r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97a9e292b1e09ac6fb7c784fe38d0065
6c2093595d87dd4429345da43d264b7321d50f38
f4de30ea042e3ed7f7d2f738e00120d13f301649744abeebb7dd0aef6c19188d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4DE30EA042E3ED7F7D2F738E00120D13F301649744ABEEBB7DD0AEF6C19188D"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12957
Expires: Sun, 01 Jan 2023 23:05:18 GMT
Date: Sun, 01 Jan 2023 19:29:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d3098a490e8d38d4150d961624aa7b64
6ecbca59302d0ac5436f1723137d42523f629ea1
158e277ba0220577b59b15e4017b6c27f59295bcd7e5d0e52d027dc7c4309f0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "158E277BA0220577B59B15E4017B6C27F59295BCD7E5D0E52D027DC7C4309F0B"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3710
Expires: Sun, 01 Jan 2023 20:31:11 GMT
Date: Sun, 01 Jan 2023 19:29:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 01 Jan 2023 18:35:55 GMT
content-type: application/json
age: 3206
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b0a4b7e28ad3a91135d52c7457790b5
075f22ab45d169766252467ae44903250e480f9b
312744aeb6fcc4296025205bc70c40316dd3c8a4b626669ac43e32c33104473a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "312744AEB6FCC4296025205BC70C40316DD3C8A4B626669AC43E32C33104473A"
Last-Modified: Sat, 31 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8011
Expires: Sun, 01 Jan 2023 21:42:52 GMT
Date: Sun, 01 Jan 2023 19:29:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: f6xiyLnnuOv3dFt3Hnn563fJr8xzHLm5+MGZlMFPnxgBwoMj5pxg5Ect7eG6o2PK3nZoY8PKgvw=
x-amz-request-id: 7BM7PQTE6GVEQ7QH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 01 Jan 2023 19:00:11 GMT
age: 1750
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 01 Jan 2023 19:29:21 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 01 Jan 2023 19:08:11 GMT
age: 1270
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e2a99db6956684dc306ada584f1907d8
21c3fc85b00308907c1cffcb36b1ba1a4617f613
cf568c4a26fb352228e849b18fbca0f6fd3b3a89055cd5f4fc0cdd11f9b9733e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 943
Cache-Control: max-age=136391
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:21 GMT
Etag: "63b14d29-1d7"
Expires: Tue, 03 Jan 2023 09:22:32 GMT
Last-Modified: Sun, 01 Jan 2023 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
dhlvietnam-express.vn/gioi-thieu/
103.130.216.66301 Moved Permanently 0 B URL HTTP/1.1 dhlvietnam-express.vn/gioi-thieu/
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /gioi-thieu/ HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://dhlvietnam-express.vn/gioi-thieu/
content-length: 0
date: Sun, 01 Jan 2023 19:29:21 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
push.services.mozilla.com/
52.35.143.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.143.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lPCs0utFNUSMKAsLJvGx1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Dpz0hbQCnPljRnfVecrSDqzXcMA=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4027
Expires: Sun, 01 Jan 2023 20:36:30 GMT
Date: Sun, 01 Jan 2023 19:29:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4027
Expires: Sun, 01 Jan 2023 20:36:30 GMT
Date: Sun, 01 Jan 2023 19:29:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4027
Expires: Sun, 01 Jan 2023 20:36:30 GMT
Date: Sun, 01 Jan 2023 19:29:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4027
Expires: Sun, 01 Jan 2023 20:36:30 GMT
Date: Sun, 01 Jan 2023 19:29:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4027
Expires: Sun, 01 Jan 2023 20:36:30 GMT
Date: Sun, 01 Jan 2023 19:29:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c2b8d6-2447-4998-8f5b-fa39969098bb.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c2b8d6-2447-4998-8f5b-fa39969098bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42424c8f9d7f7500d166c13e31044f50
7c1ca7a7bfc5515f5cc384d9e802dcc84fa7cc74
3f513c3442c9f2ffe744a65e542d93c0c2e7a2d0d8632bb585bfa95f0f752620
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c2b8d6-2447-4998-8f5b-fa39969098bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7733
x-amzn-requestid: c9fcea69-d368-49e0-af97-5973bcc300e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d8mPFFZQIAMFhIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae83f9-4fc855e0180bd7334e14bc29;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 06:23:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KK70ykzMCeq12Ds7zKsUnlzsBR9qeUgM8pBbnbljyMM_4gbN4MqJfw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 21:59:25 GMT
age: 77398
etag: "7c1ca7a7bfc5515f5cc384d9e802dcc84fa7cc74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21ed4431-081e-4d12-961f-aa4e653e835e.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21ed4431-081e-4d12-961f-aa4e653e835e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 542c50a9c4ddc940c0b46f84973f26a6
adec3ce0b331c1ae542b07e3105ccbb7e517699a
2e6efc9930b8b281f4b4282a3f1f9815708b245760319bd711844c66f1b1cfb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21ed4431-081e-4d12-961f-aa4e653e835e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4574
x-amzn-requestid: 5656411c-79b6-424e-ba7c-9a546cb6f99b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d42MyGYVIAMFXig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad03eb-62d0a04f49947a6e42e6083d;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 03:05:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DFqVV_GbqyTSmrx57w2P_yiSWPvSCcFLQZwwBJbcbmvLautLFMR0CQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 04:13:33 GMT
age: 54950
etag: "adec3ce0b331c1ae542b07e3105ccbb7e517699a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff91ff871-3f80-4a32-932c-b81a53066ccd.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff91ff871-3f80-4a32-932c-b81a53066ccd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4367f9a4e85a0b03fc104148023c73e6
81b2d64110d0f5853a7190be93252dac4a428b7a
ec0b378ad8bea69e474ba2fd53321467a04143b39da7f438924b0a7604fa6751
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff91ff871-3f80-4a32-932c-b81a53066ccd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: d0b8e033-5a7a-4c2c-8cee-7cd14d205e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-XYNFV6IAMFoog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af3901-1f152c56526a8cfd6aab77d1;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 19:16:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -NKgGBkJUbNdMOK5TlrSwxH_I-xI6kENYZyEAPatO-GJB72OciVqbQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 03:12:06 GMT
age: 58637
etag: "81b2d64110d0f5853a7190be93252dac4a428b7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a92938ba6a58bd49a9938a24e404cba
2adeb5279f5a130a4ddc05199bc7b0b197a3cabc
1779831cec3a72aa82e2dab789c043da6a7fa432ff75a644733b0ee5f81b965b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10426
x-amzn-requestid: b6ad4eac-168a-477b-9883-f77fffc6468f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d5ZfRG7XIAMF7zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad3c61-7766d0293ca12d6e2436ac66;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 07:06:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fbLIBt1nYKjHIB6qMh22u5A92HgG0_f84qqlf5rqpwl4brcU5UB8eQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 13:01:40 GMT
age: 23263
etag: "2adeb5279f5a130a4ddc05199bc7b0b197a3cabc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67b75ebf-7439-4cd2-bd89-000ec5f3aab8.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67b75ebf-7439-4cd2-bd89-000ec5f3aab8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c0dc083dd00810ff8d197c5ad7fb6f7
9e1ca8f2da2a53f7941b6869684b458a3c72a96f
6abddb307b4eab72eeafc413d0eb005773e5100120c4e074f7f3baadf12fa954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67b75ebf-7439-4cd2-bd89-000ec5f3aab8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8537
x-amzn-requestid: 4e0f7a60-ab06-4494-984d-34fcacf63ba1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d_oI7GZfIAMFkGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afba38-6a6424991c4612dd6d3888fa;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 04:27:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HVSax8zutp54N838OPZjYA6MGIF5tCK3plkg9G7R4fg9jm71_Mdcvg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 23:39:54 GMT
age: 71369
etag: "9e1ca8f2da2a53f7941b6869684b458a3c72a96f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc62c3ca8bc387a91c7d4711b5bc2409
7a984b459227e11984faa2539569a90875a58d29
e14a0e22b58fc1f3f392b842573e3abff7b24eb66db6b351046a186acc3b2954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7660
x-amzn-requestid: 9338abf2-1191-47da-95ff-0a201604fbc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKCEDhoAMFZ4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-433f4ba9780dbc7a485ccbe9;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZCKSB-MwWwP2KTj7XMSHOZZcse5xmPE0JtkkBSLGnWqJdNyr-5oQzQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 21:47:16 GMT
age: 78127
etag: "7a984b459227e11984faa2539569a90875a58d29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8dfc9e1668f59239f4e1f605234a98fc
951b40b330e58c62f664138f395101907704d7ff
2582c4e5a9b45cd0c21dcd2fa7c11bb1f77a071ec488457c70235b3a35192a9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3853
Cache-Control: max-age=93596
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:23 GMT
Etag: "63b09aa2-116"
Expires: Mon, 02 Jan 2023 21:29:19 GMT
Last-Modified: Sat, 31 Dec 2022 20:25:06 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32025)
Hash 38a76bd9db7bcd61655d35a37046ad1d
b8aef4bba84d71000810736dd76f643a872ee15c
d4e1d1ccb31338384004beeef249ac102cbd298136b26dfe158ecb7bf4f62937
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 01 Jan 2023 19:29:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 26646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1499c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1729694
expires: Fri, 22 Dec 2023 19:29:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuv2r0679kOvMe8YlGmxCsw%2FHwuSpBN5Y%2B0Yzle9BQj1IRZPFNv%2BYiVNAmUm4b6cftQSfrz9cVh4sdUBixvELYSu1OSG9R00gcvKQDtZ0OFGlNeEcY9ShENzm1cSizFbkl45EdRY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 782da9db6dceb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8dfc9e1668f59239f4e1f605234a98fc
951b40b330e58c62f664138f395101907704d7ff
2582c4e5a9b45cd0c21dcd2fa7c11bb1f77a071ec488457c70235b3a35192a9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3853
Cache-Control: max-age=93596
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:23 GMT
Etag: "63b09aa2-116"
Expires: Mon, 02 Jan 2023 21:29:19 GMT
Last-Modified: Sat, 31 Dec 2022 20:25:06 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
dhlvietnam-express.vn/gioi-thieu/
103.130.216.66200 OK 33 kB URL HTTP/2 dhlvietnam-express.vn/gioi-thieu/
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 83cf079b9322da5e541e52fb48fda6bb
1d1b0d707cc7c7c31784ba8fd26a4ef98dc49120
a189fb180b9926c91ad5edb0356cac1a7f7ff2cb039a39bda5ef24f95d415fba
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /gioi-thieu/ HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://dhlvietnam-express.vn/wp-json/>; rel="https://api.w.org/", <https://dhlvietnam-express.vn/wp-json/wp/v2/pages/406>; rel="alternate"; type="application/json", <https://dhlvietnam-express.vn/?p=406>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sun, 01 Jan 2023 19:29:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/plugins/contact-form-7/includes/css/styles.css
103.130.216.66200 OK 621 B URL HTTP/2 dhlvietnam-express.vn/wp-content/plugins/contact-form-7/includes/css/styles.css
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
Hash 85598598d8403d6f36ffb33763088efe
13cee471c0ee733cc5ab17a995fe789b77fe63b1
5ea1e09117bb834b01b00f95d9c0f9935ed8a242987d85e65ee1929bb5b7335a
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:23 GMT
content-type: text/css
last-modified: Sat, 19 Dec 2020 10:43:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 621
date: Sun, 01 Jan 2023 19:29:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css
103.130.216.66200 OK 6.7 kB URL HTTP/2 dhlvietnam-express.vn/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (30837)
Hash 97c6ce9b4936f66aa388ad33c39aba2d
3f14a7e78fbb4935cf35c20779dc2035531849a9
1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:23 GMT
content-type: text/css
last-modified: Tue, 04 Jun 2019 09:40:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6658
date: Sun, 01 Jan 2023 19:29:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/plugins/button-contact-vr/css/style.css
103.130.216.66200 OK 792 B URL HTTP/2 dhlvietnam-express.vn/wp-content/plugins/button-contact-vr/css/style.css
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (314), with CRLF line terminators
Hash ae2b61b9a3623418569eb547439d46d8
269ced1346f72fe4c8b5089350d8071081e30693
50606987a6670aa09520bb4c2251e7dd006cf2f84ceb1d38443b468bf60c9dec
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /wp-content/plugins/button-contact-vr/css/style.css HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:23 GMT
content-type: text/css
last-modified: Sat, 15 May 2021 07:13:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 792
date: Sun, 01 Jan 2023 19:29:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/themes/flatsome/assets/css/fl-icons.css
103.130.216.66200 OK 369 B URL HTTP/2 dhlvietnam-express.vn/wp-content/themes/flatsome/assets/css/fl-icons.css
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (368)
Hash 0a562076dc9cf2d69817b7fc435b06cb
42732451f6f4cae6021f39caa5457d54f3c178b3
28f4c609a2b8bc8fe9f7309107c7c9ba63d2880ff4080924dbf7ff46ab4d79f4
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /wp-content/themes/flatsome/assets/css/fl-icons.css HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:23 GMT
content-type: text/css
last-modified: Tue, 04 Jun 2019 09:40:19 GMT
accept-ranges: bytes
content-length: 369
date: Sun, 01 Jan 2023 19:29:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/themes/flatsome/assets/css/flatsome.css
103.130.216.66200 OK 26 kB URL HTTP/2 dhlvietnam-express.vn/wp-content/themes/flatsome/assets/css/flatsome.css
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4823f26a927f0e4540eda711d19b4fef
efa50217e92c7140f14a183161dc20ce04d028cf
a4a9bd313d20d17c4ee6a760687497a156854b65bc895aac05850ffd89947bc5
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /wp-content/themes/flatsome/assets/css/flatsome.css HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:23 GMT
content-type: text/css
last-modified: Tue, 04 Jun 2019 09:40:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 26465
date: Sun, 01 Jan 2023 19:29:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/themes/flatsome%20child/style.css
103.130.216.66200 OK 2.6 kB URL HTTP/2 dhlvietnam-express.vn/wp-content/themes/flatsome%20child/style.css
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
Hash 7e525dfd0386ae801fbd3a901a52d77c
7961eba312191105e1428f3b1cb6c5453e822989
ef4b7b05205654a32a817a280f9a3700fff7b2fbe034424b0dada3d091b89fa7
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /wp-content/themes/flatsome%20child/style.css HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:23 GMT
content-type: text/css
last-modified: Tue, 04 Jun 2019 09:40:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2585
date: Sun, 01 Jan 2023 19:29:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-includes/js/jquery/jquery-migrate.min.js
103.130.216.66200 OK 4.0 kB URL HTTP/2 dhlvietnam-express.vn/wp-includes/js/jquery/jquery-migrate.min.js
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:23 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 07:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sun, 01 Jan 2023 19:29:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-includes/js/jquery/jquery.min.js
103.130.216.66200 OK 30 kB URL HTTP/2 dhlvietnam-express.vn/wp-includes/js/jquery/jquery.min.js
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:23 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 13:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Sun, 01 Jan 2023 19:29:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb1d3417a0b0d2434a037980ea83af16
532dc1e7e5c099f8e89871fa768af1b105f21c75
8a448869432d3c3030eb75af5c36429f6c72e101c1c9bd94d50362a8b40b558d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3995
Cache-Control: max-age=141587
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:24 GMT
Etag: "63b1558c-1d7"
Expires: Tue, 03 Jan 2023 10:49:11 GMT
Last-Modified: Sun, 01 Jan 2023 09:42:36 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
dhlvietnam-express.vn/wp-content/uploads/2020/03/logopngdhl.png
103.130.216.66200 OK 2.0 kB URL HTTP/2 dhlvietnam-express.vn/wp-content/uploads/2020/03/logopngdhl.png
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type PNG image data, 687 x 134, 4-bit colormap, non-interlaced\012- data
Hash 2498b27b4eac7d69b4e138b69a989d35
55dc97ee180fb1ec995149c16e128aa359fb6b9e
35c1a9b8febcacea73d5f83430ec4f447b73a19ee2e9bf43150741f970f5aa77
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /wp-content/uploads/2020/03/logopngdhl.png HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:23 GMT
content-type: image/png
last-modified: Thu, 03 Dec 2020 02:15:56 GMT
accept-ranges: bytes
content-length: 2047
date: Sun, 01 Jan 2023 19:29:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/plugins/contact-form-7/includes/js/scripts.js
103.130.216.66200 OK 3.7 kB URL HTTP/2 dhlvietnam-express.vn/wp-content/plugins/contact-form-7/includes/js/scripts.js
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
Hash d195c191fe9bd887d9c0731b49295cc0
e3b86a888cacde393fc60365850cb4668f3e2ab2
1b91f8ebf36b0e4196a89c6560bb1e45ed6826232fe463e84c67b2502006443c
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:24 GMT
content-type: application/javascript
last-modified: Sat, 19 Dec 2020 10:43:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3700
date: Sun, 01 Jan 2023 19:29:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js
103.130.216.66200 OK 4.8 kB URL HTTP/2 dhlvietnam-express.vn/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (12801)
Hash 70cbc7ebb657b8543e7a16850bd72f06
52f910087652491f0aed0d9c23029cf9cde73e25
e001ff5cf15b6ba1d367f441370a2fad7baab087af21c7a22d009ddce1ca342b
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Jun 2019 09:40:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4815
date: Sun, 01 Jan 2023 19:29:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-includes/js/hoverIntent.min.js
103.130.216.66200 OK 667 B URL HTTP/2 dhlvietnam-express.vn/wp-includes/js/hoverIntent.min.js
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (1465)
Hash 9c11b8496983473569adb5572dbfc33c
eaa0325a005c0f399a336a34bd31938d334b6cb7
46e7f5427c98ecffa46d1e9fddedcb90ca4e9ac2d8dd583ba6ba1f6dedfb9f13
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /wp-includes/js/hoverIntent.min.js HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:24 GMT
content-type: application/javascript
last-modified: Mon, 03 Jan 2022 13:33:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 667
date: Sun, 01 Jan 2023 19:29:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/plugins/button-contact-vr/img/zalo.png
103.130.216.66200 OK 4.0 kB URL HTTP/2 dhlvietnam-express.vn/wp-content/plugins/button-contact-vr/img/zalo.png
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type PNG image data, 100 x 95, 8-bit colormap, non-interlaced\012- data
Hash 5b983baae6dbf4b632e7a4694d4076b4
c7b1cafc2270a73ad31975be2c9a7fad38568d73
3a60f04d2c74a4eadad3c5bad7bd0a6d9e038f7725fd31ed03a0e93091362dd1
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /wp-content/plugins/button-contact-vr/img/zalo.png HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:24 GMT
content-type: image/png
last-modified: Sat, 15 May 2021 07:13:55 GMT
accept-ranges: bytes
content-length: 3998
date: Sun, 01 Jan 2023 19:29:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/themes/flatsome/assets/js/flatsome.js
103.130.216.66200 OK 46 kB URL HTTP/2 dhlvietnam-express.vn/wp-content/themes/flatsome/assets/js/flatsome.js
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (19155)
Hash 5bb625eec647f0941f252cb795258ff9
bcd865496213d071ea49f591fe3f89d1038f5b45
c4463babf0baf9df472b4e47928e99177b9bd443eff2d08cde5aa067f08ec663
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /wp-content/themes/flatsome/assets/js/flatsome.js HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Jun 2019 09:40:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 45669
date: Sun, 01 Jan 2023 19:29:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 881a0e572ff718f9bed0c76ab3d03426
d1dbff4067cd4a9b069cef0fb1a2118dd50c92c5
329fb6eb905b8c5f40d9a36c4f3b953d6555f3f621e43f1c83133a632a1d6334
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dhlvietnam-express.vn/wp-content/uploads/2020/03/c26dcf49b605-694x400.jpg
103.130.216.66200 OK 41 kB URL HTTP/2 dhlvietnam-express.vn/wp-content/uploads/2020/03/c26dcf49b605-694x400.jpg
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 694x400, components 3\012- data
Hash 692887853cfa34ce6c6029277e15c9ff
de0ca855020aadf5858eb6d09cc400dd4da70cf2
a5b9ebd7f10550cf17d8ec66c349e86517d86c78f2dac640f18df79d118281d6
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /wp-content/uploads/2020/03/c26dcf49b605-694x400.jpg HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:29:24 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 02:16:06 GMT
accept-ranges: bytes
content-length: 41003
date: Sun, 01 Jan 2023 19:29:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3919.0611740459476!2d106.6621949141054!3d10.806626761592229!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x317529640317edcb%3A0x8725280a03fd1e30!2zMjEvMzggVHLGsOG7nW5nIFPGoW4sIFBoxrDhu51uZyA0LCBUw6JuIELDrG5oLCBUaMOgbmggcGjhu5EgSOG7kyBDaMOtIE1pbmgsIFZp4buHdCBOYW0!5e0!3m2!1svi!2s!4v1603926439707!5m2!1svi!2s
142.250.74.132200 OK 1.0 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3919.0611740459476!2d106.6621949141054!3d10.806626761592229!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x317529640317edcb%3A0x8725280a03fd1e30!2zMjEvMzggVHLGsOG7nW5nIFPGoW4sIFBoxrDhu51uZyA0LCBUw6JuIELDrG5oLCBUaMOgbmggcGjhu5EgSOG7kyBDaMOtIE1pbmgsIFZp4buHdCBOYW0!5e0!3m2!1svi!2s!4v1603926439707!5m2!1svi!2s
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1796)
Hash e3212540958d78c075e65cadb152a73a
69970e371c5c8ba053879c7d873c825b47f879e3
516515326fe33bcb6592bdf8da84e8e7d56f02915ee91a313bce239ac04a0d34
GET /maps/embed?pb=!1m18!1m12!1m3!1d3919.0611740459476!2d106.6621949141054!3d10.806626761592229!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x317529640317edcb%3A0x8725280a03fd1e30!2zMjEvMzggVHLGsOG7nW5nIFPGoW4sIFBoxrDhu51uZyA0LCBUw6JuIELDrG5oLCBUaMOgbmggcGjhu5EgSOG7kyBDaMOtIE1pbmgsIFZp4buHdCBOYW0!5e0!3m2!1svi!2s!4v1603926439707!5m2!1svi!2s HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sun, 01 Jan 2023 19:29:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-JtxtN5pTYX-5qPpmibZ7Lw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1005
x-xss-protection: 0
server-timing: gfet4t7; dur=222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb1d3417a0b0d2434a037980ea83af16
532dc1e7e5c099f8e89871fa768af1b105f21c75
8a448869432d3c3030eb75af5c36429f6c72e101c1c9bd94d50362a8b40b558d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3995
Cache-Control: max-age=141587
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:24 GMT
Etag: "63b1558c-1d7"
Expires: Tue, 03 Jan 2023 10:49:11 GMT
Last-Modified: Sun, 01 Jan 2023 09:42:36 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/yf/r/uftvpBOwAM5.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yf/r/uftvpBOwAM5.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5828)
Hash eef8af5be8755e2c304dfeca97c6c8b9
c712189796acf6eb6fcceaffe551b25efd475a14
c3e1914f40e29bafe042cbd8f9f2bd58a257523c0ef86764eb91a18ed2980c42
GET /rsrc.php/v3/yf/r/uftvpBOwAM5.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 26 Dec 2023 19:18:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 7vivW+h1XiwwTf7Kl8bIuQ==
x-fb-debug: 8pfSxC5U6NAiH4+6ENlZdHXUB1qwWfSTk3YcRxvq1ma1hGl3qvVLIpt9AKSVEm+6Cle2RuwgeLCPOsEtthJ++g==
content-length: 5272
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvanchuyenhangdicacnuoc&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=587658348482843
157.240.200.35200 OK 22 kB URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvanchuyenhangdicacnuoc&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=587658348482843
IP 157.240.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22201)
Hash c7c483b300ae6d65d90744901513aaf7
2453cbc6c97bfe9e9ee3d7ffa260d1fedda20a99
e1a6265ded889623e2fb3ed57d29757148116bdc0ef4cbf5fdca43a1681d30ba
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvanchuyenhangdicacnuoc&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=587658348482843 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: WzfDV++zHqTTzJd41zNdOabs/TPWWuWRsXSNm53fJ8MkyN8wS2Dgi268O7J9KKBr6M3vnvV51Na1LWu2lj1M0w==
date: Sun, 01 Jan 2023 19:29:24 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 293 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (327)
Hash 2f913d812811ef7e6fca30334c5972e2
d17caaa167443dc08696c672380f237e0db3fb02
ee8918a2f5d163099104b70f79065abc8fd309e69add57170546f2706956eef8
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 17:31:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: L5E9gSgR735vyjAzTFly4g==
x-fb-debug: LFzj3N7JgCbilCC70EZ2DFc4kSBeJDY5gohLixqt89FJ3uUNf0Py9987R0js/xduiQlz0XzKFsGMNs3jw9qwEQ==
content-length: 293
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/90_WUNArjH8.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/90_WUNArjH8.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 52aa1e5de34a7a8a9443530f4f21f477
36b86ba5c1d60f8a22ac66505d2a87cfe8f70e57
4dc896ce32d191f0acab801d8d7afefc96bfabe8b2f3e59463b398eb85397782
GET /rsrc.php/v3/ym/l/0,cross/90_WUNArjH8.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 01 Jan 2024 18:28:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: UqoeXeNKeoqUQ1MPTyH0dw==
x-fb-debug: Tchk4NzH8+q86cQc2MMrsLlOaSa3SqPM+5MdxmyAErR+qXZ9xA3zsAi2bf4tAteQBYssKSRoSJ6DW5FsBDy7lg==
priority: u=2
content-length: 5409
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yL/r/PlsnJC666Fj.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 6.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yL/r/PlsnJC666Fj.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (7780)
Hash 855b9a9b80d4c186253eba4e0d14b18d
9af34af716b9116d91c7e2012f35cc756afdfbd3
39f68beab2325364f3a27998ec9692c7275ae0fb6d979fc3730bf881b65975ce
GET /rsrc.php/v3/yL/r/PlsnJC666Fj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Dec 2023 10:01:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: hVuam4DUwYYlPrpODRSxjQ==
x-fb-debug: kb9Gt4rhA3p3u5PYUqH9ngWwDSudkef5Oa14blr/C7Qt5S2Ksc0HT0laE6y7BVT/RVd8+jzzpA8pH3epwPGPsQ==
priority: u=3,i
content-length: 6772
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yd/l/en_US/h-L8FQ7MyJY.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yd/l/en_US/h-L8FQ7MyJY.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2905)
Hash b3d9bbe7863976aa5b46e02c7798acc8
f3534203ec245879da839b07de21385a5203556d
f29d8841fd47e887686263e49027672a365baa6362e277192f635b303c9e016d
GET /rsrc.php/v3iLl54/yd/l/en_US/h-L8FQ7MyJY.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 00:14:53 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: s9m754Y5dqpbRuAsd5isyA==
x-fb-debug: IobHyBby+RhEku/vM4FWclA5hgIsGlzTgIuE+RzzXjjaIjrtDr5r4ZfXar/SWjDTKPWlGX2vAyrCwu/D7Ah3Kg==
content-length: 7100
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y1/l/en_US/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/y1/l/en_US/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (42114)
Hash 7524540c965e62fd3390f6aa427f5443
bd1b7935aef5eb36690c1982886b67470fc8e373
7f456c91da4be41030dff14d2537892f29329d157b92643d4ae329d30d6254d4
GET /rsrc.php/v3iEpO4/y1/l/en_US/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 22:44:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dSRUDJZeYv0zkPaqQn9UQw==
x-fb-debug: x+EpoeeCowncmLSbGXl2z+a2h4K1i33IrsJ0WcWyGo2EMKXQPKK1Uzut8aZVDzZXthqreXdDEVYAjwaIJIZnJQ==
content-length: 23498
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 830 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d
GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 15:32:37 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: OlzN21WjzLJ5StoXKMt/QQEFsoEX3aeLqY5bph3r4ZD4kX8saFfUmzB592JCt1Pcp2B1llF12eCVx4WYHyl6Sw==
priority: u=2
content-length: 830
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/Fs66-ooFjHN.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 85 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/Fs66-ooFjHN.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18622)
Hash 33aa1a2f8dcf2e0f1313b420cbdd6783
1b0da05e75a3fc9c2b529b01b529dd4bab20a401
c5f074386e4d39c9850c012cd539aa1f5a56b109344cec9863d4edc331e34366
GET /rsrc.php/v3/y6/r/Fs66-ooFjHN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 27 Dec 2023 21:15:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: M6oaL43PLg8TE7Qgy91ngw==
x-fb-debug: ZLXzuVk9Bkenc3R4zzjLYkO8Wu6wrMThAFJlhqDcqY7pTO5ObMppik+zvpibcS1KxdoGI7jvbNUJwyu+H8W8ug==
content-length: 85051
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1984)
Hash 9286a42c6635bf94761964f1b129c0de
21d966c8e5833bec35fd039f80e6f7e47185743a
da4067af50abaeaa27b4dfc7f3accf1346f13d9fd9d3821222bc820378c7ed00
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 13:47:37 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: koakLGY1v5R2GWTxsSnA3g==
x-fb-debug: X1DwjT/W+lXQIOXoZgxGO60rtitg/Bqekw1pZhtvpwaqzKiIINhdHHNijSzGP+6v/Kb9O3z98Y3UqTe9kVfe6g==
priority: u=3,i
content-length: 1615
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8741)
Hash c92ef94e30a2dd9473fd9fe533472b73
97049e47de026939c75a885df9e8bb0fb56515ba
f2981c7109e60cf9f5a9e846a25800dbec20a923db028f310b6feb79415650bb
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 16:05:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: yS75TjCi3ZRz/Z/lM0crcw==
x-fb-debug: U8TYhtIwieUaE+BpLvk0Xw7ps/yThgqW5XjsZVop3u4YwX5eFaxYBxrF8HgB/MiH1SdTKPWsU3h5vM6jeeb7oQ==
priority: u=3,i
content-length: 16232
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash 1ad15afc034f310427c81b0759603a2b
e5efd1d029dccf5fa8128c84aadb6544a4ab60e0
fedf63f655f9eef24c517c3d6762fb07b142213ba623d4a0b06614fb5d9754bd
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 27 Dec 2023 02:03:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
x-fb-debug: 03omrPytNZHYWoBH3usGlQt1W0e7CzAK88io1Zy2v2+GGixauzQRzXT1NCBjf3iogfm8ny9ZNmALg2YKoUNIIg==
priority: u=3,i
content-length: 12334
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dbfef74ce76b23c224b757987732f8dc
4002319b0161d6ea3849c784ace79f577db288b2
406af203f4e69f59113802dc7ec297934b1e87c7101c5c5e3ee686c71d19b1b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81c87a3f088331ce54f7b42d3815e4d7
93f7ac5fa21edef94d130988ab2833a36a8db38d
e493ad44a81a5773112904c8141b028cac7298d3cf1b44368291d9a0a3b800d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=vi&callback=onApiLoad
142.250.74.42200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=vi&callback=onApiLoad
IP 142.250.74.42:0
File type ASCII text, with very long lines (2448)
Hash 51a7e7482d7b9c9449b90b90fc47431b
bbffe7a82f96616272f78c4a2db134e033cfda57
6195b979512473c2472954436b2a656caf819a841e11c31dc71ee4b70549b514
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=vi&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 57138
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=10
date: Sun, 01 Jan 2023 19:01:59 GMT
expires: Sun, 01 Jan 2023 19:31:59 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 1645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81c87a3f088331ce54f7b42d3815e4d7
93f7ac5fa21edef94d130988ab2833a36a8db38d
e493ad44a81a5773112904c8141b028cac7298d3cf1b44368291d9a0a3b800d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81c87a3f088331ce54f7b42d3815e4d7
93f7ac5fa21edef94d130988ab2833a36a8db38d
e493ad44a81a5773112904c8141b028cac7298d3cf1b44368291d9a0a3b800d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
31.13.72.12200 OK 573 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
IP 31.13.72.12:0
File type PNG image data, 13 x 39, 8-bit colormap, non-interlaced\012- data
Hash d3b686ff6004b431d5019e4b51a8cc0d
34ec288bdcad2eada81c75960439bf60b95eb285
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
GET /rsrc.php/v3/yw/r/UXtr_j2Fwe-.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/90_WUNArjH8.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
expires: Wed, 27 Dec 2023 02:54:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: REZrPGbV2lu5psAILOq86vwojpKgytQz6PbQGOwi3PRMN9ACUw7qvCeRWbA/IBVajVcKiDy9+Vl3TuEHFEHGWQ==
content-length: 573
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed:regular,700%7CRoboto+Condensed:regular,regular%7CRoboto+Condensed:regular,700%7CRoboto+Condensed:regular,regular
142.250.74.42200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed:regular,700%7CRoboto+Condensed:regular,regular%7CRoboto+Condensed:regular,700%7CRoboto+Condensed:regular,regular
IP 142.250.74.42:0
Hash fbe79adf9c7f16d7ca912e8c94b3bdd5
a7144eb938255783ed0460ebebcf3cd524f35228
59cd636141c7d7f3b441b39f6a98d1938c844c921788e67e10e20de50101d795
GET /css?family=Roboto+Condensed:regular,700%7CRoboto+Condensed:regular,regular%7CRoboto+Condensed:regular,700%7CRoboto+Condensed:regular,regular HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 01 Jan 2023 19:29:24 GMT
date: Sun, 01 Jan 2023 19:29:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/r/RPUw2tykHHO.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 3.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/RPUw2tykHHO.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (9898)
Hash 6140cf9d88a2c70cfa6b45005bdf4973
43681f236ea9da656d52e84c75a20cb319bb33be
7704f80f2d856b7a65ba97305a538c00756ad704384053d694197c91d99716b1
GET /rsrc.php/v3/yi/r/RPUw2tykHHO.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 08:52:36 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: YUDPnYiixwz6a0UAW99Jcw==
x-fb-debug: bSn1SGrCv+fZeUO0Sjpywp/YW8DJD+uvhOumZPJ2JYfHJsKi3iFV/FaYt/Z7BcYBDbrq0ekpQmgEpxjULty5Dw==
content-length: 3587
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ZuqseZ0OJ8U.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 53 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/ZuqseZ0OJ8U.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (60715)
Hash 7eb181d063eb5d5820e705d9d35bdfb0
99c521edcc6a759e3f8c338794b84616389848b6
904da91ff808513ea154d0fe510276e7ea1d34c8a21ac2be9fde7006df037b57
GET /rsrc.php/v3/yi/r/ZuqseZ0OJ8U.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 01 Jan 2024 18:25:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: frGB0GPrXVgg5wXZ01vfsA==
x-fb-debug: sUa4qh6RRCr5BZ8Bw15OOWKc1A54TXe+32wjlRVTaX1K59a7h7ptV9ZdVXIGEKs4HBB4QgxFGbf6Esf+AuNNwQ==
content-length: 53043
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.42200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.42:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 01 Jan 2023 19:29:25 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b8166fe0679d6ccf83bc7f27cb76f6a5
7c76f9e3b7cd828fd0bd9ddb3603e0f1c8fc6f23
d0799689c53c389718f8818863c88447440e69b8837264dbe7a24e62a746e1e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b8166fe0679d6ccf83bc7f27cb76f6a5
7c76f9e3b7cd828fd0bd9ddb3603e0f1c8fc6f23
d0799689c53c389718f8818863c88447440e69b8837264dbe7a24e62a746e1e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhlvietnam-express.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Dec 2022 15:42:33 GMT
expires: Wed, 27 Dec 2023 15:42:33 GMT
cache-control: public, max-age=31536000
age: 445612
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b8166fe0679d6ccf83bc7f27cb76f6a5
7c76f9e3b7cd828fd0bd9ddb3603e0f1c8fc6f23
d0799689c53c389718f8818863c88447440e69b8837264dbe7a24e62a746e1e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b8166fe0679d6ccf83bc7f27cb76f6a5
7c76f9e3b7cd828fd0bd9ddb3603e0f1c8fc6f23
d0799689c53c389718f8818863c88447440e69b8837264dbe7a24e62a746e1e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b8166fe0679d6ccf83bc7f27cb76f6a5
7c76f9e3b7cd828fd0bd9ddb3603e0f1c8fc6f23
d0799689c53c389718f8818863c88447440e69b8837264dbe7a24e62a746e1e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
142.250.74.35200 OK 5.7 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5696, version 1.0\012- data
Hash 85fc330e5d5f44827f71c9c87e20fc08
a12bad7ed537f664c3b4ec0c501b3cce2df55921
a443599b665cfcd9a13fc46056624c65f518c06ee47925c4a940c58164b1b799
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhlvietnam-express.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5696
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Dec 2022 06:53:36 GMT
expires: Thu, 28 Dec 2023 06:53:36 GMT
cache-control: public, max-age=31536000
age: 390949
last-modified: Tue, 19 Apr 2022 18:51:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
142.250.74.35200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11760, version 1.0\012- data
Hash f54251ea804647e0203e453359a69fb1
c02db1a2028be922135239168d270579220844a0
b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhlvietnam-express.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Dec 2022 08:26:57 GMT
expires: Fri, 29 Dec 2023 08:26:57 GMT
cache-control: public, max-age=31536000
age: 298948
last-modified: Tue, 19 Apr 2022 19:07:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/51/3/intl/vi_ALL/init_embed.js
142.250.74.99200 OK 70 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/3/intl/vi_ALL/init_embed.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2669)
Hash 194560ff959aa2f91e585cce4dbee1f6
412c6046a04685ac9157204a61b1078ba7ac0fda
bff912f0c5091aa9a637f0bf0a27c27fb7f49d936c0955e24be55d61f62eb5ae
GET /maps-api-v3/embed/js/51/3/intl/vi_ALL/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69685
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Dec 2022 20:29:23 GMT
expires: Thu, 28 Dec 2023 20:29:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 18:55:12 GMT
content-type: text/javascript
age: 342002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
31.13.72.12200 OK 1.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
IP 31.13.72.12:0
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash ac1e1c4d6f16359701b059ed4e8246b4
ff19b30a3b3d8d1765c239b25dbc98cb3263786a
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
GET /rsrc.php/v3/yH/r/xgVgalBG80z.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/90_WUNArjH8.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: rB4cTW8WNZcBsFntToJGtA==
expires: Tue, 26 Dec 2023 04:48:43 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 1u770M6FiXIJ5TEAX7nuff3XGV4ZI3J3cjWcYZsReiTiggreZwKIOpaKhnDPen/DdAiTe6ssOhUPmybOQFUFbg==
content-length: 1315
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:25 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
142.250.74.35200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5564, version 1.0\012- data
Hash d4d88a25c6405b91c0d8cb3fa6c9ca7b
06a7623d5b742d64372240e2c63c1c1330e63b90
bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhlvietnam-express.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Dec 2022 08:38:07 GMT
expires: Fri, 29 Dec 2023 08:38:07 GMT
cache-control: public, max-age=31536000
age: 298278
last-modified: Tue, 19 Apr 2022 19:11:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhlvietnam-express.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Dec 2022 22:14:50 GMT
expires: Wed, 27 Dec 2023 22:14:50 GMT
cache-control: public, max-age=31536000
age: 422075
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
142.250.74.35200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11816, version 1.0\012- data
Hash 7fa68490a833a8fa395e5f3bffafc052
1880e3743548106319713b937e7769eee6b1ce21
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhlvietnam-express.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Dec 2022 23:10:54 GMT
expires: Wed, 27 Dec 2023 23:10:54 GMT
cache-control: public, max-age=31536000
age: 418711
last-modified: Tue, 19 Apr 2022 18:52:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b8166fe0679d6ccf83bc7f27cb76f6a5
7c76f9e3b7cd828fd0bd9ddb3603e0f1c8fc6f23
d0799689c53c389718f8818863c88447440e69b8837264dbe7a24e62a746e1e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 47ca3cedb51ab9e282f8654033435e27
69b5555f030f2391bb54a9bbb346df1e26a002fe
1faba6521dffb13110c25219bb4ff94ec9f00bff3079a03f1296d91cb622f7c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 19:29:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/s7Li9Aq-hu0.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/s7Li9Aq-hu0.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type assembler source, ASCII text, with very long lines (2642)
Hash 5024d751c01432036f1fd63f8eb1b611
a3715766ced44ec80370205c277b350ce62cb02b
9aea4f4cab9baea9136507cc618763179c0bc6c80ad6a80eb4f68316b174c95c
GET /rsrc.php/v3/yt/l/0,cross/s7Li9Aq-hu0.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 18:54:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: UCTXUcAUMgNvH9Y/jrG2EQ==
x-fb-debug: xPG+utXaPWNSRV1wC2vfzLnYhDfuwbgB+qH5HZoUqZBvGwQTZl7u7wtcs1ZxS6OsFFtKL+3ClkTJt4dcWRaQkw==
priority: u=3,i
content-length: 4696
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ek0SDUFa3HY.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ek0SDUFa3HY.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (15336)
Hash 8320dc1a97bbc7584dad18f7b64d90cd
0e5eca39be643c73100c5201f1a6bfb0a1fc6a05
24ecf9297145af623a0036898f65f7447bed2aa77f43e2010e33564ec9bdd169
GET /rsrc.php/v3/yQ/r/ek0SDUFa3HY.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 23:55:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: gyDcGpe7x1hNrRj3tk2QzQ==
x-fb-debug: DJ0WGQL2edGKJDQ8mGEmqqFkcevgo94JxsUTrrfvzVh5BR5/LpH7f6qaJaWrmEY5HGNHaofJBwUcxeV9amf4kw==
priority: u=3,i
content-length: 16218
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ym/r/4Mu2lW6i1B1.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 2.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ym/r/4Mu2lW6i1B1.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2772)
Hash d0f78a3370e1c6f1b38aeaab0972d953
027135e422850acd3b249dec19ed841d72ab0881
a515f0434d7586cedf37ca88893ef191a34d504ef9d319c68a357fb00f9b5cd7
GET /rsrc.php/v3/ym/r/4Mu2lW6i1B1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 18:35:11 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0PeKM3DhxvGziuqrCXLZUw==
x-fb-debug: PJhFAKqyHkX1y4zwuM3Cm6QBB2yzuVtZ+OaunRO3v0bzatwrjZQK1zVb9hbTpCRqx+Nw8blRYQbwuC22DQMpxw==
priority: u=3,i
content-length: 2736
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/IrGICuLYjuP.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yJ/r/IrGICuLYjuP.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4488)
Hash 761c9e373ae200327a6dcf8ac2da338c
c173d4b110a89dd29b92b407b255077ab3058af1
3e20129181c179099a7a8d6db200b1230e3b114c47cc5e26ed3f392a73afbcc2
GET /rsrc.php/v3/yJ/r/IrGICuLYjuP.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Dec 2023 18:42:02 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dhyeNzriADJ6bc+KwtozjA==
x-fb-debug: yi06s+T2ndW/y9GpSjY4Do56FpyfsSOnfHBo6lNYgOITnViIv2HzPagrqnlVN1oUSaWpwTUTJhAYq0niO29pgA==
content-length: 4666
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1491)
Hash b95ec91a00eb9acc4ca4e48a770f98f5
a704edf62ce2d8a1508be31eb6c41aa2c1955a7e
b3624c76af91730fbcd365fdd8936512f4ea21a7dc1211cd12758e288821dd38
GET /rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 15:33:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: uV7JGgDrmsxMpOSKdw+Y9Q==
x-fb-debug: Si9hpqLue5xbHqW3M4jaKmv2Pr7GPdmSp8yr14fEF/fklViCmvV3tBUfSHnO494Z7N1Xkfn2IdYYTyDvhDY6ZQ==
content-length: 1243
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (4643)
Hash 2f3bd3f5da2acb55828c5dcefde8a274
00f21373747009968870397a243322c067466c97
fae6708a549046751d2ec4b001dd8402482494ec07a924132775332ac354f2a1
GET /rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 17:48:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: LzvT9doqy1WCjF3O/eiidA==
x-fb-debug: it16Jaatrx+rPZzGZEfn7zAjkbRE6EbTEdLNtQ94hrR3HlkssTUDvdAl9+3QGvMOxrqDUhNkFiBbikuQbndi4A==
priority: u=3,i
content-length: 5358
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEBX4/yS/l/en_US/64zQg4vqE4h.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 6.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEBX4/yS/l/en_US/64zQg4vqE4h.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5962)
Hash 589508d468f2833fd5fd0d21e058da93
341dad237c22e7a0bcc2facdd9324f34636bf3bf
78f0d9e15af347a798e9bd5b7a677da0d72ca6c2c91b7c4d9d53a940420f791c
GET /rsrc.php/v3iEBX4/yS/l/en_US/64zQg4vqE4h.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 16:31:26 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: WJUI1Gjygz/V/Q0h4Fjakw==
x-fb-debug: gRDLv1c9cZeN41yklEvdB0ow0Q0UmEIC3pt1cS0jRAtdbL0HysfwyQsb33BcAgNj1BV2FOLDv3kvVG+b/Fjjow==
priority: u=3,i
content-length: 6710
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yw/r/-UiReSjdfva.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 390 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yw/r/-UiReSjdfva.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (618)
Hash 0984a4c8a4a6cd15974c8585b70033ad
8893ca1b4cd9037584d995d4c12e44f02c1cfb71
3147ce4394aac97aa02e9a1f01f61f3135df185e8ffbd9420e0fa332d4b3cb6b
GET /rsrc.php/v3/yw/r/-UiReSjdfva.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 21 Dec 2023 16:26:57 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CYSkyKSmzRWXTIWFtwAzrQ==
x-fb-debug: n6/EWYMkMEXXBula64e6jmCKmZCFBOBPGyW4Pu2gUJ4lnVUZXKlUg+gh/ZcKaqC12noGXaJmA/Y9/ELwnqzVxg==
content-length: 390
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 10 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18915)
Hash 084615819834e23edead2d2e6fbb0db2
656c5c532f295c4c3a788ea0a719da7686c05bfe
41c35b99b989e96dd40bfbbfb44fe26556a062069ec4e05ad67f51e2259d295e
GET /rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 22:36:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CEYVgZg04j7erS0ub7sNsg==
x-fb-debug: 4ilKck1y1Gl+ZzHyjC6cd9A+PkS/cDVccqOEFAXRWD5E7raoisxA5ccMovhbK/91WnTzBpsdbQNJnNhdpg5keg==
priority: u=3,i
content-length: 10390
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png
31.13.72.12200 OK 548 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png
IP 31.13.72.12:0
File type PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Hash 976d05eb572dff7402dab33e7868d1a3
6de347f502856325e90de1fd137382cc2f61dc75
83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4
GET /rsrc.php/v3/yD/r/MKQzjVd1bVq.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/90_WUNArjH8.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: l20F61ct/3QC2rM+eGjRow==
expires: Mon, 25 Dec 2023 04:39:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 3FA1IrjHcOkW0krboEJ2cBRRfsWQMPF8X0QwCOmtexyB3H7Jz8VWfT4rjLscLN519KPq601QqNkg3uH+FGv4iQ==
content-length: 548
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png
31.13.72.12200 OK 2.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png
IP 31.13.72.12:0
File type PNG image data, 25 x 281, 8-bit colormap, non-interlaced\012- data
Hash 8bb456647dce20d407811b3ddcae0999
c4df3fb38a35fd018a2f0f7a7009fa9aacac40db
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
GET /rsrc.php/v3/yx/r/re1hPxQECWj.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/s7Li9Aq-hu0.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: i7RWZH3OINQHgRs93K4JmQ==
expires: Tue, 26 Dec 2023 04:53:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: dYIJgCqEfbFITCXYQ34wQXn+rLVmz6J1Y34EXKA8sO0gdCxmIi8Ymgf8r5HN1VTer0gEFd/1w+p2Xfg5PZT/OA==
priority: u=3,i
content-length: 2674
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t72/1/16/1f538.png
31.13.72.12200 OK 226 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t72/1/16/1f538.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e82e47c36913fc7946b03cca026e758
dab6dd30aea4ec6e3ef4da32ca4a0325dfc8f750
9468934858a22bff7c1aa268146e8097d141095f73cbbc3366e8883c9c79e44f
GET /images/emoji.php/v9/t72/1/16/1f538.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: LoLkfDaRP8eUawPMoCbnWA==
expires: Sat, 30 Dec 2023 00:35:37 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: pbGRzILTTN/uygE6Jpx5Vi5/Mo7NSoUTEuAlRNzpcftjimdmTC4m6XTiGHdZ31F8B1BtgNjJzOKxWgrAIf9LuQ==
content-length: 226
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/tf3/1/16/1f539.png
31.13.72.12200 OK 238 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/tf3/1/16/1f539.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 354ea12e889925f9512919a86c1f70f5
1122ef09453cc2ac21fb99b9d5921eddb02c60ce
e2514b7a658e3ceb618fb271d6232cbce51dfd3946dae0698b9f72e4d93e0d4f
GET /images/emoji.php/v9/tf3/1/16/1f539.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: NU6hLoiZJflRKRmobB9w9Q==
expires: Mon, 25 Dec 2023 04:42:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: T0pAjCwQLWCztS3AD1QqncXVipFLWRXoWRbuOwRCzqSMJ/5DKtV5U6KjimATlrkBjY8Q+QsOGUZw4QoOVYW6Ug==
content-length: 238
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t40/1/16/1f4a5.png
31.13.72.12200 OK 523 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t40/1/16/1f4a5.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a2b147498a76250bc58d3a3089e2402
f914df91c59ef6cd5d9b6c9ab4239952899a8330
4271180ba0af819893771cfc4b96ff607278e3de726019f3af58f8696192f6cd
GET /images/emoji.php/v9/t40/1/16/1f4a5.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: SisUdJinYlC8WNOjCJ4kAg==
expires: Tue, 26 Dec 2023 02:22:07 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 1TGWVYsEQT4RHkMs2YUW8P5eSfELEaFRRjRYM/NgcvDDZO5hVvJnt+rs8i+d9DKN2ZU4Y2UxvW2nIEpf5/A2+Q==
priority: u=3,i
content-length: 523
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t51/1/16/1f449.png
31.13.72.12200 OK 418 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t51/1/16/1f449.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash d04f99c4267b849779807b657476960d
43550dde6119e411a19f3c381af3bba5b15bbb45
fec2a2387e7c6b149542ec31480b2ff01c645b55017504a8b27ba506acf9c1a7
GET /images/emoji.php/v9/t51/1/16/1f449.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 0E+ZxCZ7hJd5gHtldHaWDQ==
expires: Wed, 27 Dec 2023 02:51:37 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: X4Mz4knyJnnNktvVLIWbtX6/L8E+05MRqVsntugf1GIQhlliIiiwWB/M7bJTSQ7eBAgleHnvHKV329Lz7xutmA==
content-length: 418
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/tb6/1/16/2708.png
31.13.72.12200 OK 588 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/tb6/1/16/2708.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 064395b7184f811669376f1116a002e4
b4bb8cb2ab9c8a3d9e1ad9167f3da9f9bc89a291
3ae4597731deacab72db0c095973dfb388c194b8f878f32c9f2b56e81714651f
GET /images/emoji.php/v9/tb6/1/16/2708.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: BkOVtxhPgRZpN28RFqAC5A==
expires: Mon, 25 Dec 2023 04:56:39 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: vNuU1YeIa6nrPlj8DQvpAJXUA6HxR746/aUwBNYjp/cbTO+C+atoy+maCUi2R+VeDLxOHZKPiRlDjIy7YZH8aQ==
priority: u=3,i
content-length: 588
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t50/1/16/1f525.png
31.13.72.12200 OK 478 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t50/1/16/1f525.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 51330f3e42f0095c678e453a0917822f
26e4da69ab215d85821a8c7d7d8d33593a65aaad
d5455fa80868fdd7528880b9adcb61592f8c50288214e641387219664a8cbc8a
GET /images/emoji.php/v9/t50/1/16/1f525.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: UTMPPkLwCVxnjkU6CReCLw==
expires: Wed, 27 Dec 2023 02:21:07 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 2jXtG/BVc/TP2zo9VYcYILE9tXM2D1rjKqEaPd9vel11LrmAM6X02xsDE4uOi1dl98mvBy1AbL77XOkxXjP/ug==
priority: u=3,i
content-length: 478
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t6a/1/16/1f497.png
31.13.72.12200 OK 485 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t6a/1/16/1f497.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 8ca38843b5ec26600fe886e14078ac67
bed253fe09a6a365fab962a93859c456e66ab916
85b4d67363b973530b59eaa48a1dd3d5633affdc37e20014e5dd05c9c51b6ab5
GET /images/emoji.php/v9/t6a/1/16/1f497.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: jKOIQ7XsJmAP6IbhQHisZw==
expires: Mon, 25 Dec 2023 04:46:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 3goZDEIW4oSzXmMusqizAqnJ27iW7c/59GGCIFKfEcILRCv+hLS2nvYEmcJBk2jLjJuD5JwmleEuAt6RxJA9hQ==
priority: u=4
content-length: 485
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t51/1/16/2714.png
31.13.72.12200 OK 404 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t51/1/16/2714.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 585027f0b0f4ca51e48767edb317d3ab
82b2c126ac3cb60400964bfb9fec695e5af075bd
025ddacf312f1c4b45d4d0ff431e1852aee90cdd05696b0366ab38b06dc06df4
GET /images/emoji.php/v9/t51/1/16/2714.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: WFAn8LD0ylHkh2ftsxfTqw==
expires: Sat, 30 Dec 2023 00:32:44 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Cq/tF8nUZhVYznJkJfjPjEnnLOX9VcP92LROkSQWOU3LEaoUxkjGn12YACDI9MGilIK7EFrqRlIvUXSde8fTiQ==
content-length: 404
x-fb-trip-id: 1904183273
date: Sun, 01 Jan 2023 19:29:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/305969107_481084917359670_2611671491846943945_n.jpg?stp=dst-jpg_p110x80&_nc_cat=101&ccb=1-7&_nc_sid=110474&_nc_ohc=TCxPRhWF3xkAX_qMgO-&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBkJkFnrxh__f3NPrqTf_FtVWOGHcdpKZczrXbA9JEpHQ&oe=63B6445D
157.240.214.11200 OK 5.7 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/305969107_481084917359670_2611671491846943945_n.jpg?stp=dst-jpg_p110x80&_nc_cat=101&ccb=1-7&_nc_sid=110474&_nc_ohc=TCxPRhWF3xkAX_qMgO-&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBkJkFnrxh__f3NPrqTf_FtVWOGHcdpKZczrXbA9JEpHQ&oe=63B6445D
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x146, components 3\012- data
Hash f7a07e9a1664856b2017623f55a6d60e
35ebfef2cb9637afd6aec8333bcc44329534419e
7d5974a116dd2ec55688e8581c17edd39d4fb23204f0ebda3a9dee89ad0ea861
GET /v/t39.30808-6/305969107_481084917359670_2611671491846943945_n.jpg?stp=dst-jpg_p110x80&_nc_cat=101&ccb=1-7&_nc_sid=110474&_nc_ohc=TCxPRhWF3xkAX_qMgO-&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBkJkFnrxh__f3NPrqTf_FtVWOGHcdpKZczrXbA9JEpHQ&oe=63B6445D HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 12 Sep 2022 03:02:34 GMT
x-haystack-needlechecksum: 2270859847
x-needle-checksum: 2650196649
content-type: image/jpeg
content-digest: adler32=2853566872
content-length: 5664
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: UTWDE7wHaGT6RhuCke0DGrxe-3av-uO6KcO0E4_rqEVJrSyw2HxvGiJRMlX_OZ5Bb4b1njE77dZiRwMwoEKYwQ_MLBRtB_Mr20dJln6LIqM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/298566131_609517687436927_317029339719206748_n.jpg?stp=dst-jpg_p118x118&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=8MVtZh9-BXEAX_Me2BW&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBPxt0JoliS_pzWgUaC8M6ra266OEHJZpAQVnhqiFK3Pw&oe=63B77DC9
157.240.214.11200 OK 6.8 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/298566131_609517687436927_317029339719206748_n.jpg?stp=dst-jpg_p118x118&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=8MVtZh9-BXEAX_Me2BW&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBPxt0JoliS_pzWgUaC8M6ra266OEHJZpAQVnhqiFK3Pw&oe=63B77DC9
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 157x118, components 3\012- data
Hash 02f539362655a5af95225ba53eaca672
1876600fb269acf10c3fdaea76579dd5f70964f2
2a35161271adb39ac814ac28612fe2a4895b62f95e75a6163e23c34f5d1c12e0
GET /v/t39.30808-6/298566131_609517687436927_317029339719206748_n.jpg?stp=dst-jpg_p118x118&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=8MVtZh9-BXEAX_Me2BW&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBPxt0JoliS_pzWgUaC8M6ra266OEHJZpAQVnhqiFK3Pw&oe=63B77DC9 HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 16 Aug 2022 01:52:32 GMT
x-haystack-needlechecksum: 3557441252
x-needle-checksum: 3417095100
content-type: image/jpeg
content-digest: adler32=1952911677
content-length: 6828
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: 2YenCHJ8adfepQ2ATsDZP3i2T3kJwstMUN1Upxpjnb1RjumTOz3XwrnwpsOtpgyMoD0k1vdtlDu7AJmbTtpYxNiL8hnhtTdHTCEjhvBOUFU
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/309155285_499303142204514_8206189731057771941_n.jpg?stp=cp1_dst-jpg_s235x165&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=z0KKmHMzrSsAX_BP6cu&_nc_oc=AQlL_Q1qyIn58Mzl9gTUIQTzDG1Zgr2bCjBjSsBbuDW2LLdmQR-aFriHpNAXwXc2LUQ&_nc_ht=scontent-lhr8-2.xx&oh=00_AfD4nWt9aF_F3hmYyfy1BMMI8dAcCWvJX-8Ds4eqoCB22A&oe=63B7BBDD
157.240.214.11200 OK 11 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/309155285_499303142204514_8206189731057771941_n.jpg?stp=cp1_dst-jpg_s235x165&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=z0KKmHMzrSsAX_BP6cu&_nc_oc=AQlL_Q1qyIn58Mzl9gTUIQTzDG1Zgr2bCjBjSsBbuDW2LLdmQR-aFriHpNAXwXc2LUQ&_nc_ht=scontent-lhr8-2.xx&oh=00_AfD4nWt9aF_F3hmYyfy1BMMI8dAcCWvJX-8Ds4eqoCB22A&oe=63B7BBDD
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x165, components 3\012- data
Hash 12c16d056c0849c9a2c62fbc3426c4a8
beac325da2220b50b1c0cbff9aca48d966193a10
365257155159313a6f9b833af79d71cd9ffbe7ee6525185838a8cd323438e256
GET /v/t39.30808-6/309155285_499303142204514_8206189731057771941_n.jpg?stp=cp1_dst-jpg_s235x165&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=z0KKmHMzrSsAX_BP6cu&_nc_oc=AQlL_Q1qyIn58Mzl9gTUIQTzDG1Zgr2bCjBjSsBbuDW2LLdmQR-aFriHpNAXwXc2LUQ&_nc_ht=scontent-lhr8-2.xx&oh=00_AfD4nWt9aF_F3hmYyfy1BMMI8dAcCWvJX-8Ds4eqoCB22A&oe=63B7BBDD HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 03 Oct 2022 03:26:23 GMT
x-haystack-needlechecksum: 3023478655
x-needle-checksum: 169457096
content-type: image/jpeg
content-digest: adler32=1554383766
content-length: 11063
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: VhKkwPNDiGP7MoPj29ir-z8S1MhgYmpouJhjbI3BHlY4BoBEKPi8mnuffrqOCrmMq3CmusHZaCTctbgwt0f2DX0Eki0w7_l_87l-38p7gzM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/310153276_499303178871177_4950436667497257837_n.jpg?stp=dst-jpg_p168x128&_nc_cat=102&ccb=1-7&_nc_sid=110474&_nc_ohc=uoRX3SUcRNAAX8BNh_k&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBNXLyjyFqnjrS3qavMz-uMgUIeyPwWuMb9QupBUhSVwg&oe=63B65322
157.240.214.11200 OK 12 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/310153276_499303178871177_4950436667497257837_n.jpg?stp=dst-jpg_p168x128&_nc_cat=102&ccb=1-7&_nc_sid=110474&_nc_ohc=uoRX3SUcRNAAX8BNh_k&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBNXLyjyFqnjrS3qavMz-uMgUIeyPwWuMb9QupBUhSVwg&oe=63B65322
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 168x224, components 3\012- data
Hash fc79a19f852587b4cfc563548d48c14f
298f69c5717e5c23bc9de28a025749b04b3c82cf
3d093eecbf63f0332e1dab9d736b56d01e57a189268f30dbdf5857ea8fde4909
GET /v/t39.30808-6/310153276_499303178871177_4950436667497257837_n.jpg?stp=dst-jpg_p168x128&_nc_cat=102&ccb=1-7&_nc_sid=110474&_nc_ohc=uoRX3SUcRNAAX8BNh_k&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBNXLyjyFqnjrS3qavMz-uMgUIeyPwWuMb9QupBUhSVwg&oe=63B65322 HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 03 Oct 2022 03:26:25 GMT
x-haystack-needlechecksum: 1752218660
x-needle-checksum: 106186621
content-type: image/jpeg
content-digest: adler32=1927757793
content-length: 12103
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: 2tHxGC0NFlyptKfqa66ITLz5LFhGwQ1-hrJDs13_2_oFI6GVPQ_hiD5WL3rDzfJ_Gtz_Ow5Fl5m5XrUhNDX8b-Pj0BjPtBoXMwoqnUY7raw
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/300626315_616300813425281_1937877177011079427_n.jpg?stp=cp1_dst-jpg_p261x260&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=LTst2b6J2_AAX9X_h1d&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBkS8loaB8trUtMTaT_k6ztNg_CRb67O-gcSijyR_44lw&oe=63B66060
157.240.221.16200 OK 27 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/300626315_616300813425281_1937877177011079427_n.jpg?stp=cp1_dst-jpg_p261x260&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=LTst2b6J2_AAX9X_h1d&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBkS8loaB8trUtMTaT_k6ztNg_CRb67O-gcSijyR_44lw&oe=63B66060
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 261x348, components 3\012- data
Hash 18a35f866120ad338f9b820ef251a2aa
b0f5fb16de3a263fde858420ed97f951525d0faf
ed31542efc2f21f794c4dca53110d8e5ac0a963f01bbb432bd768ae102bd88cc
GET /v/t39.30808-6/300626315_616300813425281_1937877177011079427_n.jpg?stp=cp1_dst-jpg_p261x260&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=LTst2b6J2_AAX9X_h1d&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBkS8loaB8trUtMTaT_k6ztNg_CRb67O-gcSijyR_44lw&oe=63B66060 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 26 Aug 2022 03:05:07 GMT
x-haystack-needlechecksum: 2111901328
x-needle-checksum: 2476343749
content-type: image/jpeg
content-digest: adler32=1808709210
content-length: 27399
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: W3bsKJ1koqym_XuN5nRHbKKL-jqt8dyKunAuSYub1quDszMG5Nh_EeqpeCIbuj8GSp8NUHTJIMcLnp1e6WNOX0ZzrFWcAg4sQcTi7aCVDxQ
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/292937712_586063419782354_6659094303409739630_n.jpg?stp=dst-jpg_p110x80&_nc_cat=101&ccb=1-7&_nc_sid=110474&_nc_ohc=vtapqUYNlU8AX-NvBsj&_nc_ht=scontent-lhr8-2.xx&oh=00_AfCrnySGk1j8kSQZTI7FEs61bpMBFS6bUbmIUcxb45wntg&oe=63B7449D
157.240.214.11200 OK 6.9 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/292937712_586063419782354_6659094303409739630_n.jpg?stp=dst-jpg_p110x80&_nc_cat=101&ccb=1-7&_nc_sid=110474&_nc_ohc=vtapqUYNlU8AX-NvBsj&_nc_ht=scontent-lhr8-2.xx&oh=00_AfCrnySGk1j8kSQZTI7FEs61bpMBFS6bUbmIUcxb45wntg&oe=63B7449D
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x147, components 3\012- data
Hash 12f48a3a0b62734cd227e7c5cf946874
049883f89a91c33cc7cb4c8fa6b7894008881018
86d151c93274ea899e369f63da77651d66cad2899b87f95f4cad15dc2e43468d
GET /v/t39.30808-6/292937712_586063419782354_6659094303409739630_n.jpg?stp=dst-jpg_p110x80&_nc_cat=101&ccb=1-7&_nc_sid=110474&_nc_ohc=vtapqUYNlU8AX-NvBsj&_nc_ht=scontent-lhr8-2.xx&oh=00_AfCrnySGk1j8kSQZTI7FEs61bpMBFS6bUbmIUcxb45wntg&oe=63B7449D HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 11 Jul 2022 01:35:50 GMT
x-haystack-needlechecksum: 2835898121
x-needle-checksum: 423013521
content-type: image/jpeg
content-digest: adler32=303045119
content-length: 6872
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: ONtkJGecCrZQm7_w738uE3QUoeqHBnITtUPdZM20csrjtuYXnTKO7idlhCs102tMk7xQ20sdNqaBvcQdUzerjBKvbdKXiYUd2PDdkCqdvz0
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/299205054_609516390770390_7402725833980818702_n.jpg?stp=dst-jpg_s370x247&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=z-_M9Luq2K0AX85qAtj&_nc_ht=scontent-lhr8-1.xx&oh=00_AfDFUshz2irmtRwUrqBnThvJzKuH7VTFVK6cMew6RJ3DWg&oe=63B6A625
157.240.221.16200 OK 48 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/299205054_609516390770390_7402725833980818702_n.jpg?stp=dst-jpg_s370x247&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=z-_M9Luq2K0AX85qAtj&_nc_ht=scontent-lhr8-1.xx&oh=00_AfDFUshz2irmtRwUrqBnThvJzKuH7VTFVK6cMew6RJ3DWg&oe=63B6A625
IP 157.240.221.16:0
Hash 716a855f4d6ae908a1187d34c23352d8
ae204b38f23dca5e47dc4a05abdaaad415c0a15f
08c976a19111e36723ea30df444a6c21bd7db69e1ad7f02447ccd452e44bcd6f
GET /v/t39.30808-6/299205054_609516390770390_7402725833980818702_n.jpg?stp=dst-jpg_s370x247&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=z-_M9Luq2K0AX85qAtj&_nc_ht=scontent-lhr8-1.xx&oh=00_AfDFUshz2irmtRwUrqBnThvJzKuH7VTFVK6cMew6RJ3DWg&oe=63B6A625 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 16 Aug 2022 01:52:19 GMT
x-haystack-needlechecksum: 2764846922
x-needle-checksum: 2173931129
content-type: image/jpeg
content-digest: adler32=952258342
content-length: 18768
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: s0BgnWSmcrE0PK6_vMtNrTDzHeDOzvOPlALq5Qhd1NPtm8o52rwuxCjV2CN_NJjY-uGzZyqYbtQ1GNe6sBFr-vGTBFgPPTIN6rZFa-q1cmw
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/301592539_616301136758582_484840713923802203_n.jpg?stp=dst-jpg_p110x80&_nc_cat=101&ccb=1-7&_nc_sid=110474&_nc_ohc=7WPfxypeZ1QAX85witR&_nc_ht=scontent-lhr8-2.xx&oh=00_AfAoCYqsV5kS35WMQMpP5JaaLiALfI-Hc2reA4WpboEpuw&oe=63B6A4DA
157.240.214.11200 OK 5.5 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/301592539_616301136758582_484840713923802203_n.jpg?stp=dst-jpg_p110x80&_nc_cat=101&ccb=1-7&_nc_sid=110474&_nc_ohc=7WPfxypeZ1QAX85witR&_nc_ht=scontent-lhr8-2.xx&oh=00_AfAoCYqsV5kS35WMQMpP5JaaLiALfI-Hc2reA4WpboEpuw&oe=63B6A4DA
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x147, components 3\012- data
Hash 2feb08c81946239a8f6b0de7bbd44321
a0555fa0e979822d0622c55c005b2e5a9eed65e4
645efdebb2990a4688bf9e76579787b7e1d6f379c6ec1bc8e29942f3d1d8298c
GET /v/t39.30808-6/301592539_616301136758582_484840713923802203_n.jpg?stp=dst-jpg_p110x80&_nc_cat=101&ccb=1-7&_nc_sid=110474&_nc_ohc=7WPfxypeZ1QAX85witR&_nc_ht=scontent-lhr8-2.xx&oh=00_AfAoCYqsV5kS35WMQMpP5JaaLiALfI-Hc2reA4WpboEpuw&oe=63B6A4DA HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 26 Aug 2022 03:05:26 GMT
x-haystack-needlechecksum: 149496488
x-needle-checksum: 1312231415
content-type: image/jpeg
content-digest: adler32=2882124626
content-length: 5515
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: OBh_TSsPKb8IlgN9o2TZ9sduMxRgL1gk31QiuwBsYgw9yeupWehC7fMPJuU4r0xcdStT8tYPCpf3rvNQQVy3Has9SCaVR1PWMRweQH5bWoc
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/298442868_609517620770267_6048408983708537444_n.jpg?stp=dst-jpg_p110x80&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=qxfiNNSMc0oAX_zZvej&_nc_ht=scontent-lhr8-1.xx&oh=00_AfDExGY9LjobLZYqAa3dwfq_3Hu0h4J3Oj-4YQJtxwqMCg&oe=63B659C9
157.240.221.16200 OK 6.1 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/298442868_609517620770267_6048408983708537444_n.jpg?stp=dst-jpg_p110x80&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=qxfiNNSMc0oAX_zZvej&_nc_ht=scontent-lhr8-1.xx&oh=00_AfDExGY9LjobLZYqAa3dwfq_3Hu0h4J3Oj-4YQJtxwqMCg&oe=63B659C9
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x147, components 3\012- data
Hash 727c647f4f739a8908be5cc68239c80f
9f6926f7bfeb130faff021bb26c38d47638bc3a2
08bf1a410812c52f11e01ed551d27c047f45fd965cdb1e0df3cb2c89850a1789
GET /v/t39.30808-6/298442868_609517620770267_6048408983708537444_n.jpg?stp=dst-jpg_p110x80&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=qxfiNNSMc0oAX_zZvej&_nc_ht=scontent-lhr8-1.xx&oh=00_AfDExGY9LjobLZYqAa3dwfq_3Hu0h4J3Oj-4YQJtxwqMCg&oe=63B659C9 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 16 Aug 2022 01:52:29 GMT
x-haystack-needlechecksum: 1329610557
x-needle-checksum: 1534869365
content-type: image/jpeg
content-digest: adler32=115972779
content-length: 6059
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: 8ao8JSx-RhhLN1WltU9HiQWNP734nbjCtBQ-mzNR8OMEpphvZDtpzFpTJPFNJrkKAr3s60-gccyP_vYpeuhuMznxzRQdr2r8K6dVk-qZQU0
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/309328750_499303808871114_1868396969051712546_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=2SQohEHps60AX8hXqVv&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBGLBK1wRA4zZo2IfWhdsxsvs2Kjtbau9ONJ579GbXWcg&oe=63B627E8
157.240.214.11200 OK 6.0 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/309328750_499303808871114_1868396969051712546_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=2SQohEHps60AX8hXqVv&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBGLBK1wRA4zZo2IfWhdsxsvs2Kjtbau9ONJ579GbXWcg&oe=63B627E8
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x147, components 3\012- data
Hash 3f30c770a670ddefac67f9928c7aa996
63c84ca60ae81dfed3bc6fba57fe526b4d3d56f8
cb1d187a2a17a3d056ac1ae1afab4e5e75c819342b8844a86c305f7647df9a15
GET /v/t39.30808-6/309328750_499303808871114_1868396969051712546_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=2SQohEHps60AX8hXqVv&_nc_ht=scontent-lhr8-2.xx&oh=00_AfBGLBK1wRA4zZo2IfWhdsxsvs2Kjtbau9ONJ579GbXWcg&oe=63B627E8 HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 03 Oct 2022 03:26:57 GMT
x-haystack-needlechecksum: 411163148
x-needle-checksum: 1868075801
content-type: image/jpeg
content-digest: adler32=2128413984
content-length: 6009
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: No5WFHUSj52-iMFoo1yLBn_dYLTgDE8SyER_wpeTRhFaGusvd4Mor6RlsjSst_IQsovRdzzN5pFMwXJUR-YwaZY83WmDjQSJqmFgMVZB_6M
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/305919821_481083920693103_9168970708603571604_n.jpg?stp=dst-jpg_s235x165&_nc_cat=106&ccb=1-7&_nc_sid=110474&_nc_ohc=x6F21Yv3PHAAX-L8OtW&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBE7FbxQKZYvU0iPo-BXWpFjgnbGszK3SY2Oq868ykNgg&oe=63B77F3E
157.240.221.16200 OK 11 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/305919821_481083920693103_9168970708603571604_n.jpg?stp=dst-jpg_s235x165&_nc_cat=106&ccb=1-7&_nc_sid=110474&_nc_ohc=x6F21Yv3PHAAX-L8OtW&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBE7FbxQKZYvU0iPo-BXWpFjgnbGszK3SY2Oq868ykNgg&oe=63B77F3E
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 219x165, components 3\012- data
Hash bbb5b37cc7b612b8bbd3300a6394bd8f
9853c8e57ecabb2c62757151bd9f37c25fcbe8c0
85b64edd3d785f5146a650957bae3121fa41a6b4ca776164f3f2ad202ad9bc85
GET /v/t39.30808-6/305919821_481083920693103_9168970708603571604_n.jpg?stp=dst-jpg_s235x165&_nc_cat=106&ccb=1-7&_nc_sid=110474&_nc_ohc=x6F21Yv3PHAAX-L8OtW&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBE7FbxQKZYvU0iPo-BXWpFjgnbGszK3SY2Oq868ykNgg&oe=63B77F3E HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 12 Sep 2022 03:02:06 GMT
x-haystack-needlechecksum: 2167057703
x-needle-checksum: 248395994
content-type: image/jpeg
content-digest: adler32=1273958864
content-length: 11332
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: BgfxiM6sc-xwnwy5I0V-gwZXpGn9moDqzXQPcpWPWrsZDOqmaex68YeERfWOIGak9KseQf8c2QbxtDCui17omerkQaxa7GHckka3UKQW--0
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/292619560_586063783115651_2429685617612456693_n.jpg?stp=dst-jpg_p118x118&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=FZ_woRuZKtsAX-IdPiO&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBch-oqTQq_FU1qqrh3SQF1xvcf-7dkzA8Xvq1-7UF6BQ&oe=63B73914
157.240.221.16200 OK 6.3 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/292619560_586063783115651_2429685617612456693_n.jpg?stp=dst-jpg_p118x118&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=FZ_woRuZKtsAX-IdPiO&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBch-oqTQq_FU1qqrh3SQF1xvcf-7dkzA8Xvq1-7UF6BQ&oe=63B73914
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 157x118, components 3\012- data
Hash 8c047ca5e2c6cae804219bfb836b43a8
a23ad076c270001230492d48f31cb9b1deed155b
0c9fb3b6195d560a1ef468eac3f8d8fcd63f8308485caa9b6eb54b9e534c4e50
GET /v/t39.30808-6/292619560_586063783115651_2429685617612456693_n.jpg?stp=dst-jpg_p118x118&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=FZ_woRuZKtsAX-IdPiO&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBch-oqTQq_FU1qqrh3SQF1xvcf-7dkzA8Xvq1-7UF6BQ&oe=63B73914 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 11 Jul 2022 01:36:09 GMT
x-haystack-needlechecksum: 2386946242
x-needle-checksum: 806332544
content-type: image/jpeg
content-digest: adler32=4006425130
content-length: 6326
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: TytFL64GryaA3RQSfvDnYNi41MLjuJ76IFuZLeFAyoeJ8N-LuGiaE-4NKiW5Q0AaBRrhISw_FsB1SaWCfeKCXTpmxHRszC7JabWJ8Hk7ewY
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/304850641_481084834026345_5897921498853729325_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=109&ccb=1-7&_nc_sid=110474&_nc_ohc=-26zcpslFP4AX-YF3A5&_nc_oc=AQllWOkQ1hp8zyXcsLkrGUBEOQrYJ7wf7_XsRm70o8kw5n_nAT42MerOt1Z7maAEayI&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBwnC9URJahi89pC3Zi64vxS9OLkF6N0HkNJQSommzNQQ&oe=63B6D372
157.240.221.16200 OK 6.7 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/304850641_481084834026345_5897921498853729325_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=109&ccb=1-7&_nc_sid=110474&_nc_ohc=-26zcpslFP4AX-YF3A5&_nc_oc=AQllWOkQ1hp8zyXcsLkrGUBEOQrYJ7wf7_XsRm70o8kw5n_nAT42MerOt1Z7maAEayI&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBwnC9URJahi89pC3Zi64vxS9OLkF6N0HkNJQSommzNQQ&oe=63B6D372
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x147, components 3\012- data
Hash 72bad1a0fd36a8fb6c5bce2f5f71b7f0
70adece6eed42305e691e08cf4314ee15754670a
28b70942c29238ade7ffebad41d09b70a651a9db9c7101b77533ab5143254987
GET /v/t39.30808-6/304850641_481084834026345_5897921498853729325_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=109&ccb=1-7&_nc_sid=110474&_nc_ohc=-26zcpslFP4AX-YF3A5&_nc_oc=AQllWOkQ1hp8zyXcsLkrGUBEOQrYJ7wf7_XsRm70o8kw5n_nAT42MerOt1Z7maAEayI&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBwnC9URJahi89pC3Zi64vxS9OLkF6N0HkNJQSommzNQQ&oe=63B6D372 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 12 Sep 2022 03:02:33 GMT
x-haystack-needlechecksum: 1775949738
x-needle-checksum: 1741827485
content-type: image/jpeg
content-digest: adler32=1646633256
content-length: 6708
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: xtG-0_EiPkbkdhfr9iQ1_GGGhHKVeG9OlsFHWA2WftH4bvnDyG_oR4y4cupomu0sdTouaGQbR56Zvv4plNsf_Cd6OqcdCgfyhXPY28nFar0
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306667678_481083957359766_1687432218947238572_n.jpg?stp=cp1_dst-jpg_p168x128&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=SevR11DhBXcAX_nz2un&_nc_ht=scontent-lhr8-1.xx&oh=00_AfAetcp7COjOqRLbgapNlF6Ro2MWA0D0Ys5ULX-LLOFFSw&oe=63B69E58
157.240.221.16200 OK 9.7 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306667678_481083957359766_1687432218947238572_n.jpg?stp=cp1_dst-jpg_p168x128&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=SevR11DhBXcAX_nz2un&_nc_ht=scontent-lhr8-1.xx&oh=00_AfAetcp7COjOqRLbgapNlF6Ro2MWA0D0Ys5ULX-LLOFFSw&oe=63B69E58
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 168x224, components 3\012- data
Hash 01d73dd05457a6da901db8de23092c4d
96b358b1423d054170b48ce09d384560c16aa0e2
6c20c85abbd3c9b21d923f18099e92d8d3f01dc79d4802574ef88669d1eb4783
GET /v/t39.30808-6/306667678_481083957359766_1687432218947238572_n.jpg?stp=cp1_dst-jpg_p168x128&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=SevR11DhBXcAX_nz2un&_nc_ht=scontent-lhr8-1.xx&oh=00_AfAetcp7COjOqRLbgapNlF6Ro2MWA0D0Ys5ULX-LLOFFSw&oe=63B69E58 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 12 Sep 2022 03:02:08 GMT
x-haystack-needlechecksum: 3023694345
x-needle-checksum: 1478468381
content-type: image/jpeg
content-digest: adler32=3726002259
content-length: 9736
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: uMrpWbX8wSuwoCBHh8p7dBRiUBdb7D-bYBCBVwvpKoElojuNAIAc8sPrL3JoKbD997ZfPkEPgFgLmGei-K8fMoHUieqZMhcPjsfUOE7sgeQ
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/305053453_481084964026332_3439894445314113716_n.jpg?stp=dst-jpg_p110x80&_nc_cat=111&ccb=1-7&_nc_sid=110474&_nc_ohc=mXJrK-d_9dkAX86YeMz&_nc_ht=scontent-lhr8-1.xx&oh=00_AfDcOmESHr8KwHwyfcYBJSIcgZl4YxKr7Uh8nvPtu2yqpg&oe=63B78C71
157.240.221.16200 OK 5.7 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/305053453_481084964026332_3439894445314113716_n.jpg?stp=dst-jpg_p110x80&_nc_cat=111&ccb=1-7&_nc_sid=110474&_nc_ohc=mXJrK-d_9dkAX86YeMz&_nc_ht=scontent-lhr8-1.xx&oh=00_AfDcOmESHr8KwHwyfcYBJSIcgZl4YxKr7Uh8nvPtu2yqpg&oe=63B78C71
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x147, components 3\012- data
Hash 0fa040faaa13db5d6604ad9d6b4b36d7
ca3a060b7857f7416d2941b1bcdede94f1b8c6ad
0433cdf84386e5417a00b1774ffb90e0e67b3c7317862e2cb453041357eb6d23
GET /v/t39.30808-6/305053453_481084964026332_3439894445314113716_n.jpg?stp=dst-jpg_p110x80&_nc_cat=111&ccb=1-7&_nc_sid=110474&_nc_ohc=mXJrK-d_9dkAX86YeMz&_nc_ht=scontent-lhr8-1.xx&oh=00_AfDcOmESHr8KwHwyfcYBJSIcgZl4YxKr7Uh8nvPtu2yqpg&oe=63B78C71 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 12 Sep 2022 03:02:36 GMT
x-haystack-needlechecksum: 2105331465
x-needle-checksum: 1562057535
content-type: image/jpeg
content-digest: adler32=2501839032
content-length: 5672
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: PXVhGCFWu6pQ0iqcp4vUqGvO-Pod4gtq25zt5vo3E28_z-kR3gIxH16tYVACcLQnnOihhQt0AUBRHtwTjSCX_hHHxtKFkWVMF9Ubml6Hmak
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/300384336_616301263425236_4589007666890676303_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=tLR6MPWD2y8AX8Sk8CI&_nc_ht=scontent-lhr8-2.xx&oh=00_AfDLvA-3QmsCQzJ1lcKCYZMlJf7IoRv6KVqnJpR8x2qGWA&oe=63B6C155
157.240.214.11200 OK 5.5 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/300384336_616301263425236_4589007666890676303_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=tLR6MPWD2y8AX8Sk8CI&_nc_ht=scontent-lhr8-2.xx&oh=00_AfDLvA-3QmsCQzJ1lcKCYZMlJf7IoRv6KVqnJpR8x2qGWA&oe=63B6C155
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x147, components 3\012- data
Hash 128d50502dfe46c0df2203ceb38a8a22
f681498dd8338e811a46435c6e73a699562354c0
050919d40bc758d626fa985331b25f7d7baf4bd8ba54b4f17072ada4d253cf12
GET /v/t39.30808-6/300384336_616301263425236_4589007666890676303_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=tLR6MPWD2y8AX8Sk8CI&_nc_ht=scontent-lhr8-2.xx&oh=00_AfDLvA-3QmsCQzJ1lcKCYZMlJf7IoRv6KVqnJpR8x2qGWA&oe=63B6C155 HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 26 Aug 2022 03:05:30 GMT
x-haystack-needlechecksum: 2330538666
x-needle-checksum: 351417591
content-type: image/jpeg
content-digest: adler32=3568248292
content-length: 5544
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: yKBxVMLBku4uyuaNAax9lovV_nhX1O48ZHbI9qI3W_acNtnADw7jpnSwHQ2zyQxhJc3BS9GxI-yBu-NCAzvx8k4E-aM7wg8uEX4fPyu7qaQ
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/300588977_616300843425278_39314081029540348_n.jpg?stp=dst-jpg_p118x118&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=7PSQdlc2X-gAX9ZDyx0&_nc_ht=scontent-lhr8-1.xx&oh=00_AfCdztmrFWyHhkGAolhSBZQVtGWZajtHabGNpJCPICTvdQ&oe=63B6219E
157.240.221.16200 OK 7.6 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/300588977_616300843425278_39314081029540348_n.jpg?stp=dst-jpg_p118x118&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=7PSQdlc2X-gAX9ZDyx0&_nc_ht=scontent-lhr8-1.xx&oh=00_AfCdztmrFWyHhkGAolhSBZQVtGWZajtHabGNpJCPICTvdQ&oe=63B6219E
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 157x118, components 3\012- data
Hash bc6076a2fc575dfe023ab118452972b9
0067f72bd2bc4256e6ef405faea8c3a86733e75d
35aa30c27ef0cd97e5dc6745b1fb23ed1a527e72ecbf525fb5c2d87d4236f39b
GET /v/t39.30808-6/300588977_616300843425278_39314081029540348_n.jpg?stp=dst-jpg_p118x118&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=7PSQdlc2X-gAX9ZDyx0&_nc_ht=scontent-lhr8-1.xx&oh=00_AfCdztmrFWyHhkGAolhSBZQVtGWZajtHabGNpJCPICTvdQ&oe=63B6219E HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 26 Aug 2022 03:05:09 GMT
x-haystack-needlechecksum: 331647940
x-needle-checksum: 759276735
content-type: image/jpeg
content-digest: adler32=654710548
content-length: 7550
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: Lz7d4YgdR3TCBsQ89kQTG7zgAD7UgL9rIDhQpxbQpWvn4lO2whwiBXe-P_FUdwd2TOMcramIM9Fi5EW5yGaUzSpe7WlRZHGTs4wKSfRGj2U
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/292483069_586063666448996_2848661841479477511_n.jpg?stp=dst-jpg_s206x206&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=hVLW2vO93YEAX83c4Fp&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBvMxPvG4eV86XTVI5t5fZ--G8vdQiNFDGgK4S5H1-70w&oe=63B7C712
157.240.221.16200 OK 9.0 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/292483069_586063666448996_2848661841479477511_n.jpg?stp=dst-jpg_s206x206&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=hVLW2vO93YEAX83c4Fp&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBvMxPvG4eV86XTVI5t5fZ--G8vdQiNFDGgK4S5H1-70w&oe=63B7C712
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x116, components 3\012- data
Hash 909e904f006b800b7b7b776a1cafc3b6
888080d95b82cc1e68337608467147839c61dcae
748cc1c9af0c22d8c242e3434371c443ba653705a710a6781d56b446a31cbd4f
GET /v/t39.30808-6/292483069_586063666448996_2848661841479477511_n.jpg?stp=dst-jpg_s206x206&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=hVLW2vO93YEAX83c4Fp&_nc_ht=scontent-lhr8-1.xx&oh=00_AfBvMxPvG4eV86XTVI5t5fZ--G8vdQiNFDGgK4S5H1-70w&oe=63B7C712 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 11 Jul 2022 01:36:07 GMT
x-haystack-needlechecksum: 1685769278
x-needle-checksum: 2531479795
content-type: image/jpeg
content-digest: adler32=175917587
content-length: 8999
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: Zn518XjOo8hAB1y_emchv345aO-LSCI0TX0UvIGxjaLmTY2rweu3GhxCg1oOvt5Iy6mJeLvC39gRvixuSi9EUk4uP_-Tihe6nnAUqh9dbz0
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-1/275440002_505358871186143_9055881015311790103_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=WvhSYWsT-U8AX_WqvAe&_nc_ht=scontent-lhr8-2.xx&oh=00_AfC2khhQvoylUbJXRVH1hfEioAcwKmNmSJbCfjLy4MD07g&oe=63B64F2E
157.240.214.11200 OK 1.8 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-1/275440002_505358871186143_9055881015311790103_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=WvhSYWsT-U8AX_WqvAe&_nc_ht=scontent-lhr8-2.xx&oh=00_AfC2khhQvoylUbJXRVH1hfEioAcwKmNmSJbCfjLy4MD07g&oe=63B64F2E
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 91c3fef61c703f380ef158e159f3aa42
6787b1159ead1ce710471b9e907be235c311cf48
018d94246875aba8843729d3bf03390e30ae8484549eef7a98b27c6adb7a3b45
GET /v/t39.30808-1/275440002_505358871186143_9055881015311790103_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=WvhSYWsT-U8AX_WqvAe&_nc_ht=scontent-lhr8-2.xx&oh=00_AfC2khhQvoylUbJXRVH1hfEioAcwKmNmSJbCfjLy4MD07g&oe=63B64F2E HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 11 Mar 2022 04:45:51 GMT
x-haystack-needlechecksum: 1342709595
x-needle-checksum: 1640963472
content-type: image/jpeg
content-digest: adler32=2524280793
content-length: 1810
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: 4PN_ylMfYzJfXpRqlkfi2NDMDiY98CVTWohO8Mlwnvzag_HDOGEm9SqV_DnDfNljcrcoXuEnKujrVxEG8GdwXnJeKtFE3nle4kBy3h7Tpx4
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/298280525_609516837437012_4515582850900442333_n.jpg?stp=dst-jpg_s206x206&_nc_cat=102&ccb=1-7&_nc_sid=110474&_nc_ohc=TKrnn5rraysAX99OUVd&_nc_ht=scontent-lhr8-2.xx&oh=00_AfAyt2F7fbIxrvmbrlZ0PQhzT6WjLQpSlHjBvRvWc9CIhg&oe=63B6F482
157.240.214.11200 OK 8.4 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/298280525_609516837437012_4515582850900442333_n.jpg?stp=dst-jpg_s206x206&_nc_cat=102&ccb=1-7&_nc_sid=110474&_nc_ohc=TKrnn5rraysAX99OUVd&_nc_ht=scontent-lhr8-2.xx&oh=00_AfAyt2F7fbIxrvmbrlZ0PQhzT6WjLQpSlHjBvRvWc9CIhg&oe=63B6F482
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x116, components 3\012- data
Hash 0c3d872349632ff67dc1fe5d59f0b2c2
ed2e67cd5efd11d9838d25eb36572459af64039e
982c72a8a657309859cdc6a7db9707799cd098bea192725254d79d43d912c8b7
GET /v/t39.30808-6/298280525_609516837437012_4515582850900442333_n.jpg?stp=dst-jpg_s206x206&_nc_cat=102&ccb=1-7&_nc_sid=110474&_nc_ohc=TKrnn5rraysAX99OUVd&_nc_ht=scontent-lhr8-2.xx&oh=00_AfAyt2F7fbIxrvmbrlZ0PQhzT6WjLQpSlHjBvRvWc9CIhg&oe=63B6F482 HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 16 Aug 2022 01:52:21 GMT
x-haystack-needlechecksum: 3236837460
x-needle-checksum: 4054719003
content-type: image/jpeg
content-digest: adler32=3970492551
content-length: 8400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: MJtCF4pvXZ508_SMLUcbAuWNitFS2GriaDxjz4YBBBN2ZABOOhFVM-ZiBNFrSOCVU6dBbSy4TjuO5oqXtL-7xi-uDsi4po0_ty7XSLILcSg
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/292374397_586063379782358_7176883149689786909_n.jpg?stp=dst-jpg_p261x260&_nc_cat=106&ccb=1-7&_nc_sid=110474&_nc_ohc=njoSA5TcdAsAX9JwhJQ&_nc_ht=scontent-lhr8-1.xx&oh=00_AfCjaEFwIhBqpRClGACD6rc5LJ0f7-69AqwZvHs9BXm22w&oe=63B5F696
157.240.221.16200 OK 24 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/292374397_586063379782358_7176883149689786909_n.jpg?stp=dst-jpg_p261x260&_nc_cat=106&ccb=1-7&_nc_sid=110474&_nc_ohc=njoSA5TcdAsAX9JwhJQ&_nc_ht=scontent-lhr8-1.xx&oh=00_AfCjaEFwIhBqpRClGACD6rc5LJ0f7-69AqwZvHs9BXm22w&oe=63B5F696
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 261x348, components 3\012- data
Hash 712c5e9e965db9d2390b7c2fd2f47fc7
aa3e72e36d62933544a18fe1f0a918c058f93f83
f1dc7bb625c4e6163290a1215dcd08edda45d9fca78d09be6b9b4ee01ee05fd3
GET /v/t39.30808-6/292374397_586063379782358_7176883149689786909_n.jpg?stp=dst-jpg_p261x260&_nc_cat=106&ccb=1-7&_nc_sid=110474&_nc_ohc=njoSA5TcdAsAX9JwhJQ&_nc_ht=scontent-lhr8-1.xx&oh=00_AfCjaEFwIhBqpRClGACD6rc5LJ0f7-69AqwZvHs9BXm22w&oe=63B5F696 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 11 Jul 2022 01:35:47 GMT
x-haystack-needlechecksum: 4222933625
x-needle-checksum: 2004903351
content-type: image/jpeg
content-digest: adler32=2810307342
content-length: 24045
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: MB5xhz7YUjsczuiOJqYQGADCgEg6MuC04U2cUz9PU6-mydS3_QNPu4tM2AafxpdKlyEO3pZsRyHJd1gcwFmrrkOXSqL5eVYmlBroiw5Q6R0
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306162892_499304855537676_7414910996665874212_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=5cxyOyHCNe4AX_5w8AQ&_nc_ht=scontent-lhr8-1.xx&oh=00_AfB8wkwXpGJGSTrlt3cBjoJ-sQu7hC1_PcF74Ic4IHQxTQ&oe=63B7CD96
157.240.221.16200 OK 6.8 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306162892_499304855537676_7414910996665874212_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=5cxyOyHCNe4AX_5w8AQ&_nc_ht=scontent-lhr8-1.xx&oh=00_AfB8wkwXpGJGSTrlt3cBjoJ-sQu7hC1_PcF74Ic4IHQxTQ&oe=63B7CD96
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x147, components 3\012- data
Hash 420fd0f2d3bb2b52fdd9124e33364d88
59c2b789ba8eaced8b777d652b1e5dccf82fd3cb
5450967caa998b4394f44994617413cc81c0ee3c2fc1c6d861c1a26803b0ca37
GET /v/t39.30808-6/306162892_499304855537676_7414910996665874212_n.jpg?stp=cp1_dst-jpg_p110x80&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=5cxyOyHCNe4AX_5w8AQ&_nc_ht=scontent-lhr8-1.xx&oh=00_AfB8wkwXpGJGSTrlt3cBjoJ-sQu7hC1_PcF74Ic4IHQxTQ&oe=63B7CD96 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 03 Oct 2022 03:27:01 GMT
x-haystack-needlechecksum: 1194774673
x-needle-checksum: 2404020280
content-type: image/jpeg
content-digest: adler32=317556359
content-length: 6784
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: ODLf7QqOqTzAukhBLzJLVe13VlEu73OL4MlSIKjQwdYh7Hwm6S_ur_hA-54PJ9uEKFnEmE0_mz1sEcEoPckjgue0yXDGbZTXawMcGDc92Og
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/307569444_499304835537678_4717259120507434116_n.jpg?stp=dst-jpg_p110x80&_nc_cat=105&ccb=1-7&_nc_sid=110474&_nc_ohc=Q6y1tIUVH2IAX_sETOl&_nc_ht=scontent-lhr8-2.xx&oh=00_AfCScVvDHcSAg01lzWmRaS5h0nicViZjrYN5h4ssWTUKIw&oe=63B7B81E
157.240.214.11200 OK 5.3 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/307569444_499304835537678_4717259120507434116_n.jpg?stp=dst-jpg_p110x80&_nc_cat=105&ccb=1-7&_nc_sid=110474&_nc_ohc=Q6y1tIUVH2IAX_sETOl&_nc_ht=scontent-lhr8-2.xx&oh=00_AfCScVvDHcSAg01lzWmRaS5h0nicViZjrYN5h4ssWTUKIw&oe=63B7B81E
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x147, components 3\012- data
Hash 49474572a2965fbec2b9e3b716bebf2a
d143a563c8ad4d91a9720b06fdffd98d7e8e7476
8a2cd5f3d715101c020890fe2d3a98e4a7e309b9cb1510e3243ed2c9209da60e
GET /v/t39.30808-6/307569444_499304835537678_4717259120507434116_n.jpg?stp=dst-jpg_p110x80&_nc_cat=105&ccb=1-7&_nc_sid=110474&_nc_ohc=Q6y1tIUVH2IAX_sETOl&_nc_ht=scontent-lhr8-2.xx&oh=00_AfCScVvDHcSAg01lzWmRaS5h0nicViZjrYN5h4ssWTUKIw&oe=63B7B81E HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 03 Oct 2022 03:26:59 GMT
x-haystack-needlechecksum: 881877443
x-needle-checksum: 404379695
content-type: image/jpeg
content-digest: adler32=545276208
content-length: 5308
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Sun, 01 Jan 2023 19:29:26 GMT
x-fb-edge-debug: tvkkp1AqFvmxXUPD2zxC689Rt2_Q_IgSmFiRMdfZ_DW-R4CK67c8GKj_eByMO9Mf5JriupJYxfzeWrCNiJ0uzDO9BFFdjSqIIL1hMzSvZas
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash 3d41aac6d02feb1fde7283494b19108a
fe3ffb2ab31753daea33fb55bf4b4ace0a6061e7
53c33db0ad6ee509db0ac63ac17d1a529fa2e24686e9212cab7566ade6c98505
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Dec 2022 19:33:54 GMT
expires: Thu, 28 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 345333
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
142.250.74.35200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Dec 2022 19:42:24 GMT
expires: Thu, 28 Dec 2023 19:42:24 GMT
cache-control: public, max-age=31536000
age: 344823
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Dec 2022 19:33:56 GMT
expires: Thu, 28 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 345331
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
142.250.74.35200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Hash e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 13:33:12 GMT
expires: Sat, 30 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 194175
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
142.250.74.35200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Dec 2022 19:55:02 GMT
expires: Thu, 28 Dec 2023 19:55:02 GMT
cache-control: public, max-age=31536000
age: 344065
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
142.250.74.35200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5604, version 1.0\012- data
Hash 7cda2cfee99d697daf8c14819d9004eb
76f4002863493c93454a9f17424942f321287cba
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Dec 2022 19:55:02 GMT
expires: Thu, 28 Dec 2023 19:55:02 GMT
cache-control: public, max-age=31536000
age: 344065
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 507ccb67f37183ff662ee002859888ee
1f6d272df01b996c7b92b24a08de992a2e65384c
113a6cf69343f056dda347aeac385632940a636ac3507cb0c7627a03959dee12
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "113A6CF69343F056DDA347AEAC385632940A636AC3507CB0C7627A03959DEE12"
Last-Modified: Sat, 31 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21511
Expires: Mon, 02 Jan 2023 01:28:00 GMT
Date: Sun, 01 Jan 2023 19:29:29 GMT
Connection: keep-alive
azseo.vn/wp-content/uploads/2018/01/phone-call.png
125.212.217.35200 OK 3.2 kB URL HTTP/2 azseo.vn/wp-content/uploads/2018/01/phone-call.png
IP 125.212.217.35:0
ASN #38731 CHT Compamy Ltd
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash 4bc195c1634fe958d6b9008b3929dcad
48dab248683ac200a195e8a71537cc5c7de6b5b6
4c8acce7c5db46820bdcfe2ebb7d0658bd82e57c33721d602cc101f096a65c98
GET /wp-content/uploads/2018/01/phone-call.png HTTP/1.1
Host: azseo.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 08 Jan 2023 19:26:34 GMT
content-type: image/png
last-modified: Fri, 02 Feb 2018 03:16:02 GMT
etag: "cad-5a73d7f2-494d9807dc29c7db;;;"
accept-ranges: bytes
content-length: 3245
date: Sun, 01 Jan 2023 19:26:34 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2322211-813b-4a3f-810f-c46c960b9fd3.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2322211-813b-4a3f-810f-c46c960b9fd3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 957376ff2b45ea987aeedd7c66b688e2
14e97014da0c5bb7016261a7f3b2489559bc116c
311a4c894274b7eb317f30515f2f094221dc563e8b50f4ee1d0070e7c6136248
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2322211-813b-4a3f-810f-c46c960b9fd3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6824
x-amzn-requestid: cfdcb148-1979-4cf3-abe5-fa461075512f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0wFOHzdoAMFjhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab6087-77d234247c63e18622e068d8;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:15:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wCFI5gdymeLzUl0EfB_KzVCBo3ujg1XdMcL2qgG6BuWMYFULCVbs0Q==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 20:54:46 GMT
age: 81284
etag: "14e97014da0c5bb7016261a7f3b2489559bc116c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dhlvietnam-express.vn/wp-content/uploads/2019/05/logopngdhl.png
103.130.216.66404 Not Found 0 B URL HTTP/2 dhlvietnam-express.vn/wp-content/uploads/2019/05/logopngdhl.png
IP 103.130.216.66:0
ASN #135951 Webico Company Limited
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /wp-content/uploads/2019/05/logopngdhl.png HTTP/1.1
Host: dhlvietnam-express.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dhlvietnam-express.vn/gioi-thieu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://dhlvietnam-express.vn/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Sun, 01 Jan 2023 19:29:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2