ffmemmbergarena.com/
172.67.218.156301 Moved Permanently 0 B IP 172.67.218.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Garena
fortinet Phishing
GET / HTTP/1.1
Host: ffmemmbergarena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 30 Dec 2022 13:15:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 30 Dec 2022 14:15:33 GMT
Location: https://ffmemmbergarena.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1j8R7vJybx9FWyUZOZiww9n%2BW84jhrNdMumBUIcuLQoEaOejRgahVy7FiEZwpfYNs0wIY9TcjDBcHama%2BK4rNfan18arptdENh02jt2HQX8nGy5ZUFFAEDNsbC3U0y38kqDcYeTu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 781b0b7f69d31c12-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d3098a490e8d38d4150d961624aa7b64
6ecbca59302d0ac5436f1723137d42523f629ea1
158e277ba0220577b59b15e4017b6c27f59295bcd7e5d0e52d027dc7c4309f0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "158E277BA0220577B59B15E4017B6C27F59295BCD7E5D0E52D027DC7C4309F0B"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Fri, 30 Dec 2022 14:30:05 GMT
Date: Fri, 30 Dec 2022 13:15:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e93d32de9bcebd3483b40a8fed30718
7e1fe5db1f08b75a079780717e4f18ad76767212
4f0aaacfefd27c89225a1a0d2fbe778ec4f3369b5e4e1599255bf12866196cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F0AAACFEFD27C89225A1A0D2FBE778EC4F3369B5E4E1599255BF12866196CD4"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20983
Expires: Fri, 30 Dec 2022 19:05:16 GMT
Date: Fri, 30 Dec 2022 13:15:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 30 Dec 2022 12:35:33 GMT
content-type: application/json
age: 2400
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d6d99cd1201f65eeb7d437b62bad1f3
6d5e41d7a2786ccaad7c7276ecdd9411f8cbd6ba
db2b42007fc4ad126c8af8d7cce27af88947231d09ded56da33cfee3d2594e23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB2B42007FC4AD126C8AF8D7CCE27AF88947231D09DED56DA33CFEE3D2594E23"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5112
Expires: Fri, 30 Dec 2022 14:40:45 GMT
Date: Fri, 30 Dec 2022 13:15:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: j7Dc9Sfd9yBEq/OEwdt9OvQUftQoFNXq5OVDUtx6J2DN4alLnpTuosaebAShHC+sL7GXFE9NxSk=
x-amz-request-id: EEG23D2XNE4NZZTT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 30 Dec 2022 12:59:11 GMT
age: 982
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Dec 2022 13:15:33 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1f2cbe014509ce17cdafe45658a0bd12
4b4d649c2646946b58897e61470553898ab27658
74fceff2a42b49636f58bb53b6db6286bad856e4daae20e8a33d090c47b16c81
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74FCEFF2A42B49636F58BB53B6DB6286BAD856E4DAAE20E8A33D090C47B16C81"
Last-Modified: Wed, 28 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 30 Dec 2022 19:15:34 GMT
Date: Fri, 30 Dec 2022 13:15:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 30 Dec 2022 13:08:08 GMT
age: 446
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 553f97ab8a2c2f1abe4ee932cf6dab42
9e9433075523efb0cf7d13b6811d237c4b48f099
8a7c26f298fb34ec9d5cbd977a2677118b9360ad3134bb56171c13d4d13da540
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3724
Cache-Control: max-age=161597
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Etag: "63aeaa27-1d7"
Expires: Sun, 01 Jan 2023 10:08:51 GMT
Last-Modified: Fri, 30 Dec 2022 09:06:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1f2cbe014509ce17cdafe45658a0bd12
4b4d649c2646946b58897e61470553898ab27658
74fceff2a42b49636f58bb53b6db6286bad856e4daae20e8a33d090c47b16c81
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74FCEFF2A42B49636F58BB53B6DB6286BAD856E4DAAE20E8A33D090C47B16C81"
Last-Modified: Wed, 28 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 30 Dec 2022 19:15:34 GMT
Date: Fri, 30 Dec 2022 13:15:34 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0392f0e9c253dae04f19ef37531fcc0e
c2fd1a3c7864c3075c199211e7b91823fad598dd
7a6af978c12295b95496d49a46df9a4b474d24ee91acad34d1220883000e9eac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6278
Cache-Control: max-age=118460
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Etag: "63adf7ac-117"
Expires: Sat, 31 Dec 2022 22:09:54 GMT
Last-Modified: Thu, 29 Dec 2022 20:25:16 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f8affe6384097fb64e6637fd9deeb7d8
7427bc80c56fe4cfea80e779376af4ea008b1a89
0e3c2016a2f713dcb678855dd832d4a37d381a9ff6007625e1f0822e9f0c368a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4795
Cache-Control: max-age=140005
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Etag: "63ae51a0-118"
Expires: Sun, 01 Jan 2023 04:08:59 GMT
Last-Modified: Fri, 30 Dec 2022 02:49:04 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 13:15:34 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 642992
expires: Wed, 20 Dec 2023 13:15:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ot69r%2BFvZ8N31hR7NKmlV6Hu%2B28Cy5aHG%2FmD4hcIum%2B%2FG8M449h0KNLQB96AKUg43TPKp3FTYIbTattPDMr1iqZxPLCuI4kHg2vuHLeGwJ6YAHQfNl46DceaO2UGSkflqZ8MYJin"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 781b0b86bf83b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d99a02debe6fadef034342b403232eee
f72582e949caba09eb7ef580ead0c687154b58b1
17f3ef82cdddd066855bc734ccf5012662ea8f01d72a2b6a862bfd7b4a7dea48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5404
Cache-Control: max-age=151420
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Etag: "63ae7bd6-116"
Expires: Sun, 01 Jan 2023 07:19:14 GMT
Last-Modified: Fri, 30 Dec 2022 05:49:10 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d99a02debe6fadef034342b403232eee
f72582e949caba09eb7ef580ead0c687154b58b1
17f3ef82cdddd066855bc734ccf5012662ea8f01d72a2b6a862bfd7b4a7dea48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5404
Cache-Control: max-age=151420
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Etag: "63ae7bd6-116"
Expires: Sun, 01 Jan 2023 07:19:14 GMT
Last-Modified: Fri, 30 Dec 2022 05:49:10 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
i.imgur.com/opXuESN.png
151.101.244.193200 OK 29 kB IP 151.101.244.193:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /opXuESN.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 11:22:12 GMT
etag: "74190b93fc4f5d88f0c8e6411ba20bd8"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 30 Dec 2022 13:15:34 GMT
age: 3906033
x-served-by: cache-iad-kiad7000111-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 457, 1
x-timer: S1672406135.858107,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 28789
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d99a02debe6fadef034342b403232eee
f72582e949caba09eb7ef580ead0c687154b58b1
17f3ef82cdddd066855bc734ccf5012662ea8f01d72a2b6a862bfd7b4a7dea48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5404
Cache-Control: max-age=151420
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Etag: "63ae7bd6-116"
Expires: Sun, 01 Jan 2023 07:19:14 GMT
Last-Modified: Fri, 30 Dec 2022 05:49:10 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0392f0e9c253dae04f19ef37531fcc0e
c2fd1a3c7864c3075c199211e7b91823fad598dd
7a6af978c12295b95496d49a46df9a4b474d24ee91acad34d1220883000e9eac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4927
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Last-Modified: Fri, 30 Dec 2022 11:53:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
code.jquery.com/jquery-1.10.2.min.js
69.16.175.10200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.10.2.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32072)
Hash 68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 13:15:34 GMT
content-encoding: gzip
content-length: 32788
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16bb3"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CIblu50GEocBCiQxMTYwN2I3ZS03MWNkLTRiMjgtYWQyYS1jNjU5NDA1N2M3OGMQ+OiCoKvU+wIaBgj2yLudBiIMOTEuOTAuNDIuMTU0KNTVAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkODVlNzZkOGQtNjgwNS00OGVhLWI2M2EtYTI4ODZhNTk3MDRjGJSAAiIYCAISFGNkczI0My5zazEuaHdjZG4ubmV0.5waS/0SgkJBopMZ/Pm+dXF0fvfghansdXvPCeocRB0o=
x-hw: 1672406134.dop026.sk1.t,1672406134.cds262.sk1.hn,1672406134.cds243.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f9470f5c8a231f657a6f7d935a4946cc
d301aea9a620161d224ca417d4483b19edc43895
9244d582f8e01055e71e13468b4ca7cbce79556e968696885348219ba5066424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f9470f5c8a231f657a6f7d935a4946cc
d301aea9a620161d224ca417d4483b19edc43895
9244d582f8e01055e71e13468b4ca7cbce79556e968696885348219ba5066424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f8affe6384097fb64e6637fd9deeb7d8
7427bc80c56fe4cfea80e779376af4ea008b1a89
0e3c2016a2f713dcb678855dd832d4a37d381a9ff6007625e1f0822e9f0c368a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4795
Cache-Control: max-age=140005
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Etag: "63ae51a0-118"
Expires: Sun, 01 Jan 2023 04:08:59 GMT
Last-Modified: Fri, 30 Dec 2022 02:49:04 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
172.217.21.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Dec 2022 15:04:39 GMT
expires: Fri, 29 Dec 2023 15:04:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 79855
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
172.217.21.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (32061)
Hash b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Dec 2022 14:55:45 GMT
expires: Sun, 24 Dec 2023 14:55:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 512389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.39.66101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.39.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: k2Ftaju9CiKhLCl3OeYliw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: COwNGUc6sKQNBpJjB3WwwgnktF0=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f9470f5c8a231f657a6f7d935a4946cc
d301aea9a620161d224ca417d4483b19edc43895
9244d582f8e01055e71e13468b4ca7cbce79556e968696885348219ba5066424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/u9rU3qB.png
151.101.244.193200 OK 5.5 kB IP 151.101.244.193:0
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 60546d041fbe8923be8060789834c8ad
dc2196c42679ee591163edac09b84b5e8dc08b66
6803b10e0133d3cc812e4c24224e79dc3cc496646ca5a67b296d3cf982207f55
GET /u9rU3qB.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 04:07:02 GMT
etag: "60546d041fbe8923be8060789834c8ad"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 30 Dec 2022 13:15:34 GMT
age: 7233
x-served-by: cache-iad-kjyo7100107-IAD, cache-hel1410029-HEL
x-cache: HIT, MISS
x-cache-hits: 7, 0
x-timer: S1672406135.863176,VS0,VE97
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 5549
X-Firefox-Spdy: h2
image.winudf.com/v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX3NjcmVlbl92aS1WTl85XzE2NjM3NTI1OTBfMDM2/screen-9.jpg?fakeurl=1&type=.webp
172.67.68.182200 OK 353 kB URL HTTP/2 image.winudf.com/v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX3NjcmVlbl92aS1WTl85XzE2NjM3NTI1OTBfMDM2/screen-9.jpg?fakeurl=1&type=.webp
IP 172.67.68.182:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 353 kB (352890 bytes)
Hash 40a40fb67116377eb66a6916a75c2d6b
71147d41143d6de96111605170b94b62c0e7fcba
231728b5077f3d33a02649b9d9eb87de0418d3f39d71bc0bf51cd7f3e73b3f2c
GET /v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX3NjcmVlbl92aS1WTl85XzE2NjM3NTI1OTBfMDM2/screen-9.jpg?fakeurl=1&type=.webp HTTP/1.1
Host: image.winudf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 13:15:34 GMT
content-type: image/webp
content-length: 352890
etag: ab87e8e4
x-cache: MISS
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSX7QMZOU7ICLJtuiURWGr%2B80xp4%2F3RL2F4jO6y8ubsTJHu0PWpi4Ffxf0s8T4OtdDiUdIH374ZwgldhBTYoX4vDsXJQoWEYB%2FcxXL%2F0rN0tdCLLdBp4Gu1z16U%2B5QjtoLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
server: cloudflare
cf-ray: 781b0b86ea98b4fd-OSL
X-Firefox-Spdy: h2
image.winudf.com/v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX3NjcmVlbl92aS1WTl81XzE2NjM3NTI1ODJfMDQ4/screen-5.jpg?fakeurl=1&type=.webp
172.67.68.182200 OK 334 kB URL HTTP/2 image.winudf.com/v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX3NjcmVlbl92aS1WTl81XzE2NjM3NTI1ODJfMDQ4/screen-5.jpg?fakeurl=1&type=.webp
IP 172.67.68.182:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 334 kB (334490 bytes)
Hash 7ce3149965e81185f576d95c3cbd7a95
c764d6e4097cf37e2b763efed9e076f2ca616bde
bd346bca661b3b7ebf8181bed0a0b95b38e3cfea7402ff833322be4a3d4fc2bb
GET /v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX3NjcmVlbl92aS1WTl81XzE2NjM3NTI1ODJfMDQ4/screen-5.jpg?fakeurl=1&type=.webp HTTP/1.1
Host: image.winudf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 13:15:34 GMT
content-type: image/webp
content-length: 334490
etag: 98fc4cb2
x-cache: MISS
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYBFEiz%2Bss4vR%2BFWnwrk8tOIYlK4%2FC%2BA77PMO2F4r0muxG%2B4W2jQwdn560XaxzGNYptDpk%2Fl8xj30YM0Km2KnZmkca%2F8gVXVEkZKht9iBOmLag4ZKZwdQ3vV5Xr9jAlwtUw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
server: cloudflare
cf-ray: 781b0b86ea9ab4fd-OSL
X-Firefox-Spdy: h2
image.winudf.com/v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX3NjcmVlbl92aS1WTl83XzE2NjM3NTI1ODZfMDk3/screen-7.jpg?fakeurl=1&type=.webp
172.67.68.182200 OK 322 kB URL HTTP/2 image.winudf.com/v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX3NjcmVlbl92aS1WTl83XzE2NjM3NTI1ODZfMDk3/screen-7.jpg?fakeurl=1&type=.webp
IP 172.67.68.182:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 322 kB (321816 bytes)
Hash 930d2ee8bce39dda0e09fb060a71a1cd
e46aeab5f2fa27f3329d4f15d96b8ff8c816bd7e
cbe508db026eb4e915dacecc1de98af7c620620d5173ebdefef7d23d06447d19
GET /v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX3NjcmVlbl92aS1WTl83XzE2NjM3NTI1ODZfMDk3/screen-7.jpg?fakeurl=1&type=.webp HTTP/1.1
Host: image.winudf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 13:15:34 GMT
content-type: image/webp
content-length: 321816
etag: df28a93b
x-cache: MISS
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUdFVBgHa%2B%2Fun6Q8emNtsOgact%2B6toJBIjLuARfekrNt1RAPeNEqQ0%2F79BHmzTETBwXLwA%2FIikt7Mc6FjpZZTJ0J2tftvbhenFLL%2Fy6MRByjWK2HICZD4AegiIlnvqeRsUI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
server: cloudflare
cf-ray: 781b0b86ea9cb4fd-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.3 kB IP 142.250.74.131:0
Hash 0424c5888198c3e62bea83ea460fa481
ce20a188acc17a660c01cb314ba8003e4501f41a
f67c0732ab903f0c3bf66aaa50a2cc593d32cea54580ab727ff2f6c610f0c70e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c01ec5e07dbe046b735f9c99bb14aa12
2ff3b5a56cbd14daa3f030b8e0155911e540fc60
2aa5e1d9163a70e14b198bbde17e740330d36283b9e04ec54ba23d84f5025d33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ffmemmbergarena.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:24 GMT
expires: Sat, 23 Dec 2023 13:33:24 GMT
cache-control: public, max-age=31536000
age: 603731
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c01ec5e07dbe046b735f9c99bb14aa12
2ff3b5a56cbd14daa3f030b8e0155911e540fc60
2aa5e1d9163a70e14b198bbde17e740330d36283b9e04ec54ba23d84f5025d33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c01ec5e07dbe046b735f9c99bb14aa12
2ff3b5a56cbd14daa3f030b8e0155911e540fc60
2aa5e1d9163a70e14b198bbde17e740330d36283b9e04ec54ba23d84f5025d33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/baloo2/v16/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppm_led7Q.woff2
216.58.207.227200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/baloo2/v16/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppm_led7Q.woff2
IP 216.58.207.227:0
Hash 83a768314cafcaaf8926cfff377b4db8
bf50f34199e09c47923380dc99cdce1c8cfa4800
d5920316c14cfe1962c06c8fe4c8836c922afb900f08a075be2f2b40fe15e623
GET /s/baloo2/v16/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppm_led7Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ffmemmbergarena.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Dec 2022 20:21:05 GMT
expires: Sun, 24 Dec 2023 20:21:05 GMT
cache-control: public, max-age=31536000
age: 492870
last-modified: Tue, 08 Nov 2022 20:07:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/baloo2/v16/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2
216.58.207.227200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/baloo2/v16/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 18604, version 1.0\012- data
Hash e4b69f37c27ab83effedafe3fa856d66
202e25094feadccbbc06a96fec9c31db064e1d56
653cb64478e69928b05a73b72ba7b91b231cf2c87ae3743040d98ebab5a4b19e
GET /s/baloo2/v16/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ffmemmbergarena.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 15:49:36 GMT
expires: Sat, 23 Dec 2023 15:49:36 GMT
cache-control: public, max-age=31536000
age: 595559
last-modified: Tue, 08 Nov 2022 20:01:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfa19pRtB.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfa19pRtB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8028, version 1.0\012- data
Hash d1cb8a9cdfee750f4c0d9fac96190267
d6d9f58f4dfa7c48357e1e579177c036d277ccc0
28af73fa2da892fde9a7fd25527d44a8a2a38587fac97b3ee49a94eee7ecbd95
GET /s/teko/v15/LYjNdG7kmE0gfa19pRtB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ffmemmbergarena.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:57:41 GMT
expires: Sat, 23 Dec 2023 13:57:41 GMT
cache-control: public, max-age=31536000
age: 602274
last-modified: Wed, 27 Apr 2022 16:58:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/baloo2/v16/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2
216.58.207.227200 OK 4.8 kB URL HTTP/2 fonts.gstatic.com/s/baloo2/v16/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 4768, version 1.0\012- data
Hash a43b5aa75298f5d2afcd597d8cb02351
622981fe1b70ddcc2befe786bf5a714dc960a4c8
088fdf765bec2ac8db45bb30c9ba245e38e5aee2bc17a9ebe9e3773ea7a01bed
GET /s/baloo2/v16/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ffmemmbergarena.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 4768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Dec 2022 11:30:15 GMT
expires: Fri, 29 Dec 2023 11:30:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 08 Nov 2022 20:07:52 GMT
content-type: font/woff2
age: 92720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c01ec5e07dbe046b735f9c99bb14aa12
2ff3b5a56cbd14daa3f030b8e0155911e540fc60
2aa5e1d9163a70e14b198bbde17e740330d36283b9e04ec54ba23d84f5025d33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5784
Expires: Fri, 30 Dec 2022 14:52:00 GMT
Date: Fri, 30 Dec 2022 13:15:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5784
Expires: Fri, 30 Dec 2022 14:52:00 GMT
Date: Fri, 30 Dec 2022 13:15:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9d1857128ab6a237e6854c7a3532b51
702ab1eb38be637f012e1454201b9a7561c29081
48fbf5b5aa1cf66fcdaafe68c72ac073d2ba9b6dedf76ebfaafdc88836fa0fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4833
x-amzn-requestid: 46ef49d7-dadb-4665-84bf-1c331ed8fce6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZU2E3IIAMFxAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08eb-28af0ab9094d7c21560a60db;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aiGabD98wdch1q-6CRt4VLbduBsZEJzkku8-bTyF102z9hCpgFhIXg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:02:31 GMT
etag: "702ab1eb38be637f012e1454201b9a7561c29081"
content-type: image/jpeg
age: 54785
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e270e4d21abb133d068a56a552b1708
2d5c698f982dcdb9a86de4e45e30d7caf9b42336
723573f9908c5a2aa1d3dfe1146a764d7052c866ff2076a9096daccf5697328b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11775
x-amzn-requestid: 0794ca14-8458-4abb-922b-129a82eb91ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZlpFqnIAMFYkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0957-21354f3f55563e7346ebc268;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T9FxFI_0Ht2NR9GWPJKZrGAmEqAS7ASIaJMQYeAxnAne0Ffr3OB2LA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:24:23 GMT
age: 53473
etag: "2d5c698f982dcdb9a86de4e45e30d7caf9b42336"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg
IP 34.120.237.76:0
Hash d801d0e6936da452280c2c91510f8539
bb113e9a1f553ff1005a3f7856d4c73b07058124
a5fcf018943cd9546e58b796bd80725606c6bad47b0a573a0d5b668ed86bd7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8494
x-amzn-requestid: 8dc4c6ae-ecb5-427d-be0a-535585f19b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZUXHR1IAMFn4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08e8-326ee70106b8fa9d2c4d540b;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OwT983wT16yakg-cntLy7dKgOXa3ypDtRAGPKH6GICxaTkufUqP8UQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 21:41:08 GMT
etag: "d17f3594e4aa86aa1b28849bbc3c7f1d45d938ea"
content-type: image/jpeg
age: 56068
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aacfdf9-29e5-4cca-88eb-1d7fb007e520.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aacfdf9-29e5-4cca-88eb-1d7fb007e520.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51406d6bd4a7322a475fc2a98267154e
9fa03002aa1974d4a9557cedad8bd5d7fefa52ad
a1858d9fd203972f0dc3fe97f36e07796b84f6e2851c9990d406f452793e3454
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aacfdf9-29e5-4cca-88eb-1d7fb007e520.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11315
x-amzn-requestid: 77dd9348-e3a9-448e-8ae9-499d5d672a41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d4GZpGTRIAMFTUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63acb770-7dec07d1447e6f10125b8b6f;Sampled=0
x-amzn-remapped-date: Wed, 28 Dec 2022 21:38:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lfojNVZMHGD1YfOqiMgEwTOi_6uPqkVJ_gbQ0PKo5CLFycpcY89T1g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 21:42:23 GMT
age: 55993
etag: "9fa03002aa1974d4a9557cedad8bd5d7fefa52ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ebe131c7787411178a93d045ba57b5a
40b601b6ad3a3d7738b5b55777981598f4dc0519
68ea133b346bd1f76cd7b4dcf5023d8f987935dff380bacec73dec957effb97e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11516
x-amzn-requestid: e4e9ceeb-b2e5-454f-9550-d412fc0be82a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7aRLGuqoAMF3JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0a6d-6ed43b46144121dc2dd7db2f;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:45:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0cLaSIiaQE4WUEG4mML3Nfad-lh-MWyzAQ1bb7XInUIx7Nm8D6rU_w==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:16:00 GMT
age: 53976
etag: "40b601b6ad3a3d7738b5b55777981598f4dc0519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F494a676a-db54-45e7-a2ef-f33e70eef1c7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F494a676a-db54-45e7-a2ef-f33e70eef1c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa84178e1bdd088bb49a5c3a51d6a9f3
9bd9f17b057b9cf44cf9c00c4410852cd0b271bc
c53b3bdd11594feadf1f2d0ae09b3615965850f858c0e27305992102c51df365
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F494a676a-db54-45e7-a2ef-f33e70eef1c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6036
x-amzn-requestid: dd3a8928-b5e4-41e9-a2d4-4d53d34ed11a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZVKGLAoAMFVsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08ed-7e97cd781cf1e1fb1cdf5739;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9CwQAvJu0xbmEgbA9jgxGR6GV1hAW8UBrz2QBqnuCjfllHY_69H3kA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:03:15 GMT
age: 54741
etag: "9bd9f17b057b9cf44cf9c00c4410852cd0b271bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
216.58.207.202200 OK 389 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 216.58.207.202:0
Size 389 kB (389072 bytes)
Hash 4c72fddc642018817bef6dc970ab12d5
c91617e15059ba5143768e26a8be0f95ed0c807a
4f0bb0616966e343334f58b3c9aec1d38e16b2b4afa21009cdfee2e30aa1e063
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 30 Dec 2022 13:15:35 GMT
date: Fri, 30 Dec 2022 13:15:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Baloo+2:wght@600&display=swap
216.58.207.202200 OK 292 kB URL HTTP/2 fonts.googleapis.com/css2?family=Baloo+2:wght@600&display=swap
IP 216.58.207.202:0
Size 292 kB (291644 bytes)
Hash 808b7efda936fbff3d9e111067a36dac
0303b288cf472bc1e17417e6a8d91dd73fe46857
18d6be320c1b486b164efa0b6534a605f5e90c01dbedeb24d2e1ac72cee3eee0
GET /css2?family=Baloo+2:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 30 Dec 2022 13:15:35 GMT
date: Fri, 30 Dec 2022 13:15:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b53f0a7e01ca4ba60fa8ea3b43281bbb
f124eb1b9541e802caf8dc0753cd3525356d321e
3ebed44e2753f7dd822abc37ef8f226c711d94a03bb2807b904a6d8398e042a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3EBED44E2753F7DD822ABC37EF8F226C711D94A03BB2807B904A6D8398E042A1"
Last-Modified: Fri, 30 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6423
Expires: Fri, 30 Dec 2022 15:02:40 GMT
Date: Fri, 30 Dec 2022 13:15:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b53f0a7e01ca4ba60fa8ea3b43281bbb
f124eb1b9541e802caf8dc0753cd3525356d321e
3ebed44e2753f7dd822abc37ef8f226c711d94a03bb2807b904a6d8398e042a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3EBED44E2753F7DD822ABC37EF8F226C711D94A03BB2807B904A6D8398E042A1"
Last-Modified: Fri, 30 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6215
Expires: Fri, 30 Dec 2022 14:59:12 GMT
Date: Fri, 30 Dec 2022 13:15:37 GMT
Connection: keep-alive
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Fri, 30 Dec 2022 13:15:37 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 31 Dec 2022 12:52:17 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Fri, 30 Dec 2022 15:15:37 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Fri, 30 Dec 2022 13:15:37 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 31 Dec 2022 12:52:17 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Fri, 30 Dec 2022 15:15:37 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Fri, 30 Dec 2022 13:15:37 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 31 Dec 2022 12:52:17 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Fri, 30 Dec 2022 15:15:37 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Fri, 30 Dec 2022 13:15:37 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 31 Dec 2022 12:52:17 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Fri, 30 Dec 2022 15:15:37 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 133370016aafb0f320de2fd65516d2a7
8ebfbd7dae30fdb38a67936ff5a5eb34cafc99d0
1e971d11eea31624c3f0ca554819be5d5ad15728a6a282a4dd34c606cbd59131
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2886
Cache-Control: max-age=152864
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:37 GMT
Etag: "63ae8b53-1d7"
Expires: Sun, 01 Jan 2023 07:43:21 GMT
Last-Modified: Fri, 30 Dec 2022 06:55:15 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/vi_VN/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/vi_VN/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 19551c2b5b2a5833f06d49fedd7c4722
9a0446bd1c73b20a4ca80c82d554a4b90c51303f
ee9f09272b77ab5e359a16f4d306cff23b9f2a6655926e82c685e789ea6a725b
GET /vi_VN/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ffmemmbergarena.com
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: a6dd02bbf97335aa521805bca4c05d7a
etag: "ddb8bc7d1097c88d9230db1908d8af18"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 30 Dec 2022 13:16:37 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: GVUcK1sqWDPwbUn+3XxHIg==
x-fb-debug: /6JYNxZFQ1PA3zeNs1q/ezuCrg8qycxvyKZ+uQGmXq9Ob0bExDBQbhkLuDkSAwRo9Efdhrq0H0nLgyWcA7eoIw==
content-length: 1685
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 133370016aafb0f320de2fd65516d2a7
8ebfbd7dae30fdb38a67936ff5a5eb34cafc99d0
1e971d11eea31624c3f0ca554819be5d5ad15728a6a282a4dd34c606cbd59131
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2886
Cache-Control: max-age=152864
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 13:15:37 GMT
Etag: "63ae8b53-1d7"
Expires: Sun, 01 Jan 2023 07:43:21 GMT
Last-Modified: Fri, 30 Dec 2022 06:55:15 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/vi_VN/sdk.js?hash=742fba6bc2aba919ba3ff0a78c8ea472
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/vi_VN/sdk.js?hash=742fba6bc2aba919ba3ff0a78c8ea472
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 6cef462e87120c593ac48c8a2ef0eed0
73cab3aed03fa7a6cccc033d5cf339448d7fe10c
00c4c7d5cf41d8e7ce7b2f80b6d6fd868fb06559b40ada7052235f3e760c1c78
GET /vi_VN/sdk.js?hash=742fba6bc2aba919ba3ff0a78c8ea472 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ffmemmbergarena.com
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b1fa6712c49c4bed17cc606b0fad3eac
etag: "57d9bd7ddb0b6d2909a3a6c8a55ec098"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 30 Dec 2023 10:40:20 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: bO9GLocSDFk6xIyKLvDu0A==
x-fb-debug: yWp1x8HpyHQJdLbj4NHB9jY+ibVwiwsO/YtXmjSXdyDaIxZp0IMOaORvebF2IAi/W/cillAZrmDw0f30M6XwIg==
content-length: 87164
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 830 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d
GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 15:32:37 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: OlzN21WjzLJ5StoXKMt/QQEFsoEX3aeLqY5bph3r4ZD4kX8saFfUmzB592JCt1Pcp2B1llF12eCVx4WYHyl6Sw==
priority: u=2
content-length: 830
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/lmXJagExRtl.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/lmXJagExRtl.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 1cf2beae632610a44036e005d8c84336
dcf6e1fd65b218e51cf78b65b00a03a001a42d14
2b185978135ea9476f6d41eff546cc68d9bee10ec74c5baeb0d6d62b9b3064b6
GET /rsrc.php/v3/y4/l/0,cross/lmXJagExRtl.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 18:42:21 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: HPK+rmMmEKRANuAF2MhDNg==
x-fb-debug: g8+W5uggYtLY2EVNeUrFqF3tqqrnIzq3d2MvH7cWsGZDWYQsO/XbbPHmALeZY1bsqoWz8CECkExOvrh3N5Eu7Q==
content-length: 5298
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 871 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4200)
Hash 1b86d2bf32c6d881f8915ccd4e7dd4e8
5564124f994f6fb02e4f9506ce6f681efabec8d0
e65bd1fea311e0347a1ad3595a76b7ca1fd9ea427d7a74f6b91d5d17f316b0a3
GET /rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 27 Dec 2023 00:12:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: G4bSvzLG2IH4kVzNTn3U6A==
x-fb-debug: ZCPoX6MWwkN+XhwGoeB4GrRyM4sAsucL9Gl2KwahhvQ/DhIyJ9FVgJbUNLD/rAy4elEBlqChsJIXJItQQlibgA==
content-length: 871
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/Fs66-ooFjHN.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 85 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/Fs66-ooFjHN.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18622)
Hash 33aa1a2f8dcf2e0f1313b420cbdd6783
1b0da05e75a3fc9c2b529b01b529dd4bab20a401
c5f074386e4d39c9850c012cd539aa1f5a56b109344cec9863d4edc331e34366
GET /rsrc.php/v3/y6/r/Fs66-ooFjHN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 27 Dec 2023 21:15:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: M6oaL43PLg8TE7Qgy91ngw==
x-fb-debug: ZLXzuVk9Bkenc3R4zzjLYkO8Wu6wrMThAFJlhqDcqY7pTO5ObMppik+zvpibcS1KxdoGI7jvbNUJwyu+H8W8ug==
content-length: 85051
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1984)
Hash 9286a42c6635bf94761964f1b129c0de
21d966c8e5833bec35fd039f80e6f7e47185743a
da4067af50abaeaa27b4dfc7f3accf1346f13d9fd9d3821222bc820378c7ed00
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 13:47:37 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: koakLGY1v5R2GWTxsSnA3g==
x-fb-debug: X1DwjT/W+lXQIOXoZgxGO60rtitg/Bqekw1pZhtvpwaqzKiIINhdHHNijSzGP+6v/Kb9O3z98Y3UqTe9kVfe6g==
priority: u=3,i
content-length: 1615
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash 1ad15afc034f310427c81b0759603a2b
e5efd1d029dccf5fa8128c84aadb6544a4ab60e0
fedf63f655f9eef24c517c3d6762fb07b142213ba623d4a0b06614fb5d9754bd
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 27 Dec 2023 02:03:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
x-fb-debug: 03omrPytNZHYWoBH3usGlQt1W0e7CzAK88io1Zy2v2+GGixauzQRzXT1NCBjf3iogfm8ny9ZNmALg2YKoUNIIg==
priority: u=3,i
content-length: 12334
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8741)
Hash c92ef94e30a2dd9473fd9fe533472b73
97049e47de026939c75a885df9e8bb0fb56515ba
f2981c7109e60cf9f5a9e846a25800dbec20a923db028f310b6feb79415650bb
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 16:05:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: yS75TjCi3ZRz/Z/lM0crcw==
x-fb-debug: U8TYhtIwieUaE+BpLvk0Xw7ps/yThgqW5XjsZVop3u4YwX5eFaxYBxrF8HgB/MiH1SdTKPWsU3h5vM6jeeb7oQ==
priority: u=3,i
content-length: 16232
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yL/r/PlsnJC666Fj.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 6.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yL/r/PlsnJC666Fj.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (7780)
Hash 855b9a9b80d4c186253eba4e0d14b18d
9af34af716b9116d91c7e2012f35cc756afdfbd3
39f68beab2325364f3a27998ec9692c7275ae0fb6d979fc3730bf881b65975ce
GET /rsrc.php/v3/yL/r/PlsnJC666Fj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Dec 2023 10:01:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: hVuam4DUwYYlPrpODRSxjQ==
x-fb-debug: kb9Gt4rhA3p3u5PYUqH9ngWwDSudkef5Oa14blr/C7Qt5S2Ksc0HT0laE6y7BVT/RVd8+jzzpA8pH3epwPGPsQ==
priority: u=3,i
content-length: 6772
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 293 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (327)
Hash 2f913d812811ef7e6fca30334c5972e2
d17caaa167443dc08696c672380f237e0db3fb02
ee8918a2f5d163099104b70f79065abc8fd309e69add57170546f2706956eef8
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 17:31:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: L5E9gSgR735vyjAzTFly4g==
x-fb-debug: LFzj3N7JgCbilCC70EZ2DFc4kSBeJDY5gohLixqt89FJ3uUNf0Py9987R0js/xduiQlz0XzKFsGMNs3jw9qwEQ==
content-length: 293
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iWPy4/yJ/l/vi_VN/h-L8FQ7MyJY.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iWPy4/yJ/l/vi_VN/h-L8FQ7MyJY.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2905)
Hash 49298b849efd72c1777625f576371f2f
84e23134f714e8760ea7158133d062343caa7fbe
3cc732b2d9e57eb0e6c3ec335521453fb43920d4a84060e51e5b68ca331fafa3
GET /rsrc.php/v3iWPy4/yJ/l/vi_VN/h-L8FQ7MyJY.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 02:01:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: SSmLhJ79csF3diX1djcfLw==
x-fb-debug: 6asbj7pJx3GeVHRCZrOgyDQO+YMMLWW+he3Zw3lNKNcsdTMENOeNCu9XPmWLVTP+mFa5DJD2ODCCOnVlNSbWdw==
content-length: 7115
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4057)
Hash 7cb89797cea2a84b948dfae53d0c90d4
312bdda4ae1efe3ab71fb0aec473ddc725627f5b
9093dc3e084b6a216b34c7a603eae5a93f793dc5b0a606ccb0da051d5aa12cd4
GET /rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 23:55:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: fLiXl86iqEuUjfrlPQyQ1A==
x-fb-debug: fjafl28JJ/j7wLeRsIj57zeC6mnZEhT31MUnZmM/ihfkH3NndTQg8z53wGfoSQUikX9zxYgduTSPQaZfIY/HxA==
priority: u=3,i
content-length: 7199
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iSa94/yx/l/vi_VN/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iSa94/yx/l/vi_VN/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (42551)
Hash 78494fa094e6a2012a4db4e5f492cfe3
778edbf999461f5d76f5780bc917b6202fe1d982
faef531747013410ac9e31a0653399145be746c257bb754a3600b8d29380f3b3
GET /rsrc.php/v3iSa94/yx/l/vi_VN/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 18:31:52 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: eElPoJTmogEqTbTl9JLP4w==
x-fb-debug: gO1GeWKetmqFmaAdSecU/Fc1shQBPEzt+nX8mZosqE0BMddJuwjHxSX3tCjYtdZx7pDL0R4cTj/wnVlfjZzfOg==
content-length: 23655
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
31.13.72.12200 OK 1.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
IP 31.13.72.12:0
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash ac1e1c4d6f16359701b059ed4e8246b4
ff19b30a3b3d8d1765c239b25dbc98cb3263786a
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
GET /rsrc.php/v3/yH/r/xgVgalBG80z.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/lmXJagExRtl.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: rB4cTW8WNZcBsFntToJGtA==
expires: Tue, 26 Dec 2023 04:48:43 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 1u770M6FiXIJ5TEAX7nuff3XGV4ZI3J3cjWcYZsReiTiggreZwKIOpaKhnDPen/DdAiTe6ssOhUPmybOQFUFbg==
content-length: 1315
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/s7Li9Aq-hu0.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/s7Li9Aq-hu0.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type assembler source, ASCII text, with very long lines (2642)
Hash 5024d751c01432036f1fd63f8eb1b611
a3715766ced44ec80370205c277b350ce62cb02b
9aea4f4cab9baea9136507cc618763179c0bc6c80ad6a80eb4f68316b174c95c
GET /rsrc.php/v3/yt/l/0,cross/s7Li9Aq-hu0.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 18:54:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: UCTXUcAUMgNvH9Y/jrG2EQ==
x-fb-debug: xPG+utXaPWNSRV1wC2vfzLnYhDfuwbgB+qH5HZoUqZBvGwQTZl7u7wtcs1ZxS6OsFFtKL+3ClkTJt4dcWRaQkw==
priority: u=3,i
content-length: 4696
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe7cebd134e734%26domain%3Dffmemmbergarena.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fffmemmbergarena.com%252Ff2d68eee462c78%26relation%3Dparent.parent&container_width=378&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ffreefirevn&locale=vi_VN&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=500
31.13.72.36200 OK 32 kB URL HTTP/2 www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe7cebd134e734%26domain%3Dffmemmbergarena.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fffmemmbergarena.com%252Ff2d68eee462c78%26relation%3Dparent.parent&container_width=378&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ffreefirevn&locale=vi_VN&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=500
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17072)
Hash 2225643c659d578e5804ed292a869888
cfa2317b5be328df28af42b79cdcec75fda41bc5
d93603849e59e8f9ccf8f4a11419913e868b2847e40796de92ccb34ed1d3e9e0
GET /v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe7cebd134e734%26domain%3Dffmemmbergarena.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fffmemmbergarena.com%252Ff2d68eee462c78%26relation%3Dparent.parent&container_width=378&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ffreefirevn&locale=vi_VN&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=500 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v14.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: jiqczB6Va3sFO6OWR36lfhfo3NbvVJBP6oJxhqlzungCRu2Aji3fneZXfT2HwFWc9rsPCLx57GkJCGbC/TQRHQ==
date: Fri, 30 Dec 2022 13:15:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ym/r/4Mu2lW6i1B1.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 2.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ym/r/4Mu2lW6i1B1.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with no line terminators
Hash 67a5334a6e134b2ce874e568c496a83c
3859c3fbe9d02133d9c87f109ef47fb35e579a45
ef7a5bf4074e129eab677860139767a52bd91b3e39dd506046da5c0acc2de0ea
GET /rsrc.php/v3/ym/r/4Mu2lW6i1B1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 18:35:11 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0PeKM3DhxvGziuqrCXLZUw==
x-fb-debug: PJhFAKqyHkX1y4zwuM3Cm6QBB2yzuVtZ+OaunRO3v0bzatwrjZQK1zVb9hbTpCRqx+Nw8blRYQbwuC22DQMpxw==
priority: u=3,i
content-length: 2736
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/O-20ODj3dPM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 6.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/O-20ODj3dPM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4488)
Hash e1b779b44c5968618354d3f4da4f5971
bc2e065d28d0087be0a2a550217ac735c111d271
7bd4c6bce400648993abfde32d8a2809f12da03610ccb10d6070c80a9a14513e
GET /rsrc.php/v3/y6/r/O-20ODj3dPM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 19:19:31 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 4bd5tExZaGGDVNP02k9ZcQ==
x-fb-debug: y8EJScDWLzAcvNkkVbdt3CSNh2+7dm6O3C6U5svAp3v67vg+8yrwtZuZ6FYZbxjtwrd3Y472Y3XxgG3tGF8Ezg==
content-length: 6065
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 29 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7003304bb488738903a6c5d5632601ee
bce8c9daaf03f899574ea1cf1b9354c882fec6f0
b7b700cb1c97cb9b83232d53e15c3585a737d4989ff9ec0071c2e369d6df6ca4
GET /rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 15:33:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: uV7JGgDrmsxMpOSKdw+Y9Q==
x-fb-debug: Si9hpqLue5xbHqW3M4jaKmv2Pr7GPdmSp8yr14fEF/fklViCmvV3tBUfSHnO494Z7N1Xkfn2IdYYTyDvhDY6ZQ==
content-length: 1243
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (4643)
Hash 2f3bd3f5da2acb55828c5dcefde8a274
00f21373747009968870397a243322c067466c97
fae6708a549046751d2ec4b001dd8402482494ec07a924132775332ac354f2a1
GET /rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 17:48:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: LzvT9doqy1WCjF3O/eiidA==
x-fb-debug: it16Jaatrx+rPZzGZEfn7zAjkbRE6EbTEdLNtQ94hrR3HlkssTUDvdAl9+3QGvMOxrqDUhNkFiBbikuQbndi4A==
priority: u=3,i
content-length: 5358
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3i_954/y-/l/vi_VN/64zQg4vqE4h.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 6.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3i_954/y-/l/vi_VN/64zQg4vqE4h.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5962)
Hash 4a6ee5f70bc2154090579de2b43f37e5
b3b0f60afa342d03ea96357d66726b95bc0a56cb
7703fc9585faa0485ecae261cb494cf4ee48de1431eba0fec34259241bcd611f
GET /rsrc.php/v3i_954/y-/l/vi_VN/64zQg4vqE4h.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Dec 2023 18:02:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Sm7l9wvCFUCQV53itD835Q==
x-fb-debug: JSdV8VmV6qVJtcKgrEAdR4ykpsaBECsQF4ht4wniS6wYsaou20LckB7vkLQrRrnIaIAvljbbUDfHfzYO/hWfjQ==
content-length: 6726
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yw/r/-UiReSjdfva.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 390 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yw/r/-UiReSjdfva.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (618)
Hash 0984a4c8a4a6cd15974c8585b70033ad
8893ca1b4cd9037584d995d4c12e44f02c1cfb71
3147ce4394aac97aa02e9a1f01f61f3135df185e8ffbd9420e0fa332d4b3cb6b
GET /rsrc.php/v3/yw/r/-UiReSjdfva.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 21 Dec 2023 16:26:57 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CYSkyKSmzRWXTIWFtwAzrQ==
x-fb-debug: n6/EWYMkMEXXBula64e6jmCKmZCFBOBPGyW4Pu2gUJ4lnVUZXKlUg+gh/ZcKaqC12noGXaJmA/Y9/ELwnqzVxg==
content-length: 390
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 10 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18915)
Hash 084615819834e23edead2d2e6fbb0db2
656c5c532f295c4c3a788ea0a719da7686c05bfe
41c35b99b989e96dd40bfbbfb44fe26556a062069ec4e05ad67f51e2259d295e
GET /rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 28 Dec 2023 22:36:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CEYVgZg04j7erS0ub7sNsg==
x-fb-debug: 4ilKck1y1Gl+ZzHyjC6cd9A+PkS/cDVccqOEFAXRWD5E7raoisxA5ccMovhbK/91WnTzBpsdbQNJnNhdpg5keg==
priority: u=3,i
content-length: 10390
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/tcb/1/16/1f641.png
31.13.72.12200 OK 459 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/tcb/1/16/1f641.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 6a885a20fea9cdbe3c4acec90190b657
91652f8fff63a0503a1f132330c234501d415372
690e733a8f97ed3f73c3a0f18d6d13ddec01a5d14d5322b51a7826a3c27ec607
GET /images/emoji.php/v9/tcb/1/16/1f641.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: aohaIP6pzb48Ss7JAZC2Vw==
expires: Wed, 27 Dec 2023 01:50:39 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: D9uOluglILrxVOPZrQTXw4oA0t9CkbIrvXeZcGjqGZEqaPACUAR5sobvUjC1V5v+xcmxBoQhI9i/raIcAirrKQ==
priority: u=4
content-length: 459
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png
31.13.72.12200 OK 2.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png
IP 31.13.72.12:0
File type PNG image data, 25 x 281, 8-bit colormap, non-interlaced\012- data
Hash 8bb456647dce20d407811b3ddcae0999
c4df3fb38a35fd018a2f0f7a7009fa9aacac40db
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
GET /rsrc.php/v3/yx/r/re1hPxQECWj.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/s7Li9Aq-hu0.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: i7RWZH3OINQHgRs93K4JmQ==
expires: Tue, 26 Dec 2023 04:53:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: dYIJgCqEfbFITCXYQ34wQXn+rLVmz6J1Y34EXKA8sO0gdCxmIi8Ymgf8r5HN1VTer0gEFd/1w+p2Xfg5PZT/OA==
priority: u=3,i
content-length: 2674
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png
31.13.72.12200 OK 548 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png
IP 31.13.72.12:0
File type PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Hash 976d05eb572dff7402dab33e7868d1a3
6de347f502856325e90de1fd137382cc2f61dc75
83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4
GET /rsrc.php/v3/yD/r/MKQzjVd1bVq.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/lmXJagExRtl.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: l20F61ct/3QC2rM+eGjRow==
expires: Mon, 25 Dec 2023 04:39:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 3FA1IrjHcOkW0krboEJ2cBRRfsWQMPF8X0QwCOmtexyB3H7Jz8VWfT4rjLscLN519KPq601QqNkg3uH+FGv4iQ==
content-length: 548
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t57/1/16/1f609.png
31.13.72.12200 OK 511 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t57/1/16/1f609.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 08bf38e9c7b9bcd37b9a64bf3217095a
acc2b55847ee518a36942ad3601332ceedea41a1
6219091fdc6e030242a33fd3883016fe5e3eb8c5da963d90f759ecb807214fb0
GET /images/emoji.php/v9/t57/1/16/1f609.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: CL846ce5vNN7mmS/MhcJWg==
expires: Tue, 26 Dec 2023 05:19:43 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: hnCtmxzAm46doP9VTgISNJryEWktF0WXJFH2OvU36ADU43mEAWj1JbUjDcRdvICrm0Me0avxV/VcLeZ40FY58A==
content-length: 511
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t40/1/16/1f62d.png
31.13.72.12200 OK 562 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t40/1/16/1f62d.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 01bd6e8b67504b34a0435eff5e5e4c44
c428a78ec6318f26a9bb33f10e3f9e12e3b8ecd6
ffd3c1e75f18f15bad2cb47693e58964060b0a9db33b60c95fb86e3fc28a3f1b
GET /images/emoji.php/v9/t40/1/16/1f62d.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Ab1ui2dQSzSgQ17/Xl5MRA==
expires: Sat, 30 Dec 2023 00:31:57 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: biVG9PIowHqsdF2NBir+xCW9XpkcXWftQOadjfoYoXBfr2SiB5Qwizm4HVh2juTjLEGDGq3pxibUACHg2Xc0xA==
priority: u=3,i
content-length: 562
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/tf9/1/16/1f48e.png
31.13.72.12200 OK 387 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/tf9/1/16/1f48e.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash f9d2a0d0f6a60a77c54eac1a9dc35a27
8727cf7682d33314de596688a9ce94eb409284a6
1e1c32b0757d3890a83fe8e9ca3a4a930ed77c5df828787d011204d50ea789ee
GET /images/emoji.php/v9/tf9/1/16/1f48e.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: +dKg0PamCnfFTqwancNaJw==
expires: Tue, 26 Dec 2023 04:48:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: /E+ESOkI3Tgw7FR2PWf0ljcavJCKoXCE7riLTPnd3yaT0bYZEAgkLBayA1No8d9XV5Stfeu/CZ/dox7QY6VmKQ==
priority: u=4
content-length: 387
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t58/1/16/1f929.png
31.13.72.12200 OK 563 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t58/1/16/1f929.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 27861844f56ac74e45723a87cb6072a2
d9c9839dfc25acd57a1509454ea557f6fd3e2b8b
e658be9c1d2d2f11b3a2658ef947226ccdbce5d26ae0ec662f2d0e03bb60b5c2
GET /images/emoji.php/v9/t58/1/16/1f929.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: J4YYRPVqx05FcjqHy2Byog==
expires: Sat, 30 Dec 2023 00:44:58 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: yutI5WcuB8aYa1vti66R38ljKqxxQOO9zsQnY8zCnsG0KjNa2hv50WcLuelnhGQmpHLfqW080R9aEkbo//OhsQ==
priority: u=3,i
content-length: 563
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/tf0/1/16/1f338.png
31.13.72.12200 OK 470 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/tf0/1/16/1f338.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash f24abc8798ec8c6c9da0af817dbe9610
dcc4492589f937c717a79af01f77190083fc72a4
125d1a455129b569dcce664b7ae0730f6a13b8cf7ff172c4cb71aa1e7a0fc607
GET /images/emoji.php/v9/tf0/1/16/1f338.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8kq8h5jsjGydoK+Bfb6WEA==
expires: Mon, 25 Dec 2023 04:47:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: VPpNpBXfFr0a+3UmGNnjG3xwq0Cs7fEzsHDM9CWgog1fnP7WAbawCRpadO4VnaEE2nGC75Q7VEmozJNeedEgvQ==
priority: u=3,i
content-length: 470
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t50/1/16/1f525.png
31.13.72.12200 OK 478 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t50/1/16/1f525.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 51330f3e42f0095c678e453a0917822f
26e4da69ab215d85821a8c7d7d8d33593a65aaad
d5455fa80868fdd7528880b9adcb61592f8c50288214e641387219664a8cbc8a
GET /images/emoji.php/v9/t50/1/16/1f525.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: UTMPPkLwCVxnjkU6CReCLw==
expires: Wed, 27 Dec 2023 02:21:07 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 2jXtG/BVc/TP2zo9VYcYILE9tXM2D1rjKqEaPd9vel11LrmAM6X02xsDE4uOi1dl98mvBy1AbL77XOkxXjP/ug==
priority: u=3,i
content-length: 478
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t6c/1/16/1f4aa.png
31.13.72.12200 OK 577 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t6c/1/16/1f4aa.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 695f0444585419ceaa99eab054b6ea69
328a94c9c6ab60d399ab08066f704d6bd356f53a
1db57ac7d3923f93c21acaee5c60aabd44a8403e06c9b1c927667a2c58c3a234
GET /images/emoji.php/v9/t6c/1/16/1f4aa.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: aV8ERFhUGc6qmeqwVLbqaQ==
expires: Wed, 27 Dec 2023 02:29:32 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Z+IUXZJo9ItAYjJLh0ukznaQSJgXALamJXci3pINWrrVM9ZPSev5n4FaGq2uDMvwUERTOJBy5BLVWKiGfU/fkw==
priority: u=3,i
content-length: 577
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/tac/1/16/1f4cc.png
31.13.72.12200 OK 497 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/tac/1/16/1f4cc.png
IP 31.13.72.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5364195e235e0ce8d52ac8f534134f82
e137382f58c86ddfd3a17c062291802a96eb74b8
e100a2c2a927f243a5b17163973c9138924f4b10864f65173d7bdb07e90e51f8
GET /images/emoji.php/v9/tac/1/16/1f4cc.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: U2QZXiNeDOjVKsj1NBNPgg==
expires: Mon, 25 Dec 2023 04:51:18 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: IDU+Q9FeN+kv8eYutg6EAFT7p+Imy6ykXmhnHF4kHx3zNbS7oapq/fPSWT+nh7X6UDgZks/xz1OP0EARe2Oxwg==
content-length: 497
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/321441048_680303383583132_8318650316113406830_n.jpg?stp=dst-jpg_s180x540&_nc_cat=108&ccb=1-7&_nc_sid=8024bb&_nc_ohc=HwS6ynxVIyYAX_ODi4u&_nc_ht=scontent-arn2-2.xx&oh=00_AfC549VJq-_K2Bux448e35xXm5x9QtLVWIFfESmAA_rVlQ&oe=63B3FEE3
157.240.194.27200 OK 10 kB URL HTTP/2 scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/321441048_680303383583132_8318650316113406830_n.jpg?stp=dst-jpg_s180x540&_nc_cat=108&ccb=1-7&_nc_sid=8024bb&_nc_ohc=HwS6ynxVIyYAX_ODi4u&_nc_ht=scontent-arn2-2.xx&oh=00_AfC549VJq-_K2Bux448e35xXm5x9QtLVWIFfESmAA_rVlQ&oe=63B3FEE3
IP 157.240.194.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 180x180, components 3\012- data
Hash 2181a41ea0fbb73954c2370d728876e9
5f64459df9878c80b4e0e0ed3d94d9692f2955be
36027f6ee8afb8486d7483e16ae2aff8ee7bdbe9c2c0f9fddf3046241b414376
GET /v/t39.30808-6/321441048_680303383583132_8318650316113406830_n.jpg?stp=dst-jpg_s180x540&_nc_cat=108&ccb=1-7&_nc_sid=8024bb&_nc_ohc=HwS6ynxVIyYAX_ODi4u&_nc_ht=scontent-arn2-2.xx&oh=00_AfC549VJq-_K2Bux448e35xXm5x9QtLVWIFfESmAA_rVlQ&oe=63B3FEE3 HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 29 Dec 2022 11:41:45 GMT
x-haystack-needlechecksum: 1793341836
x-needle-checksum: 1387840014
content-type: image/jpeg
content-digest: adler32=1490536956
content-length: 9967
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:39 GMT
x-fb-edge-debug: dMTha6sbAehhYTleH7L9ExHUEPM0ygXyXpiXiwIX1_r0n_fGn3fooWymfCkeDMRW80VYvL23JSpKWEGhfUZlGA_NQNQvSW8uEThJAu6i4Dk
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/320594739_705813781019667_2305226956489269272_n.jpg?stp=dst-jpg_p370x247&_nc_cat=105&ccb=1-7&_nc_sid=8024bb&_nc_ohc=LoPSKSfzGJUAX-kWTjl&_nc_ht=scontent-arn2-2.xx&oh=00_AfCOVAnL0q24H7EU0Gn7JqWtRU9KGIHjBg_hsUyvLH5tIw&oe=63B3A972
157.240.194.27200 OK 27 kB URL HTTP/2 scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/320594739_705813781019667_2305226956489269272_n.jpg?stp=dst-jpg_p370x247&_nc_cat=105&ccb=1-7&_nc_sid=8024bb&_nc_ohc=LoPSKSfzGJUAX-kWTjl&_nc_ht=scontent-arn2-2.xx&oh=00_AfCOVAnL0q24H7EU0Gn7JqWtRU9KGIHjBg_hsUyvLH5tIw&oe=63B3A972
IP 157.240.194.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x370, components 3\012- data
Hash fb2970331ab23b7a7ed5cc1389937bc5
a2d84c06321a8f2dfc6338c163b369eb409f089b
b70930f87c6ed9a42592a41fdabc4214a9aa67d18c27faee708925af278ad4e3
GET /v/t39.30808-6/320594739_705813781019667_2305226956489269272_n.jpg?stp=dst-jpg_p370x247&_nc_cat=105&ccb=1-7&_nc_sid=8024bb&_nc_ohc=LoPSKSfzGJUAX-kWTjl&_nc_ht=scontent-arn2-2.xx&oh=00_AfCOVAnL0q24H7EU0Gn7JqWtRU9KGIHjBg_hsUyvLH5tIw&oe=63B3A972 HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 30 Dec 2022 08:41:54 GMT
x-haystack-needlechecksum: 3388059184
x-needle-checksum: 875323065
content-type: image/jpeg
content-length: 26693
content-digest: adler32=114894307
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1904183273
date: Fri, 30 Dec 2022 13:15:39 GMT
x-fb-edge-debug: zSLFnrxblWaiHTW1nM2yeMrkMcWWE5qGHYXKRsC1ODn7Ks7Kriykymw4SpcdsVALLA12SYy9_192oNQC8LaI8NptLu9tXHAoW2Sj8vvSbiI
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce559ba-ede8-48f0-8bf2-1c6a0c1d4c83.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce559ba-ede8-48f0-8bf2-1c6a0c1d4c83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d21812b8907c0410fcf07b8a245fd97
f9f4289b4f79af75f646f2c72de68dcb679f0c10
7c720ceaf934e04af379535b8fe63685314abc18033e95ed24deb29b3e34e744
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce559ba-ede8-48f0-8bf2-1c6a0c1d4c83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8101
x-amzn-requestid: cdcbc49a-d707-4123-ade4-cb15af5c87d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7a21FInoAMFfQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0b5e-3e9cf62117217e6a1157f231;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:49:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: i6IW8-l0c5I4TNM2sbSKhWNY6CpyOtUCn0a-rqmZes9VN7ke78eHsQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:08:52 GMT
age: 54410
etag: "f9f4289b4f79af75f646f2c72de68dcb679f0c10"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ffmemmbergarena.com/
104.21.78.82200 OK 0 B IP 104.21.78.82:0
Analyzer Verdict Alert openphish Garena
fortinet Phishing
GET / HTTP/1.1
Host: ffmemmbergarena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 30 Dec 2022 13:15:34 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.13
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaEJA20DJMdvwLuOyDi21%2BHrM5zERGY8rNDFjrB9YrQeMmwYS4%2Fgrw17sRLeynbJv%2F76w6jRCMR905p3PuFHt8ojtb3J6aD9Mb8C5GmxQ6flXDbyo4Jr%2F%2B0Imhq8rv0JtBLNfY1P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 781b0b825cddb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
188.114.99.234200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 188.114.99.234:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ffmemmbergarena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 13:15:34 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 17852888
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 781b0b86cddeb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2