Overview

URLdear-shade-cloud.glitch.me/
IP 54.209.182.143 (United States)
ASN#14618 AMAZON-AES
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-04 15:06:26 UTC
StatusLoading report..
IDS alerts0
Blocklist alert81
urlquery alerts No alerts detected
Tags None

Domain Summary (0)

No passive DNS data

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.
2022-12-04 2 dear-shade-cloud.glitch.me/ Facebook, Inc.

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 2 dear-shade-cloud.glitch.me/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/ajax/timezone/update.php Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/ajax/bulk-route-definitions/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/ajax/bulk-route-definitions/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/ajax/bulk-route-definitions/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/ajax/bulk-route-definitions/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing
2022-12-04 2 dear-shade-cloud.glitch.me/api/graphql/ Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 54.209.182.143
Date UQ / IDS / BL URL IP
2022-12-13 14:17:57 +0000 0 - 0 - 1 boom-fallacious-omelet.glitch.me/ksx.HTM?/Nav (...) 54.209.182.143
2022-12-13 04:57:04 +0000 0 - 0 - 1 no-u-111.glitch.me/jj.exe 54.209.182.143
2022-12-13 00:51:54 +0000 0 - 0 - 2 busy-rumbling-raft.glitch.me/NFCUSign-in.HTML 54.209.182.143
2022-12-12 02:04:53 +0000 23 - 0 - 2 rustic-freckle-nautilus.glitch.me/rapw.HTM?/N (...) 54.209.182.143
2022-12-11 12:40:51 +0000 0 - 0 - 2 fog-quark-juniper.glitch.me/fanni.shtml 54.209.182.143


Last 5 reports on ASN: AMAZON-AES
Date UQ / IDS / BL URL IP
2023-02-01 05:46:27 +0000 0 - 2 - 0 rebrand.ly/IntelliConProposal?utm_source=nuts (...) 3.215.52.59
2023-02-01 05:30:59 +0000 0 - 1 - 0 34.75.2o2.lol/XTWtGUFRXWTRkakpOVTJOTEsycHpVbT (...) 44.207.194.251
2023-02-01 05:30:35 +0000 0 - 6 - 1 f2459936054e42.lhr.life/ 3.234.18.192
2023-02-01 04:57:15 +0000 0 - 1 - 0 www.frommers.com/destinations/morocco/642794 54.175.175.64
2023-02-01 04:56:24 +0000 0 - 3 - 5 foamy-translucent-sardine.glitch.me/ 107.20.84.128


Last 2 reports on domain: dear-shade-cloud.glitch.me
Date UQ / IDS / BL URL IP
2022-12-04 17:53:12 +0000 0 - 0 - 77 dear-shade-cloud.glitch.me/ 44.199.49.219
2022-12-04 15:06:26 +0000 0 - 0 - 81 dear-shade-cloud.glitch.me/ 54.209.182.143


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-04 17:53:12 +0000 0 - 0 - 77 dear-shade-cloud.glitch.me/ 44.199.49.219

JavaScript

Executed Scripts (73)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (141)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16226
Expires: Sun, 04 Dec 2022 19:36:40 GMT
Date: Sun, 04 Dec 2022 15:06:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1456
Cache-Control: max-age=157759
Date: Sun, 04 Dec 2022 15:06:14 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:55:33 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 14:20:07 GMT
cache-control: public,max-age=3600
age: 2767
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3148
Expires: Sun, 04 Dec 2022 15:58:42 GMT
Date: Sun, 04 Dec 2022 15:06:14 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ZAY5tl3OXiKdhdCSzU6VfXMfbyD5DKIUt2zd1OWt7tmoIQPidFJPOf9GlYMEnhLslFuWLVydXUaW4SlFVFvMGQ==
x-amz-request-id: XR53846W1CWHM1CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 14:47:01 GMT
age: 1153
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 15:06:14 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3061
Cache-Control: max-age=103218
Date: Sun, 04 Dec 2022 15:06:14 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 19:46:32 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3061
Cache-Control: max-age=103218
Date: Sun, 04 Dec 2022 15:06:14 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 19:46:32 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3061
Cache-Control: max-age=103218
Date: Sun, 04 Dec 2022 15:06:14 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 19:46:32 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3061
Cache-Control: max-age=103218
Date: Sun, 04 Dec 2022 15:06:14 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 19:46:32 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6075
Cache-Control: max-age=106232
Date: Sun, 04 Dec 2022 15:06:14 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:36:46 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /rsrc.php/v3iJ984/yo/l/makehaste_jhash/1HOrD3YaQO3.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 29 Nov 2023 04:43:36 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 2iZsSz0znp8VlbbeWXhSWg==
x-fb-debug: ZNzkw8xDElt2UHwaPm2MLrhwXcT6A9gp1p1UVFEFoBJGk29Jzk9GYu1Ql8EolB/dcUB49y2UskZhV/jd+BmE7w==
content-length: 28295
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14178)
Size:   28295
Md5:    da266c4b3d339e9f1595b6de5978525a
Sha1:   168d3e429444536750ff40f2a35e79862cbd6de7
Sha256: 4e673b491fd7d98efa718daf2463544e1261fdced95730e70fcf910e992b6b1e
                                        
                                            GET /rsrc.php/v3iG-I4/y-/l/makehaste_jhash/AhvByBzwPsj.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 05:46:26 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: G7zQ+NlZeOdIp8Q5M1crrQ==
x-fb-debug: 0ggxSOvCBUPc6Owkl15YXgGAYymtyg6scsN/9aXFDl/1wApU6II1hC2QtB+fNVcIukrqdyFTLq/QL4yves0FCA==
priority: u=3,i
content-length: 32828
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8770)
Size:   32828
Md5:    1bbcd0f8d95978e748a7c43933572bad
Sha1:   bab5b70d4afe16825ceba2496b304ec3bd2c0cae
Sha256: ebe36f938420abe6e6ab462dff53425e2e67d0688e768a5b34f91ba4a3f1d7de
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3061
Cache-Control: max-age=103218
Date: Sun, 04 Dec 2022 15:06:14 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 19:46:32 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /rsrc.php/v3/yN/r/_cSozw5faCz.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 04:42:37 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: 2ouPquwLlc/GTT4MqE/znQ==
x-fb-debug: k1LkPrlcFJu6wRN5ssuAJPLPqoQVgRX1Re7D7Qbokd8gN484OjyoOfFf7MXGGCLtRdzuJX5SogjlzajjcTh4EQ==
priority: u=3,i
content-length: 42902
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8285)
Size:   42902
Md5:    da8b8faaec0b95cfc64d3e0ca84ff39d
Sha1:   d1d774e9999af073c9a302d8b73bdc3508b9d5dd
Sha256: ef02e4ae0a9254840d5d4353e40b17473b320f4d9aa4bc9a0960b48644828df5
                                        
                                            GET /rsrc-translations.php/v6ihKG4/yH/l/vi_VN/1HOrD3YaQO3.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: /ewMk8wxjPkF5buDpIZLeg==
expires: Wed, 29 Nov 2023 05:41:31 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: zK9iZ5YtXpsJL61mtQNq/yXqbrjUUHU4zKuVCCo3GMDfBwCEAX2GOlVP9XU0ZxCNvjLZpvp3wsWnpjr8wuk4aQ==
content-length: 159
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   159
Md5:    fdec0c93cc318cf905e5bb83a4864b7a
Sha1:   d4104e4c31f09de851a22ba2c70d44a7f7cb1bc4
Sha256: c57a7a599aa68ace6850fef07169a7589612b62698d905176f9c331e3162aae2
                                        
                                            GET /rsrc-translations.php/v6iqf44/yF/l/vi_VN/AhvByBzwPsj.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 08:30:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: MnfDGu7bOWgQl46gXtz1qw==
x-fb-debug: 3z+uElNrVBGgGXABmuoV+fgZg0urpndqTV/XrwL7Z9fCxU/B2JUvNg7fIYc0GGOlcngYcrqGKrfG1z2+LeSnqw==
priority: u=3,i
content-length: 203
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   203
Md5:    3277c31aeedb396810978ea05edcf5ab
Sha1:   b04aa8c7742e57ff79ca14311eefe016c5a5e474
Sha256: 48d89ea4602fd7c0debcdec6260df2a0b55fb55c3d06f039a8bd58354e511ae0
                                        
                                            GET / HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         52.4.141.177
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Sun, 04 Dec 2022 15:06:13 GMT
Content-Length: 1064692
Connection: keep-alive
x-amz-id-2: kdOoVaclQsZ3OCjxJ0Znwbmu1DxIOe2Q11typ6Clthrzv3+z2wJpBulMd8Tvq0IrvWDiG+FTNIQ=
x-amz-request-id: 332VM0NE2NXAT4NW
last-modified: Sat, 03 Dec 2022 12:52:33 GMT
etag: "790417d8e4c1e28b1ae1630ede631c1d"
cache-control: no-cache
x-amz-version-id: A7NjDEQdQlqYJF6vX_XxQOYaORKoIDFA
accept-ranges: bytes
server: AmazonS3


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65535)
Size:   1064692
Md5:    790417d8e4c1e28b1ae1630ede631c1d
Sha1:   bb9076cfaf9bf521ac5fa365e69bd6ed66a0f71f
Sha256: ab7918c2412f368ac4e234ce81d40607e40f411cc7e9149aea6712ad0a58ceae

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /rsrc-translations.php/v6idwg4/yQ/l/vi_VN/UfboxSTObMzG2JfzsNTQwqeov9oWduFUNra6IoLgooPKv0e5zzYUYMvEIHR-IitROhxN4K2qMgiZpeZb7fhsmVBhsytNHBJXKG0A5cCkTVWF_k4OO1vqDVL8jtn7Ob-BIm1PJKvNaY0a88iqwFvh-REIae9CaIj-WpLGrQPyFshZk2oJb9t84emNXkR4yNJbiTjhCI8xKX-hMDAeNshsLy1nuUs9LgeB92Z3jYBtCtqNdpz9m6xNsKWcegStmSlxNcZ_24BxH0fh6r1tX7vuubPm6kCkl2k1bexQUixYkiWd58Tl6UDiY1PM19PsZfzcF4iTCtPDdk.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 04 Dec 2023 15:06:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: WIURAnl6f4CBFYRBTDd5yQ==
x-fb-debug: 0AJf15YoaUhiECX+oopUWf2k9nItNk8q5q4aEosNmnhN/cnbJndTv2GoW6QqUJm6lfanTEfL8c7TyP576NYjWw==
content-length: 2465
priority: u=3,i
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5948), with no line terminators
Size:   2465
Md5:    58851102797a7f80811584414c3779c9
Sha1:   c37b545bccfab10ec47a646629f0e1a6eec81860
Sha256: 589dd5e5a0a84a2a4877fff10fccddd054973e84b3f8461b16a227c15aedbd8b
                                        
                                            POST /ajax/qm/?__a=1&__user=100079904362606&__comet_req=15&jazoest=25624 HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 191
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 11NA4B5W2P6M867X
x-amz-id-2: mpQrhecMyftnIGrXKKggtzyA9+iFp65bXOMm+BmCGmaCe4VNAM4z3Nk6swUds+xxvebJWUY5o9w=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    cbba32155a2a8fa9c3b05267dcf26834
Sha1:   fdb87fec11f5c1ea6cf1518dfeb6d870f3f45eb6
Sha256: ff9a092ae11e624b3376dc89c95fddff5fce9022a8986c19e836ef450e3be3a6
                                        
                                            GET /rsrc.php/v3/yn/l/0,cross/DzUSipvyKyK.css?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 24 Nov 2023 08:46:36 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: UCpSidonBSw874E0JlNyYw==
x-fb-debug: KrWWhp3W4EgSFyvz38UKrhhVmO+XkHFAhcJLg8L57BmObrjaXb1HYNwNHk0UNIAvXYlGy6aH5/yy9kta7Tw2bg==
priority: u=3,i
content-length: 622
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1367)
Size:   622
Md5:    502a5289da27052c3cef813426537263
Sha1:   0a77cb007882e907c69a0b74cac082845f442f42
Sha256: 2c4f25df2baaeb070d4c82a06b4538adfbc1328e985fcd4827d52d0c782f1e08
                                        
                                            GET /rsrc-translations.php/v6iH1N4/yi/l/vi_VN/StFE-AQi_ObZQllFv7EHElirIEF4ikp8rgM3SfIewM97_DLWLQGBHtgwFlyImmcraA3tRwa7oZ2j0qTqqEHlOTjrf5i12Wn_XT6X9fvSIXCucY3b4twRjMOkaOX2aatdj8f-H9J4wXh4hyO2h6d9xQQMwDD4jenIdZ7HGlY7j3TamE40mgoCIaO2qP1t1LTz_c2BlAXc-buPNEADHHZTIYdvSPC17R8wRlxysuZ6blRoGe04H57bSAvjTrDp2IV3K015db_Osc2h6dvFTwgidEYnDS-FFztmPUnBlDxuYp55HfXW__mMnMkHkfZeeYBAhnJk6WLrZz.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 04 Dec 2023 15:06:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: zLIoUuBAtWaX9KcKWLTjxQ==
x-fb-debug: g7b5jCrWLdRnN4kF5SinNgLg1RAY1ObfQEgD82RUvkRhqtoq2h6Yw8ROuqlsfO0rLDvSHPg1HqVBmdhTnxCqPQ==
content-length: 3207
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (9379), with no line terminators
Size:   3207
Md5:    ccb22852e040b56697f4a70a58b4e3c5
Sha1:   3a0eb1148c90f1a00a7e85e18ee3f4b9251891c4
Sha256: d7967b186733d75c69d2139e0bc6039040bfe24e00c014bdb6b144d0e4ed90c4
                                        
                                            GET /rsrc-translations.php/v6iXXU4/ya/l/vi_VN/DuhOr6zU9ARP3O6eS7XtXvlf1P9rAT5fQb4_i3SN4sNBvRd8PbT8Xl-h9sTUPl5TAakvVDQNjfAGFzg7ITFP0pHmGb2LbVNJiBf.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 04 Dec 2023 15:06:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: p2Fm4mBiE83s0dVudYKQMg==
x-fb-debug: wOVgzTDolS2Zc8BaKfzqWKW+U4FDZpoHufdoAjCOwAmQz8kG1TAchvF/GyfynN08esE6n/iLs8SQMw15TuhL0Q==
content-length: 4114
priority: u=3,i
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (8767), with no line terminators
Size:   4114
Md5:    a76166e2606213cdecd1d56e75829032
Sha1:   91a9744d8dc8fc52b00bd430c31cb094c661d7f7
Sha256: a56a3aa12a51efc2b71613f5ba47dc50f1ac5cbcf62eb10211b704b26a330f23
                                        
                                            GET /rsrc.php/v3/yU/l/0,cross/Iji10A-HbDSCXqkVbUWP02cNgUJ2oPu_n.css?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 04:07:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VWZNrm23xpuvl0KNcM7xzQ==
x-fb-debug: lObzjudZFU5MbV3Qz5z1vOzVMVFvosovHaWgvjuagXOPRHdmuUq37RaMyNmbSsNSzVl2XqHC3nCpmmKr8Nh6CA==
priority: u=3,i
content-length: 152775
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (63629)
Size:   152775
Md5:    55664dae6db7c69baf97428d70cef1cd
Sha1:   95b2f78ddd26328e8b266baafdcbb91e0c107ee9
Sha256: aaaaaa969d5c5897fe36a6e18a047801ab69f6e365a2dcf60003e895ab53c7d9
                                        
                                            GET /rsrc.php/v3/yp/r/zKeNFcJB1oh.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 02:05:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: /W6lKQTTahk7YesAIPK2Dg==
x-fb-debug: PDrlIhTg3m+bZl7X8uHFpIS4a7y9h9nTjZwMQ7k6/tCzqtyFc8nu2AGwUP+/i2wtHCXHkKSRZYaei7zMgnpoWg==
priority: u=3,i
content-length: 8200
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13349)
Size:   8200
Md5:    fd6ea52904d36a193b61eb0020f2b60e
Sha1:   fde1b439f27bb7ea820da6269cd1b4caa6726008
Sha256: c3ae13d6a3bcf1615182258b2855e23b947f08011cb379ac13f234da8127c857
                                        
                                            GET /rsrc-translations.php/v6ifMW4/yi/l/vi_VN/M0IU9jlfp40WbjRQ__LxxDgAByAaz2WYQRRiu6rkcRzEsE7Wfgq5ga6VmNLOajVv4IZ6tgapdZlot9ysBvdNvCNjQ5EVLQU0sPOCW4TYF-uF0ZRG4p7zBeLEP.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 04 Dec 2023 15:06:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 8dCnN9jYQUXyzuqgYrAwBQ==
x-fb-debug: PavdvoYOwiRYhRc21/AWv/Gc7OZL0mTxcwwmwzEkwzhi5P+LJyFMYUmQ43zQN3k6BLOQKvFqyA7p/GVc9ZLLSg==
content-length: 8155
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (25919), with no line terminators
Size:   8155
Md5:    f1d0a737d8d84145f2ceeaa062b03005
Sha1:   d5032595f889ded93e2a3e9e45d67847a4967a8f
Sha256: d460eb2585091785ea249734c06ca6af53751976ac0c34cbd080524386b170ce
                                        
                                            GET /rsrc-translations.php/v6izf34/yS/l/vi_VN/yOuI0nRDvvU.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 04:32:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: qzFNY2DF8uCQycLbo8a//g==
x-fb-debug: GwlOJH9ivilDy7HwmLay6x51l+LIhgWQn5UjZML9IJUrhzZLkePosJVV4e+wo0wsnM3LxoWdFEAEE9yjtyLLUw==
priority: u=3,i
content-length: 13540
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   13540
Md5:    ab314d6360c5f2e090c9c2dba3c6bffe
Sha1:   cbd8362b849cb1860708acb560339070c56a7711
Sha256: 749400f46534f2743fe4e213b8176884aa3c06c9db1f648c739b96eb63a28b1f
                                        
                                            GET /rsrc.php/v3/yw/r/W73MxMfhIAi.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 18:54:31 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: zYPx/RI7xIJeW/wXqrAAUg==
x-fb-debug: gIR1i9Ljr2yLz/tzuS/1SmEm1+IQUpxJ6M0akeQnTd5/r9shRGTomOc2yTlUIaLUaHyHVPORiYPpeNBypJj8Lg==
priority: u=3,i
content-length: 63713
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18622)
Size:   63713
Md5:    cd83f1fd123bc4825e5bfc17aab00052
Sha1:   fda9424ca33a288ecd833984d9cb09f262022b75
Sha256: e388cb26de9474761a40afa6bae93ba36731e07711f279f19759dbb59987c412
                                        
                                            GET /rsrc.php/v3iVxe4/yx/l/makehaste_jhash/StFE-AQi_ObZQllFv7EHElirIEF4ikp8rgM3SfIewM97_DLWLQGBHtgwFlyImmcraA3tRwa7oZ2j0qTqqEHlOTjrf5i12Wn_XT6X9fvSIXCucY3b4twRjMOkaOX2aatdj8f-H9J4wXh4hyO2h6d9xQQMwDD4jenIdZ7HGlY7j3TamE40mgoCIaO2qP1t1LTz_c2BlAXc-buPNEADHHZTIYdvSPC17R8wRlxysuZ6blRoGe04H57bSAvjTrDp2IV3K015db_Osc2h6dvFTwgidEYnDS-FFztmPUnBlDxuYp55HfXW__mMnMkHkfZeeYBAhnJk6WLrZz.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 04 Dec 2023 15:06:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: i8k55SuCwD/UOxoLrjK3Yw==
x-fb-debug: UjMPjcuVSFx6ag+JaSyi0OgofpPJIoOxvp8x/SgBhOybQddECP24Ast0QNlAvGM5fJNOkWttqLJB5mdkCZk6sg==
content-length: 94867
priority: u=3,i
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20809)
Size:   94867
Md5:    8bc939e52b82c03fd43b1a0bae32b763
Sha1:   45cc05458b14872e34caf8ac09be922b8e8eeb9a
Sha256: 174f24e77cc51351eb2bd5e6ab0218132e1cfbf426324826da9ecffc133c7ab7
                                        
                                            GET /rsrc.php/v3iB2I4/yc/l/makehaste_jhash/DuhOr6zU9ARP3O6eS7XtXvlf1P9rAT5fQb4_i3SN4sNBvRd8PbT8Xl-h9sTUPl5TAakvVDQNjfAGFzg7ITFP0pHmGb2LbVNJiBf.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 09:20:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: I9wJFeu9YmF5ySR+IyMexQ==
x-fb-debug: /byBn79c1fMHB1/Vk+qztBZdYJgD6MYkHk5EP+D1LU/L0NWBH2jAJcQRPrBnfzqrZf5k8kJRtnpGVnoInMrs2A==
content-length: 145197
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8582)
Size:   145197
Md5:    23dc0915ebbd626179c9247e23231ec5
Sha1:   b3422b91628c68bdfe686ca1e91a17b4619074e9
Sha256: 9c0b6dff7760b7eeaa9a820fe0bf39628f8181e8b67765e3f0fb29e618af0530
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 14:11:19 GMT
cache-control: public,max-age=3600
age: 3295
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1437
Cache-Control: max-age=152673
Date: Sun, 04 Dec 2022 15:06:15 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:30:48 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zAg2lNsHzmL8b1BW6LRKXw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.252.32
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6dgfs93gZYMm0CdQ80Z7HAW6BJM=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4593
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 15:06:15 GMT
Last-Modified: Sun, 04 Dec 2022 13:49:42 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=156626
Date: Sun, 04 Dec 2022 15:06:15 GMT
Etag: "638c7839-1d7"
Expires: Tue, 06 Dec 2022 10:36:41 GMT
Last-Modified: Sun, 04 Dec 2022 10:36:41 GMT
Server: nginx
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1334
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 15:06:15 GMT
Etag: "638b1d0b-1d7"
Last-Modified: Sun, 04 Dec 2022 14:44:01 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1162
Cache-Control: max-age=141952
Date: Sun, 04 Dec 2022 15:06:15 GMT
Etag: "638c3a5d-1d7"
Expires: Tue, 06 Dec 2022 06:32:07 GMT
Last-Modified: Sun, 04 Dec 2022 06:12:45 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=166367
Date: Sun, 04 Dec 2022 15:06:15 GMT
Etag: "638c9e46-1d7"
Expires: Tue, 06 Dec 2022 13:19:02 GMT
Last-Modified: Sun, 04 Dec 2022 13:19:02 GMT
Server: nginx
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=154110
Date: Sun, 04 Dec 2022 15:06:15 GMT
Etag: "638c6e65-1d7"
Expires: Tue, 06 Dec 2022 09:54:45 GMT
Last-Modified: Sun, 04 Dec 2022 09:54:45 GMT
Server: nginx
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=95826
Date: Sun, 04 Dec 2022 15:06:15 GMT
Etag: "638b8ab9-1d7"
Expires: Mon, 05 Dec 2022 17:43:23 GMT
Last-Modified: Sat, 03 Dec 2022 17:43:21 GMT
Server: nginx
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=166366
Date: Sun, 04 Dec 2022 15:06:16 GMT
Etag: "638c9e46-1d7"
Expires: Tue, 06 Dec 2022 13:19:02 GMT
Last-Modified: Sun, 04 Dec 2022 13:19:02 GMT
Server: nginx
Content-Length: 471

                                        
                                            GET /v/t39.30808-1/307858268_10224418110453712_1247939563550084906_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=111&ccb=1-7&_nc_sid=7206a8&_nc_ohc=975MstbnRq4AX8HuSk_&_nc_ht=scontent.fdad1-3.fna&oh=00_AfBpF_0xShIFRPbPfeUWnriyL9iY-n9JfaayT58AqweQwQ&oe=63902762 HTTP/1.1 
Host: scontent.fdad1-3.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         113.171.72.209
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 04 Oct 2022 06:48:25 GMT
x-haystack-needlechecksum: 2084355630
x-needle-checksum: 650197448
content-digest: adler32=2602185689
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
priority: u=3,i
content-length: 1123
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 40x40, components 3\012- data
Size:   1123
Md5:    f8423b5084bf8dfc450de76f9224b2ef
Sha1:   e50aa9684318ee21ce8714e19837ec8fea009cf3
Sha256: a29120fa39ae50f328cbd8312d1f05d2894dc71b2a68d09697cb242e41b3e611
                                        
                                            GET /v/t39.30808-1/317565400_581306843755579_1631236579294757730_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=102&ccb=1-7&_nc_sid=7206a8&_nc_ohc=wS4Mv_AXKtAAX_6Z5rn&_nc_ht=scontent.fdad1-2.fna&oh=00_AfBFPyyKMiV2s9N6_q-yo_TvMdqNqz9HGXMOv6NjDadxug&oe=63901EE6 HTTP/1.1 
Host: scontent.fdad1-2.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         113.171.72.148
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 03 Dec 2022 12:48:22 GMT
x-haystack-needlechecksum: 1411901012
x-needle-checksum: 3485000349
content-digest: adler32=3164702889
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
priority: u=3,i
content-length: 1298
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 40x40, components 3\012- data
Size:   1298
Md5:    f3372343d0717ac79d39ddab08ce1afd
Sha1:   55c886ea486303820db250e6772b6ccf6f96cb68
Sha256: 1df0d7a2e8617fbf051935eabeb14fe4a2a13ddedf38af86fe1d92f0def1777d
                                        
                                            GET /v/t39.30808-1/316046984_815968696351059_150759025048789599_n.jpg?stp=c0.0.40.40a_cp0_dst-jpg_p40x40&_nc_cat=107&ccb=1-7&_nc_sid=f67be1&_nc_ohc=-JGYyPlssxMAX9CRtAA&_nc_ht=scontent.fdad1-4.fna&oh=00_AfBYP0HkbzE220ZEeMPmAsocJohbuIweC_zqakApDrQ8Og&oe=638F4210 HTTP/1.1 
Host: scontent.fdad1-4.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         113.171.128.81
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 19 Nov 2022 09:41:55 GMT
x-haystack-needlechecksum: 3696808591
x-needle-checksum: 738835655
content-digest: adler32=1468092728
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
priority: u=3,i
content-length: 1194
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 40x40, components 3\012- data
Size:   1194
Md5:    e1343a7f72a05f9957b6e0e71b98d10e
Sha1:   4675160402ca084042c39dae80df8631b6cb4b35
Sha256: cfe939e6e2ed679c513f878f37138f4a37eab61187b5456e5a795061afa0dcaa
                                        
                                            GET /v/t39.30808-1/298949176_146219458051532_8442555072308741830_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=111&ccb=1-7&_nc_sid=7206a8&_nc_ohc=i9nK8rieckAAX9IkJ7z&_nc_ht=scontent.fdad1-3.fna&oh=00_AfCr2yXi97-EXGW6MpBjxtzCAguIMQ4eiLO78vQmeogPyw&oe=638F62F0 HTTP/1.1 
Host: scontent.fdad1-3.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         113.171.72.209
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sun, 14 Aug 2022 11:59:38 GMT
x-haystack-needlechecksum: 1351615963
x-needle-checksum: 2197747536
content-digest: adler32=815187775
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
priority: u=3,i
content-length: 1435
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 40x40, components 3\012- data
Size:   1435
Md5:    941ee95d3f0f1586bca5dcd89cf86ab3
Sha1:   bda7f4511f7e5f4b81bd4166014cf1761a364707
Sha256: f18f29028ef59c4fefa9f8e9d8b05fa8aa415c029cf44891956886832cb26c3f
                                        
                                            GET /ajax/bootloader-endpoint/?modules=TransportSelectingClientSingleton%2CRequestStreamCommonRequestStreamCommonTypes&__user=100079904362606&__a=1&__dyn=7AzHxqU5a5Q1ryUqxenFw9uu2i5U4e0ykdwSwAyUco2qwJxS1NwJwpUe8hw47w9u0LVEtwMw65xO0FE886C11xmfz81sbzoaEnxO0Bo7O2l2Utwwwi831wnEfo5m1mzXxG1Pxi4UaEW2G1NxGm2SUbElxm3y11xfxm16wUws9ovUuz83VBwJCwLyES0Io5d08O3216AzUjwTwNwLwFg662S26&__csr=6x2L-8h97Fuii-QEwTylqhRhbaQiWV4nHgyqGAdLCQmBJ7hum-BAhfgSLabKujyF4ElLBjZ4J2ubghyppEgxK9U8Ey6ENkcy8coc8-ibz8uxq9wzGfKVUaEnxu1mx28xOUkwUw9q260AUC3nxy0im6o2tw9y15wywGz8fo3ZwKwk8O1Jx13824wTw2io1Togw0Kqw0Kvw0bky09Zw2n80erG_-01g6w0Fqw1vp0bW0oa049U1FU1BUd8&__req=1&__hs=19329.HYP%3Acomet_pkg.2.1.0.2.1&dpr=1&__ccg=GOOD&__rev=1006680768&__s=8f4byp%3As51xck%3A4ym7v9&__hsi=7172903703993918399&__comet_req=15&fb_dtsg_ag=AQzYGcucfj5vCQyFnqPxnI_axlgI5Bs6ufaWWGeby5oHxBPo%3A42%3A1670069580&jazoest=25185&__aaid=5297270053722509&__spin_r=1006680768&__spin_b=trunk&__spin_t=1670071786 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/comet_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
x-fb-debug: DbEuN7jMfN5ffBhRcO88JFHJ9YS5e2cwJ7idjeSuEWFKbZ3BKLH2sQKFASm/EkC7mJMH8yuWY5WHq4n7YH4ZBg==
content-length: 3609
date: Sun, 04 Dec 2022 15:06:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10569), with no line terminators
Size:   3609
Md5:    8e89e811fc84b2cbeedc949ad8d257bb
Sha1:   87c143b41986c48ef07c05fba6f28e13c1cae70a
Sha256: 11b2bfe9778beb8626adae31803b79d8404ed23889e5acadcc4fbac5fbb16890
                                        
                                            GET /v/t1.30497-1/143086968_2856368904622192_1959732218791162458_n.png?stp=cp0_dst-png_p40x40&_nc_cat=1&ccb=1-7&_nc_sid=7206a8&_nc_ohc=Xtnf9eMNZrMAX8SIC9_&_nc_ht=scontent.fdad2-1.fna&oh=00_AfAzz9lwhAZM3wiIolo6aZb0G2RUYvtAIRWZRs2fiJ7Aeg&oe=63B2B838 HTTP/1.1 
Host: scontent.fdad2-1.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         113.171.72.81
HTTP/2 200 OK
content-type: image/png
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 27 Jan 2021 21:09:20 GMT
x-haystack-needlechecksum: 2195128382
x-needle-checksum: 2193203146
content-digest: adler32=337507252
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
priority: u=3,i
content-length: 1069
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size:   1069
Md5:    d8805eee3244f1c5655250340ff37c46
Sha1:   30c0fd4efcd0421574efba7fca638d7a17a38f8a
Sha256: 2ca229290858d22df7a9cecf3449323819747f1c72909803b911b56020d837a4
                                        
                                            POST /ajax/bnzai?__a=1&__aaid=5297270053722509&__ccg=GOOD&__comet_req=15&__hs=19329.HYP%3Acomet_pkg.2.1.0.2.1&__hsi=7172903703993918399&__req=2&__rev=1006680768&__s=8f4byp%3As51xck%3A4ym7v9&__spin_b=trunk&__spin_r=1006680768&__spin_t=1670071786&__user=100079904362606&dpr=1&fb_dtsg=NAcNSCv_klBKzFYdwXcXrE2WcEiLxFYpHe3QghvGZ_EyUrfch1tO8AA%3A42%3A1670069580&jazoest=25624&lsd=hx3MG049-opfe7k7h0E1op&ph=C3 HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------12719159071809341850860808473
Content-Length: 994
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: AW4QHH3Q9XW4ZP93
x-amz-id-2: 1evdowgulfM+HYC58zZ2xBSTAyXiTdRvGoeUJbJpur5nDwCLR3h+6KOWva+cLXBjU4AUO0Dqcg0=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    3098569539573d3eee8e244c4d4ec456
Sha1:   5c02448b14ac1caaa48dc4f54899ebf9da24288a
Sha256: 2ff305e2d2f133c598319ccc7221073b57c04138c8407ee7bbf1f231c89c72a8

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
                                        
                                            POST /ajax/timezone/update.php HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 893
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: AW4SMM173PS9CC67
x-amz-id-2: YPltDhQvyVxBZHLxkDQR+flzSPzV3OYw8NUxopTk8iXRsvz8GPmNp1+jz+YZYCcquPRyEEFQA20=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    9137b62d8aa80c92a7f0edb42f729ddd
Sha1:   3a6e64cd0cc5e39b07faf5d08f35b05fe26f05f5
Sha256: 639b29b170edd72cccd3ec75322a470afe4482d0a9b921babf9ee31f9f0b56de

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /v/t15.5256-10/317625005_644176747493931_8246866586534230312_n.jpg?stp=dst-jpg_fb10_s235x350&_nc_cat=106&ccb=1-7&_nc_sid=ad6a45&_nc_ohc=FSo036ZPMYUAX8QV3CC&_nc_ht=scontent.fdad1-2.fna&oh=00_AfAz749z7WQFfNKlJpEBq7ojuE_gGBG3LInws2OfRhGQbQ&oe=63908243 HTTP/1.1 
Host: scontent.fdad1-2.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         113.171.72.148
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 03 Dec 2022 12:47:53 GMT
x-haystack-needlechecksum: 2200574690
x-needle-checksum: 2356142106
content-digest: adler32=2941310671
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
priority: u=3,i
content-length: 6095
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 197x350, components 3\012- data
Size:   6095
Md5:    2289b9724f389e7d5a816c526ba9fd3c
Sha1:   c43df760ce497b71f402e28df2aed2d410fdd03e
Sha256: 9e01d21cef298f9dac3ee9fa1b48538d4b2a5ec56f54efdd130a004c603d50eb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=166366
Date: Sun, 04 Dec 2022 15:06:16 GMT
Etag: "638c9e46-1d7"
Expires: Tue, 06 Dec 2022 13:19:02 GMT
Last-Modified: Sun, 04 Dec 2022 13:19:02 GMT
Server: nginx
Content-Length: 471

                                        
                                            GET /v/t39.30808-1/280126536_348173274078075_5640280424512992360_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=109&ccb=1-7&_nc_sid=7206a8&_nc_ohc=TJicgsFHHqwAX_imb1P&_nc_ht=scontent.fdad1-1.fna&oh=00_AfC4ni5COR7s0Rv0QNT8_ebhUG6VKOUYRYVKWPD15iehRw&oe=638F9372 HTTP/1.1 
Host: scontent.fdad1-1.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         113.171.72.17
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sun, 08 May 2022 02:25:28 GMT
x-haystack-needlechecksum: 951195642
x-needle-checksum: 1583578243
content-digest: adler32=2502280146
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
priority: u=3,i
content-length: 890
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 40x41, components 3\012- data
Size:   890
Md5:    fb2670c035ccfd1c8d332607d9f1fa2a
Sha1:   5ca29fef440dff3cc8944f3dfaa51ce05c907e19
Sha256: 32c8897d8cf8becdff0660048fb232350ff088d3b8ec973ba288dd47199af4c5
                                        
                                            GET /v/t39.30808-1/313919266_1024009768463314_1058686424103050083_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=103&ccb=1-7&_nc_sid=7206a8&_nc_ohc=x1LyxdCRP60AX_rljuj&_nc_ht=scontent.fdad1-4.fna&oh=00_AfBjiaOR28aRxFPmQs_6ZVb6-fvmK5FFDNg-XaLFzHjodQ&oe=63904C86 HTTP/1.1 
Host: scontent.fdad1-4.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         113.171.128.81
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 03 Nov 2022 12:54:16 GMT
x-haystack-needlechecksum: 622801680
x-needle-checksum: 2562208644
content-digest: adler32=3516212974
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
priority: u=3,i
content-length: 1092
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 40x40, components 3\012- data
Size:   1092
Md5:    1d2fd893e72fc7c5df1450ab322a13da
Sha1:   74850b74a31bc2ab1beb54178f2f236256c1ca41
Sha256: 0e63fa670ae2fe96ec991ebd0abcf640273e6f680482f4f600e36bf557d9b34a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4800
Expires: Sun, 04 Dec 2022 16:26:16 GMT
Date: Sun, 04 Dec 2022 15:06:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4800
Expires: Sun, 04 Dec 2022 16:26:16 GMT
Date: Sun, 04 Dec 2022 15:06:16 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 62175
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8989
Md5:    a6e7b32ac999cf3c899a234c621fa91a
Sha1:   fc5d4f3163ebb9faf85968cbb1d194e8e68418be
Sha256: f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 62535
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 62617
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8315
Md5:    db1701b7b9d161a0c935bb6e10b17893
Sha1:   22a8c4bd58c729c1abcf794466e8f3231dfb034b
Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 62194
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5681
Md5:    43309032a892c486f9985ef520df696e
Sha1:   36f4682ca6a33ff80ee02129c77e6f27e996ede0
Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
                                        
                                            GET /rsrc.php/v3igmB4/yO/l/makehaste_jhash/UfboxSTObMzG2JfzsNTQwqeov9oWduFUNra6IoLgooPKv0e5zzYUYMvEIHR-IitROhxN4K2qMgiZpeZb7fhsmVBhsytNHBJXKG0A5cCkTVWF_k4OO1vqDVL8jtn7Ob-BIm1PJKvNaY0a88iqwFvh-REIae9CaIj-WpLGrQPyFshZk2oJb9t84emNXkR4yNJbiTjhCI8xKX-hMDAeNshsLy1nuUs9LgeB92Z3jYBtCtqNdpz9m6xNsKWcegStmSlxNcZ_24BxH0fh6r1tX7vuubPm6kCkl2k1bexQUixYkiWd58Tl6UDiY1PM19PsZfzcF4iTCtPDdk.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 06:48:52 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: ZihjHo5kzPh2s1yeB0ME+A==
x-fb-debug: p1ra5ieMgYva/wGjAJelO8kmP1t2hA/ZvQO+JarpcQsfnqe4WYFcE7EepA7/OKOBYzpHmfOySAWQEy59v7LPBg==
content-length: 135159
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10431
Md5:    2636f91bb8fa4d9bb7bef114c248a9ae
Sha1:   8637105f41058bc0d2b259d462b560881928adb6
Sha256: 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 33056
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16143
Md5:    14dcca2a9c4792d835ee709bcd947402
Sha1:   1d702df3a64258628f4124eafd580695f2d350af
Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
                                        
                                            GET /v/t39.25447-2/318087437_207198448357953_2870573580858838190_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=-JhIZIHgHzUAX90aUFc&_nc_ht=scontent.fdad1-4.fna&oh=00_AfDwA7z_Sv9B0Zi3jK-k-KF_dMeDg4pJTJ2KuzU7CMFF-g&oe=6390376B&bytestart=0&byteend=840 HTTP/1.1 
Host: scontent.fdad1-4.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dear-shade-cloud.glitch.me/
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         113.171.128.81
HTTP/2 302 Found
content-type: text/plain
                                        
location: https://video.xx.fbcdn.net/v/t39.25447-2/318087437_207198448357953_2870573580858838190_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=-JhIZIHgHzUAX90aUFc&_nc_ht=scontent.fdad1-4.fna&oh=00_AfDwA7z_Sv9B0Zi3jK-k-KF_dMeDg4pJTJ2KuzU7CMFF-g&oe=6390376B&bytestart=0&byteend=840
content-length: 0
server: proxygen-bolt
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /v/t39.25447-2/318087437_207198448357953_2870573580858838190_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=-JhIZIHgHzUAX90aUFc&_nc_ht=scontent.fdad1-4.fna&oh=00_AfDwA7z_Sv9B0Zi3jK-k-KF_dMeDg4pJTJ2KuzU7CMFF-g&oe=6390376B&bytestart=841&byteend=932 HTTP/1.1 
Host: scontent.fdad1-4.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dear-shade-cloud.glitch.me/
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         113.171.128.81
HTTP/2 302 Found
content-type: text/plain
                                        
location: https://video.xx.fbcdn.net/v/t39.25447-2/318087437_207198448357953_2870573580858838190_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=-JhIZIHgHzUAX90aUFc&_nc_ht=scontent.fdad1-4.fna&oh=00_AfDwA7z_Sv9B0Zi3jK-k-KF_dMeDg4pJTJ2KuzU7CMFF-g&oe=6390376B&bytestart=841&byteend=932
content-length: 0
server: proxygen-bolt
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /v/t39.25447-2/318087437_207198448357953_2870573580858838190_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=-JhIZIHgHzUAX90aUFc&_nc_ht=scontent.fdad1-4.fna&oh=00_AfDwA7z_Sv9B0Zi3jK-k-KF_dMeDg4pJTJ2KuzU7CMFF-g&oe=6390376B&bytestart=933&byteend=21357 HTTP/1.1 
Host: scontent.fdad1-4.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dear-shade-cloud.glitch.me/
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         113.171.128.81
HTTP/2 302 Found
content-type: text/plain
                                        
location: https://video.xx.fbcdn.net/v/t39.25447-2/318087437_207198448357953_2870573580858838190_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=-JhIZIHgHzUAX90aUFc&_nc_ht=scontent.fdad1-4.fna&oh=00_AfDwA7z_Sv9B0Zi3jK-k-KF_dMeDg4pJTJ2KuzU7CMFF-g&oe=6390376B&bytestart=933&byteend=21357
content-length: 0
server: proxygen-bolt
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /rsrc.php/v3/ye/r/MVdFKmgHJhR.png HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: image/png
                                        
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8GBFioKcYC9LtilsmlKkdw==
expires: Sat, 02 Dec 2023 19:38:32 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
x-fb-debug: BKNg7d94ksjLMgLcM0+QLKgDp8TyryFG9tVxDBVZure7OUB/tv1tE3a3ls/6GKuGoYg9V6m3MXEc9SRqr44idA==
content-length: 8447
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 189 x 190, 8-bit colormap, non-interlaced\012- data
Size:   8447
Md5:    f060458a829c602f4bb6296c9a52a477
Sha1:   4365a2694cbc6bbda4f2ebd97bd4bbba8b264238
Sha256: 9304866cae1975dca22748467ccf68acf967da2f6be3ac2915dd05f70ad4b8bc
                                        
                                            GET /v/t42.1790-2/317971371_656828365923872_7600234668678624806_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=p56kiQ_FuEUAX_YAhFk&_nc_ht=scontent.fdad1-4.fna&oh=00_AfBI7DOdMUo8w4GKTr5V9ahukZ2EcPXq-yrYPQIIcE3d4g&oe=638B6799&bytestart=0&byteend=782 HTTP/1.1 
Host: scontent.fdad1-4.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dear-shade-cloud.glitch.me/
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         113.171.128.81
HTTP/2 302 Found
content-type: text/plain
                                        
location: https://video.xx.fbcdn.net/v/t42.1790-2/317971371_656828365923872_7600234668678624806_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=p56kiQ_FuEUAX_YAhFk&_nc_ht=scontent.fdad1-4.fna&oh=00_AfBI7DOdMUo8w4GKTr5V9ahukZ2EcPXq-yrYPQIIcE3d4g&oe=638B6799&bytestart=0&byteend=782
content-length: 0
server: proxygen-bolt
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /rsrc.php/v3/yx/r/jb4CwPYd6eX.png HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: image/png
                                        
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: AqS24jlFwWf9U0EpEjNpQQ==
expires: Fri, 24 Nov 2023 08:22:31 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 7X99ei8zad9vjdrDBFS4/Y85OtM+YhspJ8bFNziiLHPyiciRIp3gOM1lEtuV5+8hmfP3AO4lugloE0WZcT7UjA==
priority: u=3,i
content-length: 25760
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 111 x 349, 8-bit/color RGBA, non-interlaced\012- data
Size:   25760
Md5:    02a4b6e23945c167fd53412912336941
Sha1:   e482a64d6eee9cfd686f69188d60f57c79cf97b6
Sha256: d496cbba5ff262b9a87afb052e053d4885942cccf359c6918743fefdc4c2a19e
                                        
                                            GET /v/t42.1790-2/317971371_656828365923872_7600234668678624806_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=p56kiQ_FuEUAX_YAhFk&_nc_ht=scontent.fdad1-4.fna&oh=00_AfBI7DOdMUo8w4GKTr5V9ahukZ2EcPXq-yrYPQIIcE3d4g&oe=638B6799&bytestart=783&byteend=958 HTTP/1.1 
Host: scontent.fdad1-4.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dear-shade-cloud.glitch.me/
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         113.171.128.81
HTTP/2 302 Found
content-type: text/plain
                                        
location: https://video.xx.fbcdn.net/v/t42.1790-2/317971371_656828365923872_7600234668678624806_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=p56kiQ_FuEUAX_YAhFk&_nc_ht=scontent.fdad1-4.fna&oh=00_AfBI7DOdMUo8w4GKTr5V9ahukZ2EcPXq-yrYPQIIcE3d4g&oe=638B6799&bytestart=783&byteend=958
content-length: 0
server: proxygen-bolt
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /v/t42.1790-2/317971371_656828365923872_7600234668678624806_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=p56kiQ_FuEUAX_YAhFk&_nc_ht=scontent.fdad1-4.fna&oh=00_AfBI7DOdMUo8w4GKTr5V9ahukZ2EcPXq-yrYPQIIcE3d4g&oe=638B6799&bytestart=959&byteend=17796 HTTP/1.1 
Host: scontent.fdad1-4.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dear-shade-cloud.glitch.me/
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         113.171.128.81
HTTP/2 302 Found
content-type: text/plain
                                        
location: https://video.xx.fbcdn.net/v/t42.1790-2/317971371_656828365923872_7600234668678624806_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=p56kiQ_FuEUAX_YAhFk&_nc_ht=scontent.fdad1-4.fna&oh=00_AfBI7DOdMUo8w4GKTr5V9ahukZ2EcPXq-yrYPQIIcE3d4g&oe=638B6799&bytestart=959&byteend=17796
content-length: 0
server: proxygen-bolt
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=166367
Date: Sun, 04 Dec 2022 15:06:16 GMT
Etag: "638c9e46-1d7"
Expires: Tue, 06 Dec 2022 13:19:03 GMT
Last-Modified: Sun, 04 Dec 2022 13:19:02 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: CometJSSemPixelsContainerQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1029
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: AW4QJVBS04GH3GRP
x-amz-id-2: 6kcBL70RrWABda4PPnb3Cs8pfooBRz3Uemy62RU3v4u8lKmTmg0WyWo2x6jG+/i/nzhSEcGR+io=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    7f0468709821523a5f6e4b36e140875d
Sha1:   aa58c1476a8cca06395ee9182e6e337c58800733
Sha256: 0aa3851d6849e69d76e4a8c3e7fe675835c46af4814ad03dd532707ed96e55e2

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /v/t39.30808-1/298949176_146219458051532_8442555072308741830_n.jpg?stp=dst-jpg_s160x160&_nc_cat=111&ccb=1-7&_nc_sid=7206a8&_nc_ohc=i9nK8rieckAAX9IkJ7z&_nc_ht=scontent.fdad1-3.fna&oh=00_AfAgYs3s2pjVLdVIv7lHk2xwvxi1u-oy5y-dCt0esT3-7Q&oe=638F62F0 HTTP/1.1 
Host: scontent.fdad1-3.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         113.171.72.209
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sun, 14 Aug 2022 11:59:38 GMT
x-haystack-needlechecksum: 1351615963
x-needle-checksum: 2197747536
content-digest: adler32=287001534
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
priority: u=3,i
content-length: 8486
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 160x160, components 3\012- data
Size:   8486
Md5:    c6be0bbf72799d7a42494d5fa174d797
Sha1:   0bffceab596a1250e2e9242743d8e0cd19e1a744
Sha256: 4503b808d1a480bed5a750efb1cf35b25a7cde94cc140d8b38d4125778354312
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=156626
Date: Sun, 04 Dec 2022 15:06:16 GMT
Etag: "638c7839-1d7"
Expires: Tue, 06 Dec 2022 10:36:42 GMT
Last-Modified: Sun, 04 Dec 2022 10:36:41 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 581
Cache-Control: max-age=154690
Date: Sun, 04 Dec 2022 15:06:16 GMT
Etag: "638c6e65-1d7"
Expires: Tue, 06 Dec 2022 10:04:26 GMT
Last-Modified: Sun, 04 Dec 2022 09:54:45 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v/t39.30808-1/275113244_494990915607162_208581824775858185_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=105&ccb=1-7&_nc_sid=7206a8&_nc_ohc=pY3ojpT3yRAAX-FFuxU&_nc_ht=scontent.fdad1-4.fna&oh=00_AfDOJ721WLNbkwmXtMDOYQgT-snJFXzSh90ESy-9ZnL3zQ&oe=638FFBE2 HTTP/1.1 
Host: scontent.fdad1-4.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         113.171.128.81
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 03 Mar 2022 12:04:30 GMT
x-haystack-needlechecksum: 3048887924
x-needle-checksum: 4159887050
content-digest: adler32=2264415386
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
priority: u=3,i
content-length: 1140
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 40x41, components 3\012- data
Size:   1140
Md5:    0304209c56f09558bc3601b9c142d6fe
Sha1:   f080d83390e2338f664cda194aa2665e7605ac0a
Sha256: efc2a2d3f79ef968f6d3211543405aee1b0f49015f03472d9db3a2626656b9b2
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: StoriesSuspenseContentPaneRootWithEntryPointQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1925
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: AW4K318QGY79D685
x-amz-id-2: hU/3BTxe/qfDwmrOWMstC1VsDekgy9pZf8sfZw/rW2brry2pHRcB/pa5YTXcUTURkHSw6WmLpwI=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    0f4862e447df95926fa16efdf1964c53
Sha1:   474e6f8200ce2664f6f332205f35998aaa40e715
Sha256: 8ae8cdb2f082c31111e7fd5f0d8f4afa26b8ac12ff8866065fc6f7ce8a65b429

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: RTWebCallBlockSettingHooksQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1030
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: AW4WNF93C09KTKN8
x-amz-id-2: CXIECefehSbMhs0phVlKq1lqZmYJLrVbXxYjHZ62LMKc7BLZGs+BoiNNQGfvd7ULK70A0F8srM0=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    3723e31cf87078abaf707c6d8b71a63d
Sha1:   d4ee0115f86b19f622e7fd6068e61f4ffffd311d
Sha256: dc0b8fd02d0c6d24451ad496ec7285a775150b081467a674a6370ea1d62bc87d

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=140789
Date: Sun, 04 Dec 2022 15:06:16 GMT
Etag: "638c3a5d-1d7"
Expires: Tue, 06 Dec 2022 06:12:45 GMT
Last-Modified: Sun, 04 Dec 2022 06:12:45 GMT
Server: nginx
Content-Length: 471

                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: AW4JXTAG64R2K47V
x-amz-id-2: Am+Ivyr3Xjizg3J+rbwNRapw8e7TlggEoqbQErl9fGMGQnytFDaVwUkWvw0YgtydPi0tMgDkWSE=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    c036d4114649db5a2c4004a401fcde5b
Sha1:   fc91c1a71204bed9f1062e231bdb6e96aa3a7e57
Sha256: 3898d204bc6a709e5e32803e3fd1956ede651be602c48143b20ac26efbb4de2c

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /rsrc.php/y5/r/Mszq4yIBziR.svg HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: image/svg+xml
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 15:22:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: blSKpJhYagO9N89ROrpNFw==
x-fb-debug: 54HG0EsIvRnAwg11xTvQxK8qkbYa7Fx6NNYzsMBNQUkBWLEi2r/IXk8OQDLhIXkQhfXJGddP7eTjZEMIwvfCQA==
priority: u=3,i
content-length: 965
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Size:   965
Md5:    6e548aa498586a03bd37cf513aba4d17
Sha1:   b5203fd856b119ab251648eae369c42e80492a95
Sha256: 44869f9ad6ca5c40aa0e5d51692cb9a6a78e9b4aa477f896c34026fae9116056
                                        
                                            POST /ajax/bnzai?__a=1&__aaid=5297270053722509&__ccg=GOOD&__comet_req=15&__hs=19329.HYP%3Acomet_pkg.2.1.0.2.1&__hsi=7172903703993918399&__req=8&__rev=1006680768&__s=8f4byp%3As51xck%3A4ym7v9&__spin_b=trunk&__spin_r=1006680768&__spin_t=1670071786&__user=100079904362606&dpr=1&fb_dtsg=NAcNSCv_klBKzFYdwXcXrE2WcEiLxFYpHe3QghvGZ_EyUrfch1tO8AA%3A42%3A1670069580&jazoest=25624&lsd=hx3MG049-opfe7k7h0E1op&ph=C3 HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------272213309220257546282859429717
Content-Length: 16809
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: FAFPZ1KZF68AR7VB
x-amz-id-2: KTIIJmkEkMfhz+eL5iKXtF/EMhop8uGKzXksX1JarHeNaOqP7as9Tni1yGtr+O83eQjF6ePLlJA=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    5d7b7c3d78ea01e0cdfb84889eba6028
Sha1:   94c47cae9262e413757f513acd888f3a5172103d
Sha256: 3e2b5e17bb998fa572d1c1c603a35cd00b82cf787f3400f604b6256941e4cb06

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: FAFMMQ61JQS4XWMH
x-amz-id-2: nPDjqOPL2Al/oPw/yPJAfF0rHnAyd8DPlnzbFBBxSrgh65ega73KK4zU23CsJOfxhp60BV0Tm/A=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    fbdc40bc0eb1463a0b56b92687b61ae0
Sha1:   8150308a86d8dfcb7340b5995284361d1f2e6da3
Sha256: 7144b42f85cc8f8c9606fff02d5569ae76fc716b02434ddf471311af526b7fae

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /ajax/bulk-route-definitions/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1086
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: FAFNDCWE4PHYYG6M
x-amz-id-2: AGlrH8QyzT3Ue2o2IZNOIpWK7ia29NQzq5aE0ZFnBIWZlfgVxoHco8aRB8H0csUHNSPe5y0eSkQ=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    1122aaa6fdf26c5e5bf6b63d3ac1b00c
Sha1:   fc37ccbac6f8706025baa2cbc5cdc85cceb05018
Sha256: 49a1eb84b71082860e9d41f9e35f3e022b42970df0fc566b5f52e436e1481993

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=95824
Date: Sun, 04 Dec 2022 15:06:17 GMT
Etag: "638b8ab9-1d7"
Expires: Mon, 05 Dec 2022 17:43:21 GMT
Last-Modified: Sat, 03 Dec 2022 17:43:21 GMT
Server: nginx
Content-Length: 471

                                        
                                            POST /ajax/bulk-route-definitions/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 919
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: FAFVXF1ESSAJ1QGJ
x-amz-id-2: 5GslBDF0UM6EmK/Uytn8mihc1E5heYDgWCZ3eDq6QCDKwAoq1j5+vqEvX4KFCSfXw37sChULbrI=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    c4caaa9e398cbeeccfd7326398035445
Sha1:   75a77ff8f1864c1c58562ccf7fe80d465d19f85b
Sha256: c24f79d6d653b0eeacc910d482c98a7b9268d4a38acf434876d4fbc5c7c5a46a

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: FAFQMV15XDDEVE8K
x-amz-id-2: w3UMxfhn3AoDTI6I2zBzlfDEOhnruECnVWmMoaw2ZVpdggxLSO9HEKYAGAftUJNqiUxR+LFv2HU=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    0f05b4abebb9418f8d596dda1c7a9149
Sha1:   d6e74633d5c48d7c7af9d64487fd73711fac8cf7
Sha256: 9c80bbcfbdd781bc329ff651d8d7988347991ad7440d2581eeb0aa0e449fd9ac

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: FAFPE7FVAWPCYS7V
x-amz-id-2: HaVRYQ+oPRSVYAbLV6pyf77/xqPXk78LtPa9o2qS3EHOj1k15GmnYipE/iiG4Bvctpe1G3PJ7U4=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    1a04bfe79b58646272f5e1fa6023da35
Sha1:   681630539970c3ba24fc58059879b8962496192b
Sha256: edde2e92707b93355e83aaf22c0999dced896ae73129dab18ec7e59718b3a6c0

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: FAFM0KWZXNMYFZMW
x-amz-id-2: BykUhc45E1kAncNg5bZzZBk+kQdiJC4fcMYyUlmhWeQkWarxZHfBFUl/kmUKr+viUU31sZt7RhI=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    64fb122570c09953476242586924cb95
Sha1:   cbd3571cab8e730f87d32535c8f5a21b5c353fe8
Sha256: efaacc1a297b4216985bc97da435b8dc085526cae095b8cfb6716f7257e3667f

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: FAFYE0ZH3YK772A2
x-amz-id-2: tPr+zo5ofQtCXRRyyprOWz9EWvLYQFqPrTmpgrr/LLKGWVDQGh/A8eeBwcq16ab6lzmyzCtlmyU=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    30b5b9c8fca037373bc241a990809bb3
Sha1:   561152e237e8a844a0b42398e36db48dd8ef53d9
Sha256: dcb1956712cbf39ad0ff592a1f1a2f8707f18d659c25a2f4391cbf783d2844c0

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: FAFV8WJP9865GSY2
x-amz-id-2: c4vkXgYk6X844p+FVO2Kvav158R6RJOQR/n83wA5E9ad/YpwW22WVuTj4ijKpJH/awoapQrK3Mk=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    4222b6aaa06a92b375c63c2ea206e28b
Sha1:   0017e6120ce079e3a79357b46e9cdfefde0d8af5
Sha256: 665df6d86ec2cc5b16737247d442bac1db5f0f577ea8d9b7b8a84d3ef5946f40

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 2863W52Y4A774WCD
x-amz-id-2: SRAKdvnAmwJNu6G9lMhrNODqDVdnl7GzLqO+C0AzVRJ/gknck9D+NGIPanx9AbGKf97X+hM5F1Mb0QyxXpehRg==
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (321)
Size:   360
Md5:    fdd5bff4e86712b0887c291346c9b4c0
Sha1:   4ee2443db2cd927fc9d602318d9fce971e6da000
Sha256: e1e8478897078c8268614337bdbb7caadfe01c1f14bc835e8438bb54bed636d1

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 2866SXDV8PFGASJM
x-amz-id-2: LfXOGoVnEVzP7cJAUNRRfflfTPslYX0WdYqvofwQyQDiqj/P3aMCEFbRWkkGd4dhRpgFvjf4IgC3CuH9onhdOg==
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (321)
Size:   360
Md5:    725a1ed17be74f4a44d437deaf45e212
Sha1:   f1a9846fbdf3f3c9f2629e5d239f44521bed7b65
Sha256: 10cee9f8fc9d09218f14e2bbe718626086110e3eaceae6fe7500d81cb1c8e957

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 286ANMAQBH7V62FS
x-amz-id-2: W9TumkcieyvL2KJtpj9vyu3WgujHTJ2TcCSHe8yXFHnOtIvbAgd9nWLT1Ks31J03D+6eXM+5/J0=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    5f28ea0d1eae87ba87e6b669f653514e
Sha1:   d021ba9db713bd0bd9c6f89abc3b32774a33dc56
Sha256: 578c663fcf13a036f559aa0d10ffcc16babc0446a558c7beadb55616fbfb34d9

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 286328YRFZN37AG6
x-amz-id-2: kAYhb7f7J54P585TjOObyDe/H2iB8GC4dmxMCz9/IKNG/shKRyId32vm3Zwa+R+bVMP+74VE6Ew=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    d32128564a57807d289f5c0a9e8a6d35
Sha1:   1bd8ef7ab7b59e088dbeed2f9b7b8e8f28812b0c
Sha256: b8976e05e1e83b302543c1cf03ad328973d21e7ee7dd22ef059c63cf5b157008

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /chat?region=prn&sid=7256868896374783&cid=1e985a62-871c-4a8f-870c-91306d5bc8f4 HTTP/1.1 
Host: edge-chat.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://dear-shade-cloud.glitch.me
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Wk9pXEmHv5v9s1T0T+O4Gw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         31.13.72.8
HTTP/1.1 502 Bad Gateway
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Proxy-Status: http_headers_parsing_error; e_isproxyerr="AcJI25nAgEAt7qjO57Oeuf_sXiPZwdcdS0K8Uz93QE7tQRIEXOneImPxcw0qOg"; e_clientaddr="AcKEtUOtWt7LfWFswUimr1LCn8c0GliDOmaTr8B8gGragjvpWvO2zjkzVeJdzorA4jwqmn4AIMa1vqh7zs3-YZyS5PkuekbBt-b_768"; e_fb_vipaddr="AcJwlZFOhuJVfmDvuYO9pmpWd5zkuxbwbNF94LGwXP_5BdA3kW_dZjezfva9ey46-L63VnMSVWFuW0kUxIl_RG0ivUHXh6mbKH8gQg"; e_upip="AcKLbNP_MS_PNE2PsG7OIeLKhaLMf3Gm9uhU6AGn6w-DJXfoDjiOX60PwphK5wd9h7ZfD7S5ZdXekzCAs6fNHNI09Ms0tJ0"; e_fb_builduser="AcIPTMbM3OTW9CY56_QvDDwbkvpM3_T_JjjGVFm4oOCfeTIYDVzhgziF_3X_k6J6KCQ"; e_fb_binaryversion="AcLu7cscbYYJbLMY-5T7OxZ8ifAABskuUcX12P3Dz5NfehpCZa0VS1cXI8xf_xe7W05ark63a9PCPMFKfmzZF13AXUB4bEqv4aY"; e_proxy="AcLAOBf4tumtxuJxWB0QrGMxIpWHRH2UwsT125lyFlnk7kkrwbTYMuKpAwQlL3EEC5kOKHFv42iXcxb3ztZn"
Date: Sun, 04 Dec 2022 15:06:18 GMT
Connection: keep-alive
Content-Length: 2959


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   2959
Md5:    1b3375bfc39752165b3cdb8758421944
Sha1:   7115233cfac88fe8a61f173fc0b75bde889dca98
Sha256: e2af6fe689466b65a7e1d1f82aab9f1d3d7997abf3d9c21bfde3195e1c0f29cc
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 286D0MFP8DS144D7
x-amz-id-2: cU+bO0f6Zuf8jMMJKG+voWi8bl2/lPiYrSFwcrXnj6jf/S4zulZO1oSIPyvNNY8Ove5G25GHJbI=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    9b3b5dc14e8655c92905ca9dd996e3e1
Sha1:   00dffce615b3cc36ae9943375f60f1b4d7c7b861
Sha256: febdd90c38869ed79744b26c79c9c9570aa1b3d017a9e8e6b49fa690d5c083e6

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 2868RA5HA3F7FM22
x-amz-id-2: XRA8wyNliXnGbBE5UKIIykRxl2MFZtcXyM6bvpam9H6ZVXCLRLXdy23HDAZU3hbDfTVsv5d2vkc=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    91b4fb92e377cb29179e0409f8b8e33e
Sha1:   904f400f0c46911a033467b5842288cdc0a219fc
Sha256: 49465a7eb5a8efc9c47abc35255c0dcb9e9055d3fcd6501a984eb3bbf258d1db

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 286ATMB2YJ268ZKE
x-amz-id-2: Cy/1bGG3tK2E8J9VsEnJlQULsHujnTdEjNfGc7H9BEKRx2P53dG0hl+vVtz01jE4Ariw7TvqsOk=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    52e5c8d7f4cce0c66597cc5b1eb0e330
Sha1:   5ab72fc62478a8b5d1ce3ae6978b7a1eca13c258
Sha256: 23af83e1e626c4af180310a054c8ff30ada7588c195463b2eb5cd31306384e47

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 6QVC0W7ZXVYS543D
x-amz-id-2: YSl8JApnpyq+1mfgvkFgq1CVdtrql8495zC3htGbdTteZvwql3QAM1Gjn/86J2xdQHgp1F9DgSw=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    628d3ee5997978b6d1d3d80ad0030d3c
Sha1:   168ec844a7c67a5a2cef1eaa1730b24e064859b5
Sha256: 52222e8aadab085c477114f93ad015641423fa5f84431648e85ecb8394c63d76

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 6QV8HYTDK5TNKPAF
x-amz-id-2: m7g1YT03wxhn0WCyu7DGu9619OUrCztwb5fttIDN1lY+juxMomfkcrtwzEGJXuP7hA7q8li0Bl8=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    43eadb15c94b42bd3fce28f02dc7efcc
Sha1:   588482b519ded13f460eb80542038855e3f5e130
Sha256: a702320e69b400f991da939b5819c0e7926f67cf4fa6aa98e2282675d718dcaf

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 6QVFAXC6YQTT4CK0
x-amz-id-2: 3mxqz0ra7/NONuEGubynxcX3dvzw2pIaC4vCMhon2g+iht7KYru9DPof5utINW1mREjM75b33Wc=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    0677fb970dabc261a25470fd051b25b1
Sha1:   d5991f36e2b54f85969ec0a4e089b94c18d6913f
Sha256: ecd6a21be9cc8eb4c91dabd196e96977a119ff7c159a4ca81f1507d2667b17e6

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 6QV8BV5DYCZZSRFF
x-amz-id-2: d+IHk8oPgScdgsoKTom5zdmkKMikndIozDFMv9mWuftGLJJLRPymcqtzQfpSlZpJRSPlkIBDVxQ=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    95c12b2ce266f962e77f61347ffbdb6d
Sha1:   d0bbcf7f389d471980307329f691f02c368d6b5d
Sha256: d3ec25f2e5877b0029db67462676b33ae18304805ed1b426d17bbcddc42e7df0

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 6QVA2KAE1NFY65VT
x-amz-id-2: VhMDT32GPxCltF0c4Uxnh5o1RvDhQsT1pDw1ow+ZNzJ8DsmtA9+liKdh/3+eV8DQoz85WDhPkIk=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    85f262eda793c00a3def86e7f6a129d8
Sha1:   586abe9bfd0f291d783fe3a2e3e1b77e86bd285c
Sha256: 74a0330e28bdd85df456c07d4e536e8c0ac053dd71688efc8d6a05fb91b51370

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 6QV5RFJ93TY6APM0
x-amz-id-2: L/cU42iWSJ40j7Ps5k/CHhMunzuP4oLhP0PL9Ovm3/eVxW7y1zdCF7TEN2O9EEG1Wh3/ocGeFZ0=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    883592915ee9e727916725c832ef1a1a
Sha1:   c47698469cd7da7d3efb721cd0f6599082d3eb39
Sha256: 53cf5951e7647c45cd00b84edb274fbec233c5a92024c6241de616fb4ec88b3a

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: GP8NR4YYYGQQ1EYA
x-amz-id-2: WEUQV2TTtpgvF8zVD3R4vkXvD+g031JTui7BxO67SuSBsFrOartoJu10SJfkanSpgsPNE8i3wUU=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    bd6681b150e742c2051ec3bec099b9a7
Sha1:   6a25ce3498575990283d8474ad69df8bcf435c1c
Sha256: 688b4e97385186e8d693e7495d25c0483a8e132fd488abdcc087d8587ce0725c

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /ajax/bulk-route-definitions/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1086
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: GP8SPYPD3RZB66YV
x-amz-id-2: NI4Nh4RSvCt6ujOzDPrOk5t/21wYN/kta4q7Nxb0FYyGxKm/c+9iv2TRdNiA+lVxinrDHrnEvCs=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    3e7024603339e3410c9b9efab88afb4e
Sha1:   24d877933d4be8bbbe9ead7ada56d94500778764
Sha256: 3832ac0b98cec02e70d9a6aa0accc0d122d5af4e18bbbdb37ecfcfa6a18636b7

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: GP8W3WHW620B11YT
x-amz-id-2: ZxnHulhsaT+oqR43GcR0WDpkyNVgnDZK0V1rx8wEqelqUuKzdU1SAx7T5XuB8VbwfF1w4xzn6k8=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    199c3690c3bc492515848969d4729a23
Sha1:   fc90b4113c6d67d33d54dd797657faaf6191100c
Sha256: 267f05318b98d82b64d68e3464ea89dc4654b88128c41dc2a1f3796ec0bf9cb9

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /ajax/bulk-route-definitions/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 919
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: GP8XDJARZBQ4YTEG
x-amz-id-2: Tuc3SaiKXFTAH1BEoc5u9n8Ht/hX6TTyZSWD2v8s18MSGc/cG3eYek16d33EZJMIDW1L/fLUE+g=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    7725c6e7fcea405ba5a3ec28b200816c
Sha1:   ada766fa9a98c53b482a6c3e69fa44790903b937
Sha256: faaa49bdca56d82d24cdd6eb05b348a4cea89d4a2e2f0d6ab2b5bf64db1edaf5

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: GP8HVACAXH57WGME
x-amz-id-2: OWD953pH431XyEzuk3RKquN8uvVwQm1vXqhJm16apC6ATpAdllVHdc3s1dw2jzlgs5026L1Fwco=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    5d42c110c2919ee3970db8871fec284b
Sha1:   37ade6f0d6d5fa2a1ece803e73611b5676add9a4
Sha256: a5af5f95b60ac7d9e82b05b6918450962d23f97aa1f99bb403ee2e30c8b7af1d

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1411
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: GP8P2EM96ZTQBPKG
x-amz-id-2: nhQ6hwsO5W43E1IjXRnyHh+SLaR6P7mboCeY5nBtxRcyTOuFCf9O5GXvoR3MhlhN02MNr4A506I=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    ccdcda402ab2134c0640ee4f0fc5fa5b
Sha1:   f00053c650b9d56a0d5984c93a56683236d215ac
Sha256: 06da372845e7500debdb0c2e8a9eaee8be5edf4d9448ee2e38df477d6b09f85c

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1412
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: GP8XF25QJC1A07H1
x-amz-id-2: jO+jIFF4nVc9JYWMjFRdF8d0DC8mdkC6X5I9oY82kJXQ2X1PN86aZLWpyMKGcJu6lyAntVm4CnU=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    82e0fda9c6cb558a1050db3943505efe
Sha1:   6c1929866ce2e2f8c143cc7de367f39777c84841
Sha256: 29bd53d667acf1ebdb7f5ea178ae3043c792bb41b5900c0280b5f5cd1661874c

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1412
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: GP8Q66T8T8PR6C59
x-amz-id-2: eTULN/xb0/JvoyVVh7nM3Sp3NilwqPH4ETGmrv5F7Djfc+fpLVXXf1aOSX6EkHlG1mKZzkv+URk=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    99a6bed745ea2ffb0c078e37551ee11d
Sha1:   c8230fa31d0f735274635f77035a8e7c57d3711d
Sha256: bb70cbece2f12160d8b298b2b6e43286019aebd2b589f6c314f6c201defe93ed

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1412
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 2BE146783RMAVEW7
x-amz-id-2: mWDTEem+RKg8W+/4gAaXgkCFDT6IOox6mSQ42xKct025gXPAMgP//jNYeWX7L9o2i/tm9D4iqyQ=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    d2a346c00f7fe37d29cb445ef6ce1a73
Sha1:   9e530fa22c97a0657ed6f5d613e443021ba633a1
Sha256: cb8a1806f7094bd92a1009e4f528d13b8c30783359e35776a3603e978de001e9

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1412
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 2BE9FE7YN3QN2XKF
x-amz-id-2: pM9aGvEj7QKDOpI1FScFlz/rtKeME9KBuJR/d/Iby7O8tmsHWE04KSr6RUjL8XOXkf1HOVDxfxI=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    2d8d36158ac5011999ef10fde5a06a3a
Sha1:   fe1c4d46ef0a3543643d45923d52f653278c881e
Sha256: 7bcd75405a62f6a231de0ba529535225c0d626a0828707d33efc5e8bfd97e8d5

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /chat?region=prn&sid=1661098436591615&cid=1e985a62-871c-4a8f-870c-91306d5bc8f4 HTTP/1.1 
Host: edge-chat.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://dear-shade-cloud.glitch.me
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1s/SgFODP4YRv3nAgphIiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         31.13.72.8
HTTP/1.1 502 Bad Gateway
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Proxy-Status: http_headers_parsing_error; e_isproxyerr="AcLS2COBTylqrXXcHX7y61SnAnYs5T2v8cD1pIY3IqdCUz0nl4KtDsEG1-0YGg"; e_clientaddr="AcLIUIt4e0FqPWUpcOytVPDKkVHb7Q7fNcwI06Rvj9QHMFN18vbmsZjzKb0AkMgwiE3J41YUONO9WVp5TVSjvv7p0T2rCpN2o5Buf7-C"; e_fb_vipaddr="AcLFCnYvBCXiZrsBfLo1eCo4qVtXMDownGlkCpYPI8smnctvvT87BSBSUJ-j7os--rzapW4xnZenhZOqMcfxL0h9vKpa3qMh4hzO8g"; e_upip="AcISrUBQ-xOtZsxxnnK0U6XBnhyoamiVDJRDfljqzpAW73frtcVaYBwncWTCKHMT5AXbgT5XKRgL-_UCjKZtnO0XlMsGul4"; e_fb_builduser="AcIZa98sWut1VWj9UvCYaSAZUcXAB9lmdnjcSf_2ErACUYBlDbg9JhSnz8_hB1OR0bg"; e_fb_binaryversion="AcLK2g4_Twqad66FIRfbmZOb6pKAq7TMGahAW93t9Z5XgWGvp-59FH64LdqnQLkFyPRrfx0ffAb1iXjS0QFXAuBkgiWdjzBlvX4"; e_proxy="AcIzS3dVufRqKu7g38lnebfP7h8PAL8QlghsRK7HuqlQpOEKuwKI1sbbl8wF-gDedX-YjIACiYK6cvVoJYMP"
Date: Sun, 04 Dec 2022 15:06:21 GMT
Connection: keep-alive
Content-Length: 2959


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   2959
Md5:    1b3375bfc39752165b3cdb8758421944
Sha1:   7115233cfac88fe8a61f173fc0b75bde889dca98
Sha256: e2af6fe689466b65a7e1d1f82aab9f1d3d7997abf3d9c21bfde3195e1c0f29cc
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1412
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 2BEA6P8DDQX7EP55
x-amz-id-2: /EqUmSmoy7xECX2OkNRLnNShvApySoaLunoh/fqp5v920OLlxRKTmEG50BwhJCslI7vojAdwaPo=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    91d1345478b347df62f64df236860581
Sha1:   e1cc43be08209b9038d973effd06043929a61790
Sha256: e08772927b55018ddfe762cf6f088fb5ad276a179b4015287487af6f610e62c6

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST /api/graphql/ HTTP/1.1 
Host: dear-shade-cloud.glitch.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: useStoriesViewerBucketsPaginationQuery
X-FB-LSD: hx3MG049-opfe7k7h0E1op
Content-Length: 1412
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/

search
                                         52.4.141.177
HTTP/1.1 405 Method Not Allowed
Content-Type: application/xml
                                        
Date: Sun, 04 Dec 2022 15:06:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 2BE1QG6P6YH8252E
x-amz-id-2: UHWvcIM1k59OJAY7POVO7HeXbY1OF69ouoiGMBv7+aukETPC5dQLm6dUCsbWFmBs3P0/rElw+s4=
allow: HEAD, DELETE, GET, PUT
server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with very long lines (309)
Size:   348
Md5:    c31319c42520f97df8edc0d6575880f3
Sha1:   fd55f12e891e98fe2d1416ae1601f5a324e00e97
Sha256: 5c56b92ec0625c722fded63a996a0a747ea843a5d44dbfa70678f187681af2bf

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /rsrc-translations.php/v6iXuB4/l/vi_VN/F2fLWlXic-eCzqlQikGzGL8UkXHL5zfz1gcE-xrRXVKFxXcNTQJvD4PjiaJ-uR-t0M1XX1kw54Vy4-r3l3Wi_Tg2.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 13:24:00 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: afurdfW0wIe6m7v16NBCMg==
x-fb-debug: stk8wXcd1tEYab1O8fxuR7+ucb41aJ164iDzLWp3q3LunYM5VckUNYD8w7EN4wCkj4Mi/9eo4qmhDR3mMGauFA==
content-length: 1910
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4372), with no line terminators
Size:   1910
Md5:    69fbab75f5b4c087ba9bbbf5e8d04232
Sha1:   f6545026536507664f76c44c14fc41b6e16f2381
Sha256: 319da47b26f0b2dfaa7c34829d57e270c3fa691a23006962668c5695d44d5894
                                        
                                            GET /rsrc-translations.php/v6iMAr4/l/vi_VN/ULHyqdKvCpJYOkt1zOYMZg3sXiXVydQ_YA41CEeZ9o4abpvNxbNHJQsb7yZrEACzBxUfJ7lMGkAvh.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 13:24:00 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: +5AjH88Rqnwe6YzxdzXQBA==
x-fb-debug: qnkqxAx+X5Gtiwd3qzMdmkpthwypLyVLcEJHEVFaXkdRUceU/okEymcxgJggm55HB3c9CJyJMDSPbVCTk2ygBg==
priority: u=3,i
content-length: 1335
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3131), with no line terminators
Size:   1335
Md5:    fb90231fcf11aa7c1ee98cf17735d004
Sha1:   337b819824938f16043f85c68fd4f4028b5606ab
Sha256: fde0bcbdf1603efe04d0756cc8d70b249546303065f4c5ae2bb68dbf1d6f8794
                                        
                                            GET /rsrc-translations.php/v6iUZK4/l/vi_VN/FF2uO4kPMp9aSnSlLn6_AKu2YjfavB7gzk4iqPhRmcyEpa1mMWb_TmdTjIzVJuAiWHby3php3sfIHoroX67gFsJk.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 0xCJAasmQKezgqOtgV9Hjg==
expires: Sun, 03 Dec 2023 13:24:00 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: pFsvFMEGBk1UB49011f6u7zlWOuLkmVoDXXRsVlozBJLfbpL87oa/GBzwTC9m93ZvtB5IlM0lIsvUeK45HGW2Q==
priority: u=3,i
content-length: 40
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   40
Md5:    d3108901ab2640a7b382a3ad815f478e
Sha1:   ffc3e0f75a3dff5ccb5c1c9a3b06e89e2bea21f8
Sha256: 65eee37ad29db3dd3d1bf73f5968db2cbc5569aeda63b9436ee0536e59c62731
                                        
                                            GET /rsrc.php/v3ilID4/l/makehaste_jhash/F2fLWlXic-eCzqlQikGzGL8UkXHL5zfz1gcE-xrRXVKFxXcNTQJvD4PjiaJ-uR-t0M1XX1kw54Vy4-r3l3Wi_Tg2.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 02:36:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: bslmL7cJQTiK9LS+lei/IA==
x-fb-debug: +sALFw2uZ9ooUfdKRm0r6aia2LYywC5Fvi1+ffZzsvq95rBSWJnM2AqgoFryd67ICbxgRfjq/Fc/zdDX1Y5akQ==
content-length: 84421
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6307)
Size:   84421
Md5:    6ec9662fb70941388af4b4be95e8bf20
Sha1:   fb8bd157249872710f8b576e4bf9879cb0e3b3c7
Sha256: f3043e3c45ae676c6b575c37de4412ea0a4c848578d6ce351bfe7a8c5f2a61a3
                                        
                                            GET /rsrc.php/v3i7ED4/l/makehaste_jhash/FF2uO4kPMp9aSnSlLn6_AKu2YjfavB7gzk4iqPhRmcyEpa1mMWb_TmdTjIzVJuAiWHby3php3sfIHoroX67gFsJk.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 00:29:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: aHSNtni0IfesRgqB/fVQZw==
x-fb-debug: 61UehkYep2GdnD1YUeoGv+iJ2tzPX0NupD8fvr/54AOZuhDCqKph3jCbf7Uz49KWFkB6RU/lxNuXcSmqWXFYjA==
priority: u=3,i
content-length: 41549
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3900)
Size:   41549
Md5:    68748db678b421f7ac460a81fdf55067
Sha1:   ac478b14fe15b733dd0c7c8bda0b332c4d09fbde
Sha256: 5603c79d104a5d93154dfb59e9afadc43025e8e75ffaf84535911c6e5af64b5f
                                        
                                            GET /rsrc.php/v3/yc/r/V1oUk8L7RKL.js?_nc_x=cpMnAPF3RMj HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dear-shade-cloud.glitch.me
Connection: keep-alive
Referer: http://dear-shade-cloud.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 02:07:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: xnuxeW4JEFK2+8UKlh9UCg==
x-fb-debug: zEvQkFw+dqr9qkgwEHE8RzStuV+yq+Ca4ifxnwdtwsqsC3+7H1wC+iydwQf8lfEXBlnVvUanG6MjwrXx57NA6A==
priority: u=3,i
content-length: 4417
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 15:06:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2