==
priority: u=2
content-length: 1607
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/ym/r/2Z9gzYPL3TW.js?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 8.7 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/ym/r/2Z9gzYPL3TW.js?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (5542) Hashaedd9139a0eeadf241548ce0328dacdc a532cfe244c3eec597e74714b27d2b5b8046854f afd6264fdaff56b36beecd058752cae8d1413e236d1983ebda1999403f553b85
GET /rsrc.php/v3/ym/r/2Z9gzYPL3TW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 31 Jan 2024 17:27:29 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: rt2ROaDurfJBVIzgMo2s3A==
x-fb-debug: b/LrMb1QOg30sXCs+LR/vkEwuBcyQ4n2sFanpbrPtRuhFnnP8VHpXHlVlE7AE0+EuJrxM9NdxYzYnv1JcmkgRg==
content-length: 8708
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.xx.fbcdn.net/rsrc.php/v3/yR/r/n9ktzHPknGx.js?_nc_x=Ij3Wp8lg5Kz | 31.13.72.12 | 200 OK | 10 kB |
URL HTTP/2static.xx.fbcdn.net/rsrc.php/v3/yR/r/n9ktzHPknGx.js?_nc_x=Ij3Wp8lg5Kz IP31.13.72.12:0
File typeASCII text, with very long lines (10595) Hash5804f9ceaa5c8edbb9b0c30b6d50c40d 25eeb90421341b087e3df94e26d62d5002546f3e a6ee11ed992ecc1f9d919d4fe78744ee48346d6d9246671e5e3c0bb7683a5930
GET /rsrc.php/v3/yR/r/n9ktzHPknGx.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 04 Feb 2024 17:06:19 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: WAT5zqpcjtu5sMMLbVDEDQ==
x-fb-debug: lPFql0Pa157SLBUYnMyEilToS8A7kPrvQnH514GwJK7gFUg7BZ0wYXxTnnzNqZnP2CBZ5of1iABsch66PVJsUg==
priority: u=3,i
content-length: 10505
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 12:32:46 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.149.156.115 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.149.156.115:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aJr2jf0uWtrnr9VqzoOWPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LOdX5lfzJVIqzgtHJQxm+2ds+2Y=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1d885cfc22a04f1216c98dd64df5338a 589916a844b81fac40af88a772865b8e28dfb64e 40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5479
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 12:32:47 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1d885cfc22a04f1216c98dd64df5338a 589916a844b81fac40af88a772865b8e28dfb64e 40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5479
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 12:32:47 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg | 34.120.237.76 | 200 OK | 6.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashea55fd1053c19123cb789a7d14479ccc 45fb06a6feeceff6a06c8c3f37e259ddf6e09820 393290f5ec8379a09da72b2554c30023b688489ffda79f5edfe6f114250ee4c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6061
x-amzn-requestid: cf552847-17d0-4820-9711-3fb129090686
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f8xbCG8jIAMF7Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1c913-0f2af41d6063340d483c3a55;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 03:44:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AhvgnN4mrezDRzaqcb-O0ZGyjW83OcyZd76sLZByQhZDzZgr8Mg-ZA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:15:18 GMT
age: 51449
etag: "45fb06a6feeceff6a06c8c3f37e259ddf6e09820"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg | 34.120.237.76 | 200 OK | 5.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash403cadd5f6beb14f5d2a4dd9eafc68d3 4724b4929c1afcc134ead274238725e4ce729b26 13d7b7ca88de8341e3ec835a5a7d8c79bc50a136aff8eb90aa3c2267f3e8cc08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5241
x-amzn-requestid: 3ffb8a54-178e-4574-9662-8dc7696203fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiy0FOqIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e41811-26219fa14a85f6e81e4cf129;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:45:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8U_d5u2rtXAyLLBhRZ3BbQkFOc5gxZIPhnyL5XOvjGV6-8KqWyn8FQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:08:52 GMT
etag: "4724b4929c1afcc134ead274238725e4ce729b26"
content-type: image/jpeg
age: 51835
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa089b5-b6af-40bb-98d7-cfce928d0761.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa089b5-b6af-40bb-98d7-cfce928d0761.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0e9c6d739031209088f6dbbf08f19e59 649a29bfcc9fa92c656231bad3ce41e88c4037a6 520f00562077664a006b427c200a9f3c42dbeba3fed67bdc61537e71adcf6fc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa089b5-b6af-40bb-98d7-cfce928d0761.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9872
x-amzn-requestid: 62e9b3ff-7a27-4d74-90b0-ef7aeabaad39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f53QlGE4oAMF53A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e09f36-79e1ef9f3c167abb05cfefd4;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 06:33:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n9P7AhWzcWZo_TvS7ljLyP-qY5coA-xuTjnIN_eQl0U4rfbFpT9mjA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:15:22 GMT
age: 51445
etag: "649a29bfcc9fa92c656231bad3ce41e88c4037a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg | 34.120.237.76 | 200 OK | 15 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash95081172f8e19d19921acc802488e019 8531c150cb11de44361a95624b11cf46b9e0ba02 7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 07:45:45 GMT
age: 17222
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4b42802dc628e38e9631a01b6320040a c83355f0828815ecbff47d8195d2deed8077e368 d0f093b1769b568a5d68ada359eadfd1ab3360488a20e1deeb99b0a51b649441
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11256
x-amzn-requestid: fc079b98-a94a-4945-8e51-9b5941fda799
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8SEOMIAMFomA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb381-72b83330325d280821ecf4c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tlIxKyJ3tqYVM667Uz4n2OHk2eiLer2Nc7bnFKqJUZcYDoPqjRlagQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 19:24:56 GMT
age: 61671
etag: "c83355f0828815ecbff47d8195d2deed8077e368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1d7814305f961caded310b6f2089219b efcb6a067bb023865823625e67d9de60d44685e0 3c01637a052e2394774fc8f6dd37a284afaf76b423219ecd26a89c2d8b69c121
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9846
x-amzn-requestid: 4e6cc2be-bc18-4d66-b338-833a05d0d998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsaDlGV4oAMFoZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3d49-14fc32183d3c6afb3a64c27d;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 04:34:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -Gn6wHGlx11IB8EcdbgpJVc-6BTEeIyEDyhrW7fPdCiWqdnQ89k2bQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:11:08 GMT
age: 51699
etag: "efcb6a067bb023865823625e67d9de60d44685e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.facebook.com/ | 31.13.72.36 | 200 OK | 0 B |
IP31.13.72.36:0
GET / HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: tWQokN5XLgxblqFxky8I/036+BtgpC4CpFjwIMlvpiUUlBGP7hqDHUwmVImDpJMjpXxyFMx7G9enxdZCJTsSXw==
date: Thu, 09 Feb 2023 12:32:46 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| facebookk.life/profile.10002023097121973 | 168.220.91.95 | 302 Found | 0 B |
URL HTTP/2facebookk.life/profile.10002023097121973 IP168.220.91.95:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to Suspicious *.life Domain |
GET /profile.10002023097121973 HTTP/1.1
Host: facebookk.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 796ca12e9de4190a-EWR
content-type: text/html; charset=UTF-8
date: Thu, 09 Feb 2023 12:32:45 GMT
location: https://www.facebook.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HPqHw0BxXf8fnDrAt1Ldsu6ejBJo5X3yRKTvNWBg9y3kvSH3FuQa51En%2FlftUKUdqa%2Fcounpa5bKohWhcmr9q0LNUmor9yhHyBacilMvk4xKeaFONDYwFzGEGJHWhdFCLcwBfY%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: XSRF-TOKEN=eyJpdiI6Im43R1dKVWVnQkZCckY4cDN0VU5MVFE9PSIsInZhbHVlIjoiY09RQ1g0cURHOGlNL1RJaTcvSVhhR1ppSXR4a0VZSTN4TUd5QjYrWlBIbnIrMjVTUHl6cHo1K2tOR282YXVzWE1ZZC83R21LaVJiY3hqMkYxUmY0NHFSRU10WUNtRHBKU3lMTEE2aVU0MHhvc0Fzd3pRNlVKYmhWVk9IbENIYVkiLCJtYWMiOiIzOTA0NDM3ZDU3ZmYxNzI2NTIwODBhNzNhZGNkZDc5MWJlYzU3OGIxNjAxODBjYTg2MTYzOTk1MjJjZTRkOGY0IiwidGFnIjoiIn0%3D; expires=Thu, 23-Feb-2023 12:32:45 GMT; Max-Age=1209600; path=/; secure; samesite=lax
tly_session=eyJpdiI6InFRalFqRkZIdlF0bWoveXhIV1duRHc9PSIsInZhbHVlIjoiaHdzZXdROTg5anJHN2ZXY09hUEI2NnlIa1dpQVQ4Q1JRYXNXa3E3M3d0OUxWRkNHWFVmKzNMTjF1YlgzYUhRSVB3Qkl0Q0FrMFp0YU9PcDZWRGFlRFFWMTh0R3BxN1d0VUN3TkJiY1hNdmVNa1p5ZDJrZHpQR3l0eVZ2NGdraU4iLCJtYWMiOiIyZmViYTNkNzhiM2VlZDQ1MDI2ZjIzN2ViYzA0NDlkYThhOWQxY2Y0ZGE1ZTE0OGI3NmMzMWFmMmY1ZDI4ZjdmIiwidGFnIjoiIn0%3D; expires=Thu, 23-Feb-2023 12:32:45 GMT; Max-Age=1209600; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-1
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|