facebook.recoverysetts.com/wp-content/uploads/2023/06/logo-1-1280x451.jpg
104.21.84.85200 OK 32 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-content/uploads/2023/06/logo-1-1280x451.jpg
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1280x451, components 3\012- data
Hash 8c18ea4eaadda297c5f5f54624e8b37e
4363f5be3fa9bc05eba70c017ffd2671c46da2ac
491462e2315a0d96f3d941d585811dde7251e4a70f19b0d74ce149b14008e081
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/uploads/2023/06/logo-1-1280x451.jpg HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: image/jpeg
content-length: 31644
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 02 Jun 2023 19:26:38 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5A6nzK8p%2BhMEdewiCYp6W9QYHqMHpc5zuflrCVR8K8gSAOTpai0zFszBOLBzbfLiGBzqcuMWdgbGvCQY5WSbbI7tSckzxi4UFEbjbTGI68n2l7igCV6PnYY2YZi0%2FeoN6wOkcKxxwhPJGkixA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2c7ada692b067b-OSL
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=6.2.2
104.21.84.85200 OK 1.2 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=6.2.2
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
Hash 92dc42790a6d4f5f3b673548025baa03
dad0f904f6e712b00004203c93e1c421491cf21b
6c1510ef35e8322bf3c09c53aa955cd3b0a9e5ac65d15dd518c84ffc4b511c9f
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=6.2.2 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 02 Jun 2023 17:41:29 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQXub%2FdYSoiRWpD%2F6BaLNLmyQevFNzd5bhENkMPuE%2Bn6HD7A%2BUdMGGtY9ZbWyAL3mL5F8gznKJ0KFF%2FftxvzL%2F5EtHwgTIZGpQmwaE2EQ5yVdbHmM%2FeAzYzCl5VoMTA3hJcN6iqScnokNa6cmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada5926067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-content/et-cache/56/et-core-unified-56-16857343249536.min.css
104.21.84.85200 OK 1.5 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-content/et-cache/56/et-core-unified-56-16857343249536.min.css
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (5859), with no line terminators
Hash 7da7a9b8b869c2ec12572b00a26262b1
5dccb9c8a9560db01c39391f0f5ae0870fce0a79
96fd5e85d90c1f2b4468bb3041d902c3af3e7ddef631032664f104de161cc297
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/et-cache/56/et-core-unified-56-16857343249536.min.css HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 02 Jun 2023 19:32:05 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4%2BxSgsFddOYiE4UuxgmT0pWwd0oE4l2t7ZHW1kpnNLjMpcAns0WpMhoM0wZQJ1JxNZjpK5fo1Q5Oi9e%2FqbH3jJq1shS2AMDX744P%2FsneqvB7NZWYg9ioxCysoywk3TuI0oV%2F0%2BAOhdLIqTieA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada5927067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e0fad54cb828605d258b3a3fc3494d
1998f119ae42787f25cac22435e05b7d8a7ecbcc
fdde19b20684979988b4db7567fdb883ef8cd0438f4c4ef053bdd058011f1dbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Jun 2023 00:18:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
facebook.recoverysetts.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
104.21.84.85200 OK 30 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (48325)
Hash 47cdb0e81ea341ad27a1a0b0ba6b02d8
6195a67b0b7f7919f07309e2c8ce71f3d4729d03
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.2.2 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 10 Mar 2023 00:22:37 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Izi3CaraqouqcOHJYfSMcZVtizDiVihhqnAib64vgTQtO6KKTzQjkOYSnY%2BExsAMJr1mAg44kzUkq2%2BShqssx1bIquSB%2FJkTfn%2F2LGxXF7l03xBSUXVZOCyxU3QTyD2SXuMV5RJf%2FdsHk6qObg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada491c067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Jun 2023 00:18:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Jun 2023 00:18:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
facebook.recoverysetts.com/wp-content/plugins/divi-contact-form-helper/assets/public/js/app.min.js?ver=1.5.2
104.21.84.85200 OK 53 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-content/plugins/divi-contact-form-helper/assets/public/js/app.min.js?ver=1.5.2
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (15257), with CRLF line terminators
Hash 1bceba370a79283f8105aa33e0f4196d
b5f61a4fa90b791b2ecfee47d6aa36a16a63caf1
32ef80ec9ea0d765cc46fdec0686021591c3af87270b7ed1079fdc95319fc512
GET /wp-content/plugins/divi-contact-form-helper/assets/public/js/app.min.js?ver=1.5.2 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 02 Jun 2023 18:02:29 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9i5RqW%2ByEcBDSeA42XzRz8OW%2FJO0GmStSkLs8rAdNiI%2BpxH%2ByG1Sgi0dH2NKMaZakt1o3QmUK%2BupsfCe4yZNN7DO63doIEc82iwLnAdcl%2B0tonLynH1Ml8%2F%2FldmI15Il1ZoRfZSpC%2BhfLsSIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada6932067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
104.21.84.85200 OK 6.9 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (8171), with no line terminators
Hash dda652db133fddb9b80a05c6d1b5c540
60c8514c57a5db2980c4b046b0dd479bd427357b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrnGP1PcSGIDIktNbMhSH%2BpdLljERnmR1N8MJGCXJLudPfrGeRSgPtxKE91RJCItNrEGiLcxwRwSMSfqUsFCEYkMYN27O7f1BvCEFEn3XN3CTdPwYmpNkCIZ%2Bgz41FVVx1F4cB9YIY0LtE81DA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada692d067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.227200 OK 35 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.227:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 35184, version 1.0\012- data
Hash e06bc2c4268be1352a361c19bb4d01f1
f928d453b71dc16ae59b73696905b8344cc8ffe9
b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook.recoverysetts.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 04:04:45 GMT
expires: Fri, 31 May 2024 04:04:45 GMT
cache-control: public, max-age=31536000
age: 418440
last-modified: Tue, 02 May 2023 15:11:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tWkkA.woff2
216.58.207.227200 OK 17 kB URL GET HTTP/2 fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tWkkA.woff2
IP 216.58.207.227:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 17072, version 1.0\012- data
Hash 45462752342c1004d9c92488ebcb5e0b
3abfc280cfddd6bc1962e7e2d582af70e799f35e
e9b78ce1cbff9e258afa3a91f5b9a0fe64ce792691eda7f66b9eaad19e468e83
GET /s/abeezee/v22/esDR31xSG-6AGleN2tWkkA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook.recoverysetts.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 09:52:34 GMT
expires: Sun, 02 Jun 2024 09:52:34 GMT
cache-control: public, max-age=31536000
age: 224771
last-modified: Tue, 19 Apr 2022 18:27:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Jun 2023 00:18:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
facebook.recoverysetts.com/wp-content/themes/Divi/style.css?ver=4.6.4
104.21.84.85200 OK 794 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-content/themes/Divi/style.css?ver=4.6.4
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (64513)
Size 794 kB (794142 bytes)
Hash 0fe07920e662a53e112afc1be5f71674
57492329ca29b73f1c34d93ee7d856ec03644dd8
543eeb14d93cc8c33124add8005f4c3ae8b1e5d08613ba6bc70789299a11c7a1
GET /wp-content/themes/Divi/style.css?ver=4.6.4 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 02 Jun 2023 17:41:55 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e74UKF0ZjUt9kjBIswHZD5Z4irGsowESWR1QPbCOw2ADrD9%2BuZS9vrnxZQwC6eqKzWHSQ%2FjPYWN5Kn0a1bNAfL9olBRIoxX0Dbd2QoMcBrP1Wo7%2Fdovjvn21boYgvUnyjgSX6IWlS00wLDYAlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada4920067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Hash 31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook.recoverysetts.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 390550
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
facebook.recoverysetts.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
104.21.84.85200 OK 90 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (65447)
Hash 0e850a69bc7fd0acc2e92ce6eee87959
8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.4 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Wed, 08 Mar 2023 18:37:33 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bh5J2boQ5QU4TLZwBWy%2BhIEQezhp92QvhHbRLeQDtcARro74Bi%2Bxf%2FvyOS2Ks0cgfF9NGl9Zxax6v0qn%2FpJhQgEZmCH%2BKX1eaOcFvKHTe3tpDZ2Fo9A6IICSEYZNoEcqOn3EjC5UpqVgTvpvsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada5923067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
104.21.84.85200 OK 13 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (13326)
Hash 5cfa2b481de6e87c2190a0e3538515d8
0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Mon, 06 Feb 2023 20:59:15 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4G5qBjA5uKvwLIaLQZ9QdJl%2BZzyehtCi1VqkGFK61chNq1u3up220vrw1Wvgutk7%2FMj%2BxEzh6NOk8EBbBBd0ck8wXpNbWE2v99Koj0cC%2B3Q2qWxvQHXbea1S9qMBDNQsLpdNy8MJ1%2BMrCI9sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada5924067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
104.21.84.85200 OK 18 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAfH7JbWKEYPiIBRhU3Fb5v1HIhrx9CMrCcRDzTGIpU5lAhOGKGvxSXgQ2QTGCHp0jl50V%2B%2BWNDeMZu3l%2FRcd0yfLHq4%2FvNavHskaF3sU6rf3%2Bsvvd9PhzeqR%2FbSkOrlEFia%2B6xlJEsbdECNpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada692c067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-includes/css/dashicons.min.css?ver=6.2.2
104.21.84.85200 OK 59 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-includes/css/dashicons.min.css?ver=6.2.2
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (58981)
Hash d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-includes/css/dashicons.min.css?ver=6.2.2 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CF4x%2BZCTGDcwanZ07Mb8xtilvtM8q0pbYxNENFck1XChnijheqVQBZ%2BMVbvH9YfC9Ci2wNMWvOM9I0pavUwkCxaPv%2FmH7II8nvxgB5bhVUVr20CSuU4lj96gPqFhdBEbSJtkBxCeoexL1Fz%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada5922067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tukkIcH.woff2
216.58.207.227200 OK 4.4 kB URL GET HTTP/2 fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tukkIcH.woff2
IP 216.58.207.227:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 4444, version 1.0\012- data
Hash d0e33d88a75c9631e1a9a4c77e015d61
aeb41de3f7e848a34068cd0a83d14d175ba32107
6790535a3152159eca3d516054282bcce9dea02d61360a1b3cf1b5b85ff8cb74
GET /s/abeezee/v22/esDR31xSG-6AGleN2tukkIcH.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook.recoverysetts.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 4444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 00:37:43 GMT
expires: Thu, 30 May 2024 00:37:43 GMT
cache-control: public, max-age=31536000
age: 517262
last-modified: Tue, 19 Apr 2022 18:36:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
facebook.recoverysetts.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.6.4
104.21.84.85200 OK 1.4 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.6.4
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (1521), with no line terminators
Hash 860668950507584533d1be1dc85aad1d
c3dec21a94908b82e7265745e88cab783445c350
81c7deddbd094fe423506eb99a8735b42c2f19b58974fbe0835c2f64ce01fec5
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.6.4 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 02 Jun 2023 17:41:29 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iol9V9H%2BFf5grouT%2F7OkhUs%2F5%2Fh9Zfq3dF4VboATg42wHoPbRwNActyCyrHptnj2byws3BMuUTdEHjte2XyO0rALDGCRDksilRXIcEmj%2F6E4UmQUq29%2F1h2ff9rZi9YpA4aYZaajZFn4TR23nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada6935067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
104.21.84.85200 OK 291 B URL GET HTTP/3 facebook.recoverysetts.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with no line terminators
Hash 2485a0fab337da61deb41cc4aa994c1b
af1a1d4c6b7c287dc881dd4f46b6b547ac5a5353
7e0bdafc01d81aed845a69d0a32120145155f75aca4c603d8952de7ecc5c6410
GET /wp-includes/css/classic-themes.min.css?ver=6.2.2 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Mon, 13 Feb 2023 20:50:19 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oNb2BqYGArdICtEHSBX0QhK0k%2Br4j%2BtvCqNNpB02FjczgLvSGim34cBFP52WjLjcTMuyoP2OzqabA2UCEvx0Doafc70mTcOTbmsfgFGK667hHau%2Fx7y9u70HEO7WnostSaM1aUdCugOSMWA9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada491d067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap
142.250.74.106200 OK 29 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap
IP 142.250.74.106:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
Hash 9d77f1845ee51b118b031c8a5ae8a328
e19f82399b2295217e16d485cda807de5813965f
61eeaf3752ec4a775d833ab1ffe79787a750f59cb9c2933aad9cc276a36eb5fb
GET /css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Jun 2023 00:18:45 GMT
date: Tue, 06 Jun 2023 00:18:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
facebook.recoverysetts.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
104.21.84.85200 OK 6.6 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (6777), with no line terminators
Hash 4b5583c1e3d9c4f85089eebae5b0ea63
8f1a4ba1dabf9fb35cfc2a2ebd08b93a91c0923b
4c4ee791f1baebfe9e127c3341a2eda8e6e8a5debf27d91fae8c04cd2adb1527
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Tue, 07 Feb 2023 15:56:37 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApADEOP4MbHICEyFm%2FBK7F1nBTs2EbTE4lDUu2ci6x7heEgLWSN96znnZYczLdoolenonTFneCp2Ck7uwUVozHrfoG3ZcIoTaUsNguQ%2BYxAsuT70jgkR5hnQGqUKKaz1EZy2sWZS7YL1cnAhcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada692e067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-content/uploads/2023/06/txt.png
104.21.84.85200 OK 18 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-content/uploads/2023/06/txt.png
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type PNG image data, 983 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e3e9bacd5dac225f86c45af6b426a5d
804962332bda4a21117ba17463b3d782ebe1e12c
082f1bfa58998ba56a0a827d4ad10dfba5d6c72be08b9d1857a2ba68deb29017
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/uploads/2023/06/txt.png HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: image/png
content-length: 17518
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:29 GMT
last-modified: Fri, 02 Jun 2023 19:30:45 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2B7KHz9jwx3Lm6m43192c1sxfRL4KIlTZUPs30f5A3p9561%2FY5rYvGIYb4EvYzzkaEH1J%2FlqYZWJ0DGhumxt%2Bsx1K%2FYZiRM%2BzCRx1wSxo%2BcYpxfv1tufogibRqyl2Benw%2Bmff5giVMrzbPwzag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2c7adc69b6067b-OSL
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-content/themes/Divi/js/custom.unified.js?ver=4.6.4
104.21.84.85200 OK 485 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-content/themes/Divi/js/custom.unified.js?ver=4.6.4
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
Size 485 kB (485411 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/themes/Divi/js/custom.unified.js?ver=4.6.4 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 02 Jun 2023 17:41:51 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFzjDftD6KS89rrcro6k1zux6V6f9gpxgIDrfZRq4xII6MD00Vg7AgQ%2Fng3k2KNoT6um7Sl6zlBiGDNz5xTytzUcYgTNkp9BgigSyap1B7mNtXOIas8p%2FwCDijAitjuoSTH9%2Bzbwgw3pyiz0iA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada6930067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
104.21.84.85200 OK 4.9 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (4987), with no line terminators
Hash e444768b3714d28b26a18c3bec1bc79e
d5fdbb62fa29e5e683a025c1ad9defb6ed8825cb
f84cea9ee397e7d7c6a05e5a2700470a37b5e08cae8a16977f46a7f9a7192e51
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROSJuRzKzQQw8aJ1n7WCNtd1qSPPdwPemo%2Bjd%2Fu6FLnUfUoZQh4GEdzEytaYv%2FACAPaLFji9v%2BqoSIWVyLmjGJ4MlLKCkj25z2vJDNF49HSE4YgrWKOZdrOkRHnTHyKzXrFeoy7l4aijKmboRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada6933067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
104.21.84.85200 OK 10 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
Hash 8cd696505481e74ffee89b4995f37379
ee9aad199ef2bc60a3460f4c52f37d22907b2ec9
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pbIJp8mxIqUqevvHk7CCQJhzayIggvXnKBLshBurgSPjj62VSKXPrtwe2tuhLZjWoqGiTpuenJd%2F%2BI7E2KIrp4b%2F1afXY%2FChbwOhYiqhkMbExYWTXeqBz7Pq7z7ZhNRuTOVXKYOMJcxrnRbNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada6931067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=ABeeZee:regular,italic&subset=latin&display=swap
142.250.74.106200 OK 1.6 kB URL GET HTTP/2 fonts.googleapis.com/css?family=ABeeZee:regular,italic&subset=latin&display=swap
IP 142.250.74.106:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (1603), with no line terminators
Hash 116dc496a2741e59ddb41333a9d40444
ba28f14e8a153e68325921b9ecc5c34993d34499
64b427329b2d46d66914d8bea98b692ed43f423044d86b764cd181dc28c8282b
GET /css?family=ABeeZee:regular,italic&subset=latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Jun 2023 00:18:45 GMT
date: Tue, 06 Jun 2023 00:18:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
facebook.recoverysetts.com/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=6.2.2
104.21.84.85200 OK 6.8 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=6.2.2
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (6902), with no line terminators
Hash 75398e0ada2e6191468308c357a0897d
3d3095b5ca892558fc66fcd5d742479f1bb7a03f
179bab43361c40c5922deec5f87289219733b8ea84d4beafcd40842316b65580
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=6.2.2 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 02 Jun 2023 17:41:29 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNKKm%2Fn90WPmMbbyC3amVBrIAnSPhZrG9enC6ffp4hRyuPi8V9yHGE2%2BSB3WUamo2tnIqnn3DZRZaI%2B%2F9xV8W5zW%2FmutiLYDPV7sHeycLbWE6CSaL5Av%2FCNfAXDJAjnOvn8zqldX7uqL%2FC0pyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada5925067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/favicon.ico
104.21.84.85404 Not Found 1.2 kB URL GET HTTP/3 facebook.recoverysetts.com/favicon.ico
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1276), with no line terminators
Hash 24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
Analyzer Verdict Alert openphish Facebook, Inc.
GET /favicon.ico HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 06 Jun 2023 00:18:46 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iICt8rcyYCxJ94aVytOaLMSl%2FvNGM9Y%2BsDN3taP2p3%2Fs4NI92tShE9%2FzucEugwujh5oaqvxaWFCT4nTUafp3vwlEsw3PrmQcIlKZ1Fx2w6grialS%2BohmsE33UcQTRNVXhqDkL1P8j7DIAW0L4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2c7add29ec067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
104.21.84.85301 Moved Permanently 29 kB URL User Request GET HTTP/2 IP 104.21.84.85:443
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Facebook, Inc.
GET / HTTP/1.1
Host: recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 06 Jun 2023 00:18:44 GMT
content-type: text/html; charset=UTF-8
location: https://facebook.recoverysetts.com/
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fK32Dd48yfaHOcqgeOKs7l0rako7i%2FnJBphWiMOFhS8SXIrnNBeIoRC9UWcW3h1t75AbATUiXiitpzTD5AqewOSYwEER9OhFnJsV%2FRtQ9gaPQhQYhbljorVfcuYA1sUF4ddeew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ad0dc800b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
facebook.recoverysetts.com/
104.21.84.85200 OK 29 kB URL User Request GET HTTP/3 facebook.recoverysetts.com/
IP 104.21.84.85:443
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Facebook, Inc.
GET / HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
link: <https://facebook.recoverysetts.com/wp-json/>; rel="https://api.w.org/", <https://facebook.recoverysetts.com/wp-json/wp/v2/pages/56>; rel="alternate"; type="application/json", <https://facebook.recoverysetts.com/>; rel=shortlink
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0k6hs9nEp7aHoaltQ%2BZsV3mz4j4YETpfH5VgPq4o7uzdAhpkoa%2FbRj9Onbh%2FV8a1COhL0ZdSCwh0PgPDRi7EDb8K4E0eMdL%2BVSPALx1MGEBbt2DRx%2FhCpndHZMYy%2FjRArogCSa1wKIhjj0Rkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ad4efa5067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
facebook.recoverysetts.com/wp-content/plugins/divi-contact-form-helper/assets/public/css/app.min.css?ver=1.5.2
104.21.84.85200 OK 6.5 kB URL GET HTTP/3 facebook.recoverysetts.com/wp-content/plugins/divi-contact-form-helper/assets/public/css/app.min.css?ver=1.5.2
IP 104.21.84.85:443
Requested by https://facebook.recoverysetts.com/
Certificate IssuerGoogle Trust Services LLC
Subjectrecoverysetts.com
Fingerprint98:82:B8:B3:D3:60:7E:F8:D2:83:22:57:8B:23:AF:EB:A0:4E:2C:6B
ValidityFri, 02 Jun 2023 18:02:58 GMT - Thu, 31 Aug 2023 18:02:57 GMT
File type ASCII text, with very long lines (6543), with no line terminators
Hash 61c3b0ec57b22b29f39195079ef7c424
eb049793450885bca02641c93bef09900f83da67
2ece301849d758dcdd4a019350f40aeca40fa1b3aa8c4efbb79c748de333ee6d
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/plugins/divi-contact-form-helper/assets/public/css/app.min.css?ver=1.5.2 HTTP/1.1
Host: facebook.recoverysetts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.recoverysetts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 00:18:45 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 03:34:28 GMT
last-modified: Fri, 02 Jun 2023 18:02:29 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5t7ysk55zh%2FT%2FFn6vuy%2BzEMCkL%2BTaTXzL11qc09G3zAUWwSMQZbCLKnqp14rcvnNv9xX5HJmC5Xhq0hFUlFkZdwgAGfq%2BxfiXu%2BC6g%2B%2Fn73azLME7YDhwQJQrDugsE%2Bb6iobkjbRxA585Yq9hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2c7ada4921067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400