ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
198.98.51.35301 Moved Permanently 276 B URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
IP 198.98.51.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e8b7febad238b5c3249f282f495563a1
45319ac29fd0f5686a01236349f7ca787fff0710
9639f16bc9e90c93c99929f13d0f64b4351409d6823ec290f29b55beaaf3b47b
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Malware
GET /direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw-- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 19:39:26 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Content-Length: 276
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8486
Expires: Sun, 29 Jan 2023 22:00:52 GMT
Date: Sun, 29 Jan 2023 19:39:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 29 Jan 2023 20:31:34 GMT
Date: Sun, 29 Jan 2023 19:39:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 19:35:38 GMT
content-type: application/json
age: 228
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4964
Expires: Sun, 29 Jan 2023 21:02:10 GMT
Date: Sun, 29 Jan 2023 19:39:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d1aC9Y5T/NuzRlEjzuFd/uhD3uG8jYMBW3b0MBQA1WlCu3G+xi1UBxzRmdvWXY0xS3hDkGhHKIo=
x-amz-request-id: 6CK0WZQKWF6X53AN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 18:50:26 GMT
age: 2940
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 19:39:26 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 318b35ee85eee4e980bd80eaa1681b6e
8d1df97325cf9a6293ad5c6a296b602e3a5f0a45
75c5bddf2a7623e788dd6fe647cea50af950fc646152e2a095f310fe35271b4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75C5BDDF2A7623E788DD6FE647CEA50AF950FC646152E2A095F310FE35271B4F"
Last-Modified: Fri, 27 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8437
Expires: Sun, 29 Jan 2023 22:00:03 GMT
Date: Sun, 29 Jan 2023 19:39:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 18:41:41 GMT
age: 3465
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Sun, 29 Jan 2023 20:48:05 GMT
Date: Sun, 29 Jan 2023 19:39:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e9b80b6f7cc2fa86e6cedced6dae97f7
2c996b64b01594ed4bd0e8a618879cbf5ddda2f8
865176a68bc72b5f72aefeb096d77876709affda295928b37a8465d99bf06a0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 337
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 19:39:27 GMT
Last-Modified: Sun, 29 Jan 2023 19:33:50 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
code.jquery.com/jquery-2.2.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.2.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32019)
Hash 5b423a4bde44e2d03668c8fc2e230758
60fb13614d1bfe3685d09e070ffc654f2b0729f4
26a46a57e001319776582d64bc222e2bb0fccb213486d170fa60980996f70bce
GET /jquery-2.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 19:39:27 GMT
content-encoding: gzip
content-length: 29882
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-14e7e"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675021167.dop024.sk1.t,1675021167.cds202.sk1.hn,1675021167.cds263.sk1.c
X-Firefox-Spdy: h2
ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
198.98.51.35200 OK 84 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
IP 198.98.51.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (36835)
Hash a0464550ce29586c1c8bd57c425b9874
338e04b7d31b742e42f42c279e4b021b385bf57d
8f70dee3c7baaa16181bdffb072b73578cd6943882a7ad15310d4d4aca1c6142
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Malware
GET /direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw-- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:26 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Set-Cookie: 4everproxy=486f8c909d52084042fc416463b73288; path=/; domain=hideip.co
datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; Domain=ny.hideip.co; Path=/
fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; Domain=ny.hideip.co; Path=/
sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; Domain=ny.hideip.co; Path=/
4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; Domain=ny.hideip.co; Path=/
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
Pragma: no-cache, no-cache
Cache-Control: no-store, no-cache, must-revalidate, private, no-cache, no-store, must-revalidate
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-fb-debug: iHWS2g0EoK4HAZoJT7SUiH5895T1EshaBsZ0RHP2GCMAu6CbtWFvJ5MH0NgAG9ZSnQnTFhazhI9DXLWObbRyvA==
priority: u=3,i
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
access-control-allow-origin: *
Keep-Alive: timeout=10, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
push.services.mozilla.com/
54.190.123.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.190.123.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cuYi42pHkJFXFM9mht+vEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rct37p6zN5wrd8TNcKUtdZqPwD0=
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64RzHrsfS1bU93SKWHpRvTib9b6RTK12C92_7XfSbgPxGO78TYVp8cYZzMRpmZGWhLslBsq_cyDS4M8Fj0kNnM29
198.98.51.35200 OK 43 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64RzHrsfS1bU93SKWHpRvTib9b6RTK12C92_7XfSbgPxGO78TYVp8cYZzMRpmZGWhLslBsq_cyDS4M8Fj0kNnM29
IP 198.98.51.35:0
File type ASCII text, with very long lines (9122)
Hash f15fae4505ec18c5e532bc03a6ce26d1
cab8f16321cd76297ee719425ad6d98d3b2da326
73e7619b368726a71f4d2676fef6e45beb1c686b2704017f3b5a4968291e6d48
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64RzHrsfS1bU93SKWHpRvTib9b6RTK12C92_7XfSbgPxGO78TYVp8cYZzMRpmZGWhLslBsq_cyDS4M8Fj0kNnM29 HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Mon, 29 Jan 2024 18:09:26 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: hexnI2o7BsKYsC9SW2V6qQ==
x-fb-debug: T50ueLooAKlpADM70Ibm2z03n+rk43f26osF2T6cbK5zulesxGJfXTatO/j6uUGgH8bFlBltEbdmTnnhkZWpXA==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=99
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 91cd7a3228862fc35a268f5d3b33be2c
e2c0d3e20c76f6f9f804e56d56156b169b56146a
6a6511d747b4ce8302b5880259c863bef83901f514c93dc277b59254a2bde9da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A6511D747B4CE8302B5880259C863BEF83901F514C93DC277B59254A2BDE9DA"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11548
Expires: Sun, 29 Jan 2023 22:51:55 GMT
Date: Sun, 29 Jan 2023 19:39:27 GMT
Connection: keep-alive
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64S~B35_rOlw1RDMB_5hPaq9FYxLzr2fjb~YdPIIqZe9EYuEpSZXUgUBvqJ8Dg4MIn~3h~hZqv590baUs_AlP~pk
198.98.51.35200 OK 2.9 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64S~B35_rOlw1RDMB_5hPaq9FYxLzr2fjb~YdPIIqZe9EYuEpSZXUgUBvqJ8Dg4MIn~3h~hZqv590baUs_AlP~pk
IP 198.98.51.35:0
File type ASCII text, with very long lines (2161)
Hash 448d68d2be97ba2780bfdded94413297
a04a1e9c28543e75d41edd808e74ee9df4cde878
ae6ec068a12b058eebc3ea27dd46cbe526a421a3db8e827acbbf8810b67852d1
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64S~B35_rOlw1RDMB_5hPaq9FYxLzr2fjb~YdPIIqZe9EYuEpSZXUgUBvqJ8Dg4MIn~3h~hZqv590baUs_AlP~pk HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Thu, 25 Jan 2024 20:13:20 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 3uooRztRH/PISmg3mAEnbg==
x-fb-debug: S7foz/YbTHdDn+p1Vr3e9ABojDMhNb9olv1h7EI3BxJ8mpbx11GUCeXJIPZGGgUl3FkOpVEc1WtsRLVvRXx5RA==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Content-Length: 2944
Keep-Alive: timeout=10, max=100
Content-Type: text/css; charset=utf-8
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64SQ4EbSBWiH3BkWvVRtt_6qs1PTLAZYc3q~k5n7kO022k0aGOF6vABnbNI63lLQD5MrIXZU10_6uFWf7e2bZ5T3
198.98.51.35200 OK 14 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64SQ4EbSBWiH3BkWvVRtt_6qs1PTLAZYc3q~k5n7kO022k0aGOF6vABnbNI63lLQD5MrIXZU10_6uFWf7e2bZ5T3
IP 198.98.51.35:0
File type ASCII text, with very long lines (7203)
Hash 78fcd98660d7a52540baa6f666a04287
631de2f13e230a3fba676125528efc5b6dac78d9
1cc843e8736a347fe5b62d3b8baba10f5b11f6364bb854461ca94e7dcd61568c
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64SQ4EbSBWiH3BkWvVRtt_6qs1PTLAZYc3q~k5n7kO022k0aGOF6vABnbNI63lLQD5MrIXZU10_6uFWf7e2bZ5T3 HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 20 Jan 2024 18:41:10 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: hIUcRGLkjzyfSPHtfnBDrg==
x-fb-debug: R+5GmYTj3c6WYSka6YcrCLQFBsSgD1ngAVKygFfJXQI9ibea+mvUhK5I3Z/eWYOjXuqrnJOGuqdBJGjO8itfiQ==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=100
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64SjrVR~L_kgJDv8VKrTU9u6AdmPDvUDU8qf~upxqJ3MyImBFORCewPqrfmaeopX0Gk-
198.98.51.35200 OK 38 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64SjrVR~L_kgJDv8VKrTU9u6AdmPDvUDU8qf~upxqJ3MyImBFORCewPqrfmaeopX0Gk-
IP 198.98.51.35:0
File type ASCII text, with very long lines (7850)
Hash b672d9c4206b0b458aaa2554806dff07
3d80723bc3c0bc08d1914171dec681e0571dcd7e
7f129c152f90923e47b2fe74a6fee9527bd9c50ca212758cad125b4f5f7daf81
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64SjrVR~L_kgJDv8VKrTU9u6AdmPDvUDU8qf~upxqJ3MyImBFORCewPqrfmaeopX0Gk- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 27 Jan 2024 17:57:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 12Yt3AYP6x2FZP4k0lBa6A==
x-fb-debug: ObwYptdY8+BSilb9USnaM/fJJfigtue+f6BP8AxDr4aVCshpp3BlFGC90embPXRZ3HRXRv4HzfqFduS7xRdUiA==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=98
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64ROu8zEIIwu_hoU37V2D4GAxl2_DtfTl62~XnRns_ug~X~TSINHYTJBdCzfsk_SFho-
198.98.51.35200 OK 42 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64ROu8zEIIwu_hoU37V2D4GAxl2_DtfTl62~XnRns_ug~X~TSINHYTJBdCzfsk_SFho-
IP 198.98.51.35:0
File type ASCII text, with very long lines (5830)
Hash df1581c017e36d69fe9b1d0a21044dc4
401c89d08101b9983bc6efecf837a978f22c5f1a
abaeab740ccfa1b4f2f39315d7a0b62f1061f76176d4852d163049ec72234b7d
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64ROu8zEIIwu_hoU37V2D4GAxl2_DtfTl62~XnRns_ug~X~TSINHYTJBdCzfsk_SFho- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 17 Jan 2024 16:42:42 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KDpHj0EN1YDd/iWfL5aq0Q==
x-fb-debug: 6eWxlZDzLOK6Wk2mc/N11QfvfFxYZD8njvOML4g7YV5z0qnYIqQNdvhuqLBHnrvXvpaf1CdNvSRnfTFw/s8jcw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=100
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64RzfFB1CcoU6h9his7KImwcJqSBkrTGV7J3EiZWuXxQJPo5BjQqR4oUVi_fH4p4Wd8gxk7zMrz6xfjpKb~nkEoK
198.98.51.35200 OK 36 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64RzfFB1CcoU6h9his7KImwcJqSBkrTGV7J3EiZWuXxQJPo5BjQqR4oUVi_fH4p4Wd8gxk7zMrz6xfjpKb~nkEoK
IP 198.98.51.35:0
File type ASCII text, with very long lines (6639)
Hash 3e614b6fc1360f205a0f7e1cf660458a
4ce5918c577072e33a8aa71e04ae35bd9540cc42
e75a556eb0b426c2594466be8527d54264f1f2c0c33ec53814b24f8cc0d8cc83
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64RzfFB1CcoU6h9his7KImwcJqSBkrTGV7J3EiZWuXxQJPo5BjQqR4oUVi_fH4p4Wd8gxk7zMrz6xfjpKb~nkEoK HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Mon, 29 Jan 2024 18:09:26 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QJhugsrRWN8BuyhWYyjZ/g==
x-fb-debug: F+ZST9/bk39RfByo3IioTDVluxbH4fxvvaf1aEBhTn/D3kftJtEJtP0Td4qHYq6BXdz3szYRauFvLUBMNDoFtw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=100
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64TZNfgUosljKMdYQkmhI~4hTdmY~DmbLxM2D4Oan1AGpMsrYI3Jv4wdnN5C7CYQ05M-
198.98.51.35200 OK 25 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64TZNfgUosljKMdYQkmhI~4hTdmY~DmbLxM2D4Oan1AGpMsrYI3Jv4wdnN5C7CYQ05M-
IP 198.98.51.35:0
File type C source, ASCII text, with very long lines (7258)
Hash 07f7e5d0e0f67ada4638663f2fc6edb2
973a46e9f6f517ac4d650bac63f5d55ccc8b1ea2
c9b34f6463d2b6bed000c03c9886ae66cbc73fdc94a566ace844ff14eee1a630
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64TZNfgUosljKMdYQkmhI~4hTdmY~DmbLxM2D4Oan1AGpMsrYI3Jv4wdnN5C7CYQ05M- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sun, 21 Jan 2024 17:28:43 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: qZNsShXbzrlTo2vk4mAiAg==
x-fb-debug: qrL3m/3EXwermeodMNhhEBnPvphRSjDRWMR98dP3LjNko/hNpNdPlDzR2zNIGbkZtDnxwMwcWJ7gRfjrkKEJLw==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=99
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e9b80b6f7cc2fa86e6cedced6dae97f7
2c996b64b01594ed4bd0e8a618879cbf5ddda2f8
865176a68bc72b5f72aefeb096d77876709affda295928b37a8465d99bf06a0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 19:39:28 GMT
Last-Modified: Sun, 29 Jan 2023 19:33:50 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64Tg1bQj~VeSVHNvfcMrhTiJMQBz9ra8f70ItoARG0gT40IxX1OppJ8kWQqd8p39yfw-
198.98.51.35200 OK 262 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64Tg1bQj~VeSVHNvfcMrhTiJMQBz9ra8f70ItoARG0gT40IxX1OppJ8kWQqd8p39yfw-
IP 198.98.51.35:0
File type ASCII text, with very long lines (18622)
Size 262 kB (262266 bytes)
Hash e3c6cb86f40be960430f28e370828f5a
953e939b63c84fcc82e302f6879fa56e1b7c6337
d6738902de43693e1023049037ef855aedcbb5e6cebc1bb50913688d7cc660cc
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64Tg1bQj~VeSVHNvfcMrhTiJMQBz9ra8f70ItoARG0gT40IxX1OppJ8kWQqd8p39yfw- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Thu, 25 Jan 2024 00:31:26 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: F9yJ8wWlReB8aRnxJWHPOQ==
x-fb-debug: FYCjUzjgoRpvFAUsA3Kmy5j7ER2YXA61w1WufGDiS1+PTutrHu9LEOVtUpQe5z/1H3yCgTcmf4Yxu9biFgutQQ==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=100
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64QL8rauw~I6ochorbAZvo9Lxmg53_csDH6rX7WINtzQKkkrPHhlcS~fyfRvng9KA~YnZ1yfIFhv6k318MpkK1yT
198.98.51.35200 OK 187 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64QL8rauw~I6ochorbAZvo9Lxmg53_csDH6rX7WINtzQKkkrPHhlcS~fyfRvng9KA~YnZ1yfIFhv6k318MpkK1yT
IP 198.98.51.35:0
File type ASCII text, with very long lines (7153)
Size 187 kB (186810 bytes)
Hash 985d435d814a47da835c696caf4c99a4
938ec62743be21961f019959c1a6524a99d1c9c3
5665f86648c2568f48e756c2264c0203abb07697d536c44ee4debd2bd650bdf7
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64QL8rauw~I6ochorbAZvo9Lxmg53_csDH6rX7WINtzQKkkrPHhlcS~fyfRvng9KA~YnZ1yfIFhv6k318MpkK1yT HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Fri, 19 Jan 2024 01:15:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: v0SY0TtS21BoNKCD8/SQNg==
x-fb-debug: ub9/cki558QRpwc2nWLnJ7OsySRt9ivtw+dKhhQpmzCQcfMinTqtMl02Q9lP80z6S6pIxnoXF+QJ3t6y38FdtQ==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=99
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
www.easycounter.com/counter.php?fattwam
52.1.22.171200 OK 1.8 kB URL HTTP/1.1 www.easycounter.com/counter.php?fattwam
IP 52.1.22.171:0
File type PNG image data, 150 x 20, 8-bit colormap, non-interlaced\012- data
Hash 3d002cbc51fb54a16b72281d1dc30dee
9beebcf4a0bf386d9db04d1b0941bf437c704f3d
883193cd059fcfa939a2a6762c6cffe4a5d4fff44d07dc3837656fbae1abbb71
GET /counter.php?fattwam HTTP/1.1
Host: www.easycounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Sun, 29 Jan 2023 19:39:28 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 19:39:28 +0000
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64QZ2oVJTZ8rD5z2vAOYJMJlJJY7v8UwVm3wNNHkkmS_tA--
198.98.51.35200 OK 2.4 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64QZ2oVJTZ8rD5z2vAOYJMJlJJY7v8UwVm3wNNHkkmS_tA--
IP 198.98.51.35:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2384)
Hash ebd8798bc32c86494851a07770e04e63
b5461dc8f5f5f848033441d506ee05d48742438b
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64QZ2oVJTZ8rD5z2vAOYJMJlJJY7v8UwVm3wNNHkkmS_tA-- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:28 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Thu, 18 Jan 2024 09:19:06 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PwVB4nJ2oYcDoYThlQBUvQ==
x-fb-debug: l7StqAmcEseQvdeVXSGIXlcv5LumaBXDFzJBdEhw58ai/UrfL1q5TAjFcanVfy9uU1330aJLgIPh83J5fEXPxw==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=99
Transfer-Encoding: chunked
Content-Type: image/svg+xml
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7121
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 19:39:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7121
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 19:39:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:26:16 GMT
age: 51192
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVguyG7BIAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:11:24 GMT
age: 73684
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:24:09 GMT
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
age: 51319
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7121
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 19:39:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7121
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 19:39:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: max-age=108994
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 19:39:28 GMT
Etag: "63d5c28f-1d7"
Expires: Tue, 31 Jan 2023 01:56:02 GMT
Last-Modified: Sun, 29 Jan 2023 00:49:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 73620
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 7412
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7121
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 19:39:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 8dca6752-c548-4526-ae81-4626843ade3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYbDjGREoAMFxiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d33ee3-1c097c131b91c34b4e7df1be;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i8JJruxoRfordb6WFNf67-GLWrA_Q930x3GCCQoUmDwXrfZtBXvsZg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:34:32 GMT
age: 57896
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yK/r/U0EcYBGyWCM.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 11 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yK/r/U0EcYBGyWCM.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (7850)
Hash 207a4f82bf73b665dfdf47200e20d927
ecae12d982fbfbcf99be95003651b16094dda8af
0090bbad94f5a7d81a55b619fcb4d26c1ee1fbdee1b12de137932b7e6b90289c
GET /rsrc.php/v3/yK/r/U0EcYBGyWCM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 21 Jan 2024 17:29:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: IHpPgr9ztmXf30cgDiDZJw==
x-fb-debug: lysdlpO3jKn5Ul8Ll9RDAyi++vOIn9CnrBM72eNbhKYvAySg0bw8j5FkoJqZkLYBpWohNbGjpV66OndyWXo1rQ==
content-length: 11133
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64TWb0M4I65e_aYyq3OK4e8pvP0~3_07nme7Eb4E3nUSVA--
198.98.51.35200 OK 14 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64TWb0M4I65e_aYyq3OK4e8pvP0~3_07nme7Eb4E3nUSVA--
IP 198.98.51.35:0
File type PNG image data, 301 x 1208, 8-bit colormap, non-interlaced\012- data
Hash e4442ca22fee86bc5cc7fdfe28093789
93cdd53ce314ffead6435fad78313381f00f1527
b1733e3fc609941a74de9c53b960b1de453ec0d26d266ecdd4cf93abe2cf0365
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64TWb0M4I65e_aYyq3OK4e8pvP0~3_07nme7Eb4E3nUSVA-- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64S~B35_rOlw1RDMB_5hPaq9FYxLzr2fjb~YdPIIqZe9EYuEpSZXUgUBvqJ8Dg4MIn~3h~hZqv590baUs_AlP~pk
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:28 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 5EQsoi/uhrxcx/3+KAk3iQ==
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Thu, 18 Jan 2024 11:35:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: unUd0yQq6Q5RE4UdvqqHYNeGQC4d1wAsUr11tuLjNCsmgWMnSR2CYrFerrYmGt/1ioMebLInTMKT/4bNCvc+pA==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=98
Transfer-Encoding: chunked
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: max-age=108994
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 19:39:28 GMT
Etag: "63d5c28f-1d7"
Expires: Tue, 31 Jan 2023 01:56:02 GMT
Last-Modified: Sun, 29 Jan 2023 00:49:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: max-age=108994
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 19:39:28 GMT
Etag: "63d5c28f-1d7"
Expires: Tue, 31 Jan 2023 01:56:02 GMT
Last-Modified: Sun, 29 Jan 2023 00:49:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/y5/r/WLzd7JoJ6Ok.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 8.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y5/r/WLzd7JoJ6Ok.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type C source, ASCII text, with very long lines (7258)
Hash 1bc62c04a9ad4597cb1e0b1124b8a62d
833b4602722c440018ddce80b229c874110bad41
c9d2ed2f6c9ec5c27397a95f064f1486c74422fb835fd939f125205731b1715a
GET /rsrc.php/v3/y5/r/WLzd7JoJ6Ok.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 21 Jan 2024 17:28:19 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: G8YsBKmtRZfLHgsRJLimLQ==
x-fb-debug: YndK69ez8hN8zV9Z37la0jygPtVkPFeTff7OHGB+Y+tRtKIZuyT/R1E3J6DQWiS4BuPCt2vU8OVKRJlD66O8jw==
priority: u=3,i
content-length: 8053
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: max-age=108994
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 19:39:28 GMT
Etag: "63d5c28f-1d7"
Expires: Tue, 31 Jan 2023 01:56:02 GMT
Last-Modified: Sun, 29 Jan 2023 00:49:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (5830)
Hash 7714813710281e982f276a85053aaa44
30873ab1d2b6d89a5e2b65e98638a98f33a6bc6d
bc0cd5ba04e5f899bfeb252d4902b863afd141744ad63733419d6c38ecab0bbf
GET /rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 00:33:06 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dxSBNxAoHpgvJ2qFBTqqRA==
x-fb-debug: U4STr3rfX+EX9gUtV0YDPLTwbAfrRU+pAOPlG8KVzJH2gaHassV5IkvKWkjME+XFQFuZRbEnu+XMMvmAfOLDMg==
priority: u=3,i
content-length: 12436
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64T2LkR~vaGYk5MCFIGP~nI8odlWH6pKchDWwdZnFvtZPQ--
198.98.51.35200 OK 14 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64T2LkR~vaGYk5MCFIGP~nI8odlWH6pKchDWwdZnFvtZPQ--
IP 198.98.51.35:0
File type PNG image data, 124 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash c3ae1c18b4c8125f248289ec3c17324b
50432d34daeeb6850eb26eeb8396870c264774de
da97c0d05f363c467f68bcb5ae40bc3ead836c18cd93e78a379d0ca75a8777c1
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64T2LkR~vaGYk5MCFIGP~nI8odlWH6pKchDWwdZnFvtZPQ-- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64RzHrsfS1bU93SKWHpRvTib9b6RTK12C92_7XfSbgPxGO78TYVp8cYZzMRpmZGWhLslBsq_cyDS4M8Fj0kNnM29
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:28 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: w64cGLTIEl8kgonsPBcySw==
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sun, 28 Jan 2024 19:33:27 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
x-fb-debug: xASSNw2l3KxWr9E1zMEcso8ai3BXWr/J0jFMvk39hCUNfc6ArHc4gpO5uUp9leYYf85BIsrALTZXgA2EKdEG5w==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=99
Transfer-Encoding: chunked
Content-Type: image/png
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lLL3IvVTBFY1lCR3lXQ00uanM_X25jX3g9SWozV3A4bGc1S3o-+
198.98.51.35200 OK 38 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lLL3IvVTBFY1lCR3lXQ00uanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 198.98.51.35:0
File type ASCII text, with very long lines (7850)
Hash b672d9c4206b0b458aaa2554806dff07
3d80723bc3c0bc08d1914171dec681e0571dcd7e
7f129c152f90923e47b2fe74a6fee9527bd9c50ca212758cad125b4f5f7daf81
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lLL3IvVTBFY1lCR3lXQ00uanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:28 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 27 Jan 2024 17:57:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 12Yt3AYP6x2FZP4k0lBa6A==
x-fb-debug: ObwYptdY8+BSilb9USnaM/fJJfigtue+f6BP8AxDr4aVCshpp3BlFGC90embPXRZ3HRXRv4HzfqFduS7xRdUiA==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=98
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 40140c2161816ffc6f31464db388a1d1
12e0e528849093b123875c2dec9b5e69b811db25
9a5e141dc400bbf3ab5dc9fabfec83de7e495fd30f2c21d38582a32b54a9e7b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A5E141DC400BBF3AB5DC9FABFEC83DE7E495FD30F2C21D38582A32B54A9E7B3"
Last-Modified: Fri, 27 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8959
Expires: Sun, 29 Jan 2023 22:08:47 GMT
Date: Sun, 29 Jan 2023 19:39:28 GMT
Connection: keep-alive
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k1L3IvV0x6ZDdKb0o2T2suanM_X25jX3g9SWozV3A4bGc1S3o-+
198.98.51.35200 OK 25 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k1L3IvV0x6ZDdKb0o2T2suanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 198.98.51.35:0
File type C source, ASCII text, with very long lines (7258)
Hash 07f7e5d0e0f67ada4638663f2fc6edb2
973a46e9f6f517ac4d650bac63f5d55ccc8b1ea2
c9b34f6463d2b6bed000c03c9886ae66cbc73fdc94a566ace844ff14eee1a630
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k1L3IvV0x6ZDdKb0o2T2suanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:28 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sun, 21 Jan 2024 17:28:43 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: qZNsShXbzrlTo2vk4mAiAg==
x-fb-debug: qrL3m/3EXwermeodMNhhEBnPvphRSjDRWMR98dP3LjNko/hNpNdPlDzR2zNIGbkZtDnxwMwcWJ7gRfjrkKEJLw==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=97
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3ltL3IvUUJrQTlaZkFLLVYuanM_X25jX3g9SWozV3A4bGc1S3o-+
198.98.51.35200 OK 42 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3ltL3IvUUJrQTlaZkFLLVYuanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 198.98.51.35:0
File type ASCII text, with very long lines (5830)
Hash df1581c017e36d69fe9b1d0a21044dc4
401c89d08101b9983bc6efecf837a978f22c5f1a
abaeab740ccfa1b4f2f39315d7a0b62f1061f76176d4852d163049ec72234b7d
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3ltL3IvUUJrQTlaZkFLLVYuanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:28 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 17 Jan 2024 16:42:42 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KDpHj0EN1YDd/iWfL5aq0Q==
x-fb-debug: 6eWxlZDzLOK6Wk2mc/N11QfvfFxYZD8njvOML4g7YV5z0qnYIqQNdvhuqLBHnrvXvpaf1CdNvSRnfTFw/s8jcw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=98
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
servecontent.net/content/www/d/sala.php?zoneid=10&cb=48329332610&charset=UTF-8&loc=https%3A//ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
135.148.245.193200 OK 467 B URL HTTP/1.1 servecontent.net/content/www/d/sala.php?zoneid=10&cb=48329332610&charset=UTF-8&loc=https%3A//ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
IP 135.148.245.193:0
File type ASCII text, with very long lines (415)
Hash bf710a47dbc13427912355021dd87bf9
9982df8b17aa36ec05aeb4faa6c1a505e645372c
4c780542089973ee1124fb9b2341557d62159e78a09ac46efba26dad94edf18d
GET /content/www/d/sala.php?zoneid=10&cb=48329332610&charset=UTF-8&loc=https%3A//ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw-- HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:28 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Mon, 29-Jan-2024 19:39:28 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Length: 467
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64QL8rauw~I6ochorbAZvo9Lxmg53_csDH6rX7WINtzQKkkrPHhlcS~fyfRvng9KA~YnZ1yfIFhv6k318MpkK1yT
198.98.51.35200 OK 187 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64QL8rauw~I6ochorbAZvo9Lxmg53_csDH6rX7WINtzQKkkrPHhlcS~fyfRvng9KA~YnZ1yfIFhv6k318MpkK1yT
IP 198.98.51.35:0
File type ASCII text, with very long lines (7153)
Size 187 kB (186810 bytes)
Hash 985d435d814a47da835c696caf4c99a4
938ec62743be21961f019959c1a6524a99d1c9c3
5665f86648c2568f48e756c2264c0203abb07697d536c44ee4debd2bd650bdf7
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64QL8rauw~I6ochorbAZvo9Lxmg53_csDH6rX7WINtzQKkkrPHhlcS~fyfRvng9KA~YnZ1yfIFhv6k318MpkK1yT HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:28 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Fri, 19 Jan 2024 01:15:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: v0SY0TtS21BoNKCD8/SQNg==
x-fb-debug: ub9/cki558QRpwc2nWLnJ7OsySRt9ivtw+dKhhQpmzCQcfMinTqtMl02Q9lP80z6S6pIxnoXF+QJ3t6y38FdtQ==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=99
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
static.xx.fbcdn.net/rsrc.php/v3/yc/r/2oHddz12uT9.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 3.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yc/r/2oHddz12uT9.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (3987)
Hash 636c7c08c6b023dacc956401adb1db8d
10aaaa2fcbd9ee2a31ee6ebec2e324494fe197dc
79dae50f0d2f27414403a22c5b3caf43c253e14ec7d6593c02ceea4d6766acd9
GET /rsrc.php/v3/yc/r/2oHddz12uT9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 14:16:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: Y2x8CMawI9rMlWQBrbHbjQ==
x-fb-debug: fuXqg56tjsj9uaXAo4Y3WE/UVypRsFJmJX5tgwala+IzJpJAEKHm0f5jijXtXF18Ud1WU/joH+IOEXrgnVL06w==
priority: u=3,i
content-length: 3374
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3ih-D4/yT/l/en_US/NAjUgYx5hB9.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 18 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3ih-D4/yT/l/en_US/NAjUgYx5hB9.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (32828)
Hash 7166ba080472cac0f648f27fb28ed5d3
a2e0ca41bf6cafa1ad86c5958ded8622fc0170ff
e80d63c245652eb4e00fd04657c255bc451cec4019ff820f0207862f409733b0
GET /rsrc.php/v3ih-D4/yT/l/en_US/NAjUgYx5hB9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 20 Jan 2024 15:28:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: cWa6CARyysD2SPJ/so7V0w==
x-fb-debug: 5wfoIZYrMfjwRfBQQ83Wy7r83ANpyFW7CoqOGqGHRudxeiTdopOs0TBrWXATQsF1NDUBYStgZa1PqLnS2iowuA==
priority: u=3,i
content-length: 18172
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3izbB4/yT/l/en_US/khYkcOHo9g2.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3izbB4/yT/l/en_US/khYkcOHo9g2.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (10595)
Hash 152c44f7b7f97fd846db159a40ad0b68
5f27abb42c00b173993ad6cf171531b7da61925e
a16d92bd593074cb658e24e6868c5ba161fa45d6bc77cca22d6da86e0e3243b8
GET /rsrc.php/v3izbB4/yT/l/en_US/khYkcOHo9g2.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 25 Jan 2024 22:27:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: FSxE97f5f9hG2xWaQK0LaA==
x-fb-debug: wVs7LL4zWDwEsOvzeDvsSH0kW+i48BYX4VPOh7QYn7m6yHOnmQcaXk+sKYxvOeqplT5AgvjGF959g2TA7xd2Nw==
priority: u=3,i
content-length: 12398
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yb/r/m82IO1HXQRH.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 11 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yb/r/m82IO1HXQRH.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (9053)
Hash f37f1777786b32d2198366939aabd7d3
743a07626cb602d272e41fb92ef60d309e0e5fb4
f4b6ae7b9e0ba598001ec1db9d0199252a6eac113eb8bee18a905e967dd62f5a
GET /rsrc.php/v3/yb/r/m82IO1HXQRH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 17 Jan 2024 16:43:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 838Xd3hrMtIZg2aTmqvX0w==
x-fb-debug: EecXZoQ3XRTB1NDN9z8Oeg4FWJJw5bcG6+9TRfr6RJfcSxzsuCZmSV0MaOoIZNLN87xs3GzIPQAXUBeAQxQo3g==
content-length: 10691
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 13 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (32588)
Hash 34dd9849794de6e455b38c372e6af714
71d938f601eb56283143df5d367c46f1b25e3c4d
282985aa4c8e10951ed1b17f49a8e28b062187ac741c35bb5c6e6153dd7a27e6
GET /rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 01:23:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NN2YSXlN5uRVs4w3Lmr3FA==
x-fb-debug: 5xxtHm1EOiqRl6ONACYoXD+VbPWWMDcu4NvwjiDyIyMD0QjOdvnWbd3atA0UHEg55jRYWELBEy84it7lU15VXg==
content-length: 13014
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLQG4/yv/l/en_US/Sa1jhi1-Bt9.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 10 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLQG4/yv/l/en_US/Sa1jhi1-Bt9.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (7411)
Hash b498d733f85228a332f0aced10c6f881
148025b40a292386ea20b51b3c033204084083e3
fda32af9ae0ef1da786506a3813fc835e0dbd4ee0aaadcf88deb20cb9122026b
GET /rsrc.php/v3iLQG4/yv/l/en_US/Sa1jhi1-Bt9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 15:15:30 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: tJjXM/hSKKMy8KztEMb4gQ==
x-fb-debug: 9BGTV47I2yDlkh6x8QqV9y8D5GM5tHfJxCaqhkDqPG0s/p+hMhJ7ultyUsmeaXjxyUVo61uObZ2Hmfg8BVXqqw==
priority: u=3,i
content-length: 10340
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
servecontent.net/content/www/d/noah.php?bannerid=0&campaignid=0&zoneid=10&loc=https%3A%2F%2Fny.hideip.co%2Fdirect%2FaHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--&cb=2d3f4963a9
135.148.245.193200 OK 43 B URL HTTP/1.1 servecontent.net/content/www/d/noah.php?bannerid=0&campaignid=0&zoneid=10&loc=https%3A%2F%2Fny.hideip.co%2Fdirect%2FaHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--&cb=2d3f4963a9
IP 135.148.245.193:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /content/www/d/noah.php?bannerid=0&campaignid=0&zoneid=10&loc=https%3A%2F%2Fny.hideip.co%2Fdirect%2FaHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--&cb=2d3f4963a9 HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Mon, 29-Jan-2024 19:39:29 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Length: 43
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: image/gif
static.xx.fbcdn.net/rsrc.php/v3/yi/r/iY5nyHT2naX.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 8.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/iY5nyHT2naX.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (8848)
Hash c7c1ba2e9acc86ba78a3b2c83736f3fb
51665375d6fe633b0e44113419a0bdefd8a559ef
49c7ea963e3b03244039ebb96a5e8729c20788aad94dea550e68f00a03ec3bb0
GET /rsrc.php/v3/yi/r/iY5nyHT2naX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 24 Jan 2024 19:04:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: x8G6LprMhrp4o7LINzbz+w==
x-fb-debug: rGu4ZetUTPbjJW4ZgexBjeAn4bIFLYhmljrwhZAOcM4rF1aTVjSGcOPt4vpfytJF5giZf061T87tiYOAfi77Gw==
content-length: 8424
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yK/l/en_US/0D75Vw0sOuD.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 3.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yK/l/en_US/0D75Vw0sOuD.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (6870)
Hash b69cf4e150338ada74a3c71298ab8d30
a4bcd2abd76741b6c3d692fc34538cb304f39d99
108e5fd8d96282336114a82c7235f825d408f6584d2628c234500356060e9d70
GET /rsrc.php/v3iLl54/yK/l/en_US/0D75Vw0sOuD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 02:10:45 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: tpz04VAzitp0o8cSmKuNMA==
x-fb-debug: uowTP/TPgY39ED7ojcGqcO5+8kISUa8t1UqFa4cifucJqQih8obIb+/sMwn4KqM/QuB9yrabUV7V6CBOEazRpw==
content-length: 3273
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yg/r/GaT0-DQJdWD.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 174 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yg/r/GaT0-DQJdWD.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
Hash f41dd211dae2e38cc07fb986a0386d54
a4e0398136c7c27e468ddc0e453bd6d1934f7879
410bdb0ca6a62e9ec03f7080bc84bfd619dc6256fd2be9c11250cbdec6721bce
GET /rsrc.php/v3/yg/r/GaT0-DQJdWD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 17:50:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 9B3SEdri44zAf7mGoDhtVA==
x-fb-debug: DAWsf3c8wQm5V9NpuK+gTLtvFTBtVo2Pc0FEpI5UEUDJDlrCKfg2BuPifVyYMidoN2QFrNAbrVQX93TZHETYyg==
content-length: 174
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 10 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (18915)
Hash 084615819834e23edead2d2e6fbb0db2
656c5c532f295c4c3a788ea0a719da7686c05bfe
41c35b99b989e96dd40bfbbfb44fe26556a062069ec4e05ad67f51e2259d295e
GET /rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 14:34:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CEYVgZg04j7erS0ub7sNsg==
x-fb-debug: 4HeBqD3JfIujOygHp7Jg0EbkY94BmSL982XmjnANzvigRwNEnpPYJDXSGRYRYObMI0Lfz9RruyXVAq1swK94SQ==
content-length: 10390
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ue_OWlkLDZP.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 9.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yY/r/ue_OWlkLDZP.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (7732)
Hash 544d77ebb9e2bdcbb0bf6a266081af0e
c0f62f4a212fb7998dcdc602e46453e0d9cf9668
d4e798354cdbfeed7a6ee6e11a872de9f331f642e06022074a8e4e2beeb4be58
GET /rsrc.php/v3/yY/r/ue_OWlkLDZP.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 25 Jan 2024 18:40:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: VE1367nivcuwv2omYIGvDg==
x-fb-debug: Ewr96YU81mFZloqo1g2jhQVF1Fof446Anyn3bGP8E4DoRrO3lF/a3dDCMmN0ugcdspaDnUdjmbeHHipFgFuD2A==
content-length: 9272
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 7.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
File type ASCII text, with very long lines (17932)
Hash 5b98e07045ca8a854cc251c5589c9a8c
5bf081390c53ab7e8189938e63098e8d7bbce3a0
1c1c815ddbda67edd699b03e86f8755fe5e09a2b435daf0191706e656a66a555
GET /rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 03:23:45 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: W5jgcEXKioVMwlHFWJyajA==
x-fb-debug: DcQsIPOnFMpGrnoaCMaaxOZ7VcfeAm0HWia+2NvPoC4CzJwT9J4TTDp13WWsNLuxBhCdIllnxIo/Qf32M2RbHQ==
priority: u=3,i
content-length: 7497
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 19:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2265
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: gbDE3S01ekq5kiyPllydsaTU5pvMzl3wgkoDBcZA8LAzjBORq0b8CFiNHcFTWGET+ePYV0uJLAoKTsH0+nYPwg==
content-length: 0
date: Sun, 29 Jan 2023 19:39:29 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2265
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: sAWVCodt0LrW3QduTWvQEj+pi6EqAEJTFQ62DRLiR+30NKOMRKZIO6tLqU7sEXznk7deDvVoR9h7qsSuYh1x0w==
content-length: 0
date: Sun, 29 Jan 2023 19:39:29 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
servecontent.net/content/www/d/adale.php?refresh=60&n=a4dc702b&zoneid=8&target=_blank
135.148.245.193200 OK 1.6 kB URL HTTP/1.1 servecontent.net/content/www/d/adale.php?refresh=60&n=a4dc702b&zoneid=8&target=_blank
IP 135.148.245.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (708)
Hash 3f6f09345633eeed8168e76302087fd3
1c1b0c8142537f0fb05df576d089cf8f18a9a0c7
1f0700bd71567890ef858862884291b10cd4094cebf613605f8d995705dcdfd2
GET /content/www/d/adale.php?refresh=60&n=a4dc702b&zoneid=8&target=_blank HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Cookie: OAID=01000111010001000101000001010010
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Mon, 29-Jan-2024 19:39:29 GMT; Max-Age=31536000; path=/; secure; SameSite=none
OAVARS[a4dc702b]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%228%22%7D; path=/; secure; SameSite=none
Content-Length: 1578
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3ljL3IvMm9IZGR6MTJ1VDkuanM_X25jX3g9SWozV3A4bGc1S3o-+
198.98.51.35200 OK 8.8 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3ljL3IvMm9IZGR6MTJ1VDkuanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 198.98.51.35:0
File type ASCII text, with very long lines (3987)
Hash f9e113bc2c3f5698592467f37677f99e
ede89b5bc0ca163b1d0e250fb66e97d72512b3b9
cf5c0da620ff06c1f111643f006233c2203f0ad416474406b762790d7f16538b
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3ljL3IvMm9IZGR6MTJ1VDkuanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 17 Jan 2024 16:51:05 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: HpvvEmycGBZN1nzgI35wwA==
x-fb-debug: w/yZTpH5sKSELelP7z1D32/gzVLweRdfS7kG+JAH4UDnfFwigpPu664h02xsSpDnbmhnypRHYdejLBZ20Sy0Hw==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=97
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaXpiQjQveVQvbC9lbl9VUy9raFlrY09IbzlnMi5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
198.98.51.35200 OK 38 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaXpiQjQveVQvbC9lbl9VUy9raFlrY09IbzlnMi5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
IP 198.98.51.35:0
File type ASCII text, with very long lines (10595)
Hash 92059b6be9dabe47558369f8b86e0470
eaba9d2305efdee1d9dab2a5af7d21528716dee1
8a14403ee0ecb1ace615022e81aa49d1d2295f388fdb0f1acb9d05157d1b29fa
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaXpiQjQveVQvbC9lbl9VUy9raFlrY09IbzlnMi5qcz9fbmNfeD1JajNXcDhsZzVLeg--+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Thu, 25 Jan 2024 16:22:40 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: /QitTL8DBPmd3xJa/PvCLQ==
x-fb-debug: 5erKjZ9pQ+PmEkvwFKE02rT4UPSpdp028rHr+0uM7fvRQJTyvMqwEBXxEM7uuNd3wPl837EHjy2fUN0op9UhhA==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=98
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaWgtRDQveVQvbC9lbl9VUy9OQWpVZ1l4NWhCOS5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
198.98.51.35200 OK 76 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaWgtRDQveVQvbC9lbl9VUy9OQWpVZ1l4NWhCOS5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
IP 198.98.51.35:0
File type ASCII text, with very long lines (32828)
Hash 61b2926efd2199fcf416d38c123bfb52
d7f9a50575adf4c31ab40d6c57480a5d37a122ca
d2c063d142361f1e648628d6d24eb55aef7fbcc4646b314f5c576671d915cf66
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaWgtRDQveVQvbC9lbl9VUy9OQWpVZ1l4NWhCOS5qcz9fbmNfeD1JajNXcDhsZzVLeg--+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 20 Jan 2024 15:17:22 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ZJNzJrpImJq9aNfPeNPlwQ==
x-fb-debug: dqtTxBPW8qb+IVpPYvgyhJiUbP/goy50s4hpuWyiGVDh4Csad8cfp7nogxmddIaBZjRO2o0p2FBEXZGJ3qYk3A==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=96
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
servecontent.net/content/www/d/adale.php?refresh=60&n=a3bcf696&zoneid=9&target=_blank
135.148.245.193200 OK 1.6 kB URL HTTP/1.1 servecontent.net/content/www/d/adale.php?refresh=60&n=a3bcf696&zoneid=9&target=_blank
IP 135.148.245.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (708)
Hash 06830bc127b506f24b9c54f2ea4d1b04
6764cd88c476b464f9e222c189cd5a34f4f3fb21
c06964021732b5dcacf5ab093ddf9ff13f4217d62e75dc534e76b5e18cda5813
GET /content/www/d/adale.php?refresh=60&n=a3bcf696&zoneid=9&target=_blank HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Cookie: OAID=01000111010001000101000001010010
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Mon, 29-Jan-2024 19:39:29 GMT; Max-Age=31536000; path=/; secure; SameSite=none
OAVARS[a3bcf696]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%229%22%7D; path=/; secure; SameSite=none
Content-Length: 1578
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
servecontent.net/content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=8&loc=https%3A%2F%2Fny.hideip.co%2F&cb=23f906226a
135.148.245.193200 OK 43 B URL HTTP/1.1 servecontent.net/content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=8&loc=https%3A%2F%2Fny.hideip.co%2F&cb=23f906226a
IP 135.148.245.193:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=8&loc=https%3A%2F%2Fny.hideip.co%2F&cb=23f906226a HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://servecontent.net/content/www/d/adale.php?refresh=60&n=a4dc702b&zoneid=8&target=_blank
Cookie: OAID=01000111010001000101000001010010; OAVARS[a4dc702b]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%228%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Mon, 29-Jan-2024 19:39:29 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Length: 43
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/gif
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lmL3IvTGd2d2ZmdUttZVguanM_X25jX3g9SWozV3A4bGc1S3o-+
198.98.51.35200 OK 44 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lmL3IvTGd2d2ZmdUttZVguanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 198.98.51.35:0
File type ASCII text, with very long lines (32588)
Hash 4d39e7dc83aa51a24d48e63c02fd40af
858e501c752bdc9cc4576e7c48427e093576b40f
a1794060e1ad5af5abac2f5f1ddc804bffc1efeff0897600e637905512d24ebd
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lmL3IvTGd2d2ZmdUttZVguanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Thu, 25 Jan 2024 14:41:34 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: rE6VNnn8bW5M9+1AMZegFA==
x-fb-debug: HYU4M+t43kistzdDgP30Nejrjmrlav2KrwsdKIA4jkVkviWdb/RLHdpoW5xf9Yxc/dUrEroCLOGsxuPbmkWFCw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=97
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3liL3IvbTgySU8xSFhRUkguanM_X25jX3g9SWozV3A4bGc1S3o-+
198.98.51.35200 OK 33 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3liL3IvbTgySU8xSFhRUkguanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 198.98.51.35:0
File type ASCII text, with very long lines (9053)
Hash 71917e7396c01017d9ae64eceb961fd4
c61dad543cef97b51e87614c5f155ce41aa6cee6
6d8bb83f0fa1391217ab44f4c4d877ed2b37b9f706637deb00514f6f341a4e1b
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3liL3IvbTgySU8xSFhRUkguanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 17 Jan 2024 16:51:05 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: hWLbc6j3Qgc+OQ6PQpJQ+g==
x-fb-debug: 1q3ktjoFMavcN3GXxfNkTw+O8FX+JB/XeUrR9x1+wWXl/NwpWf1G7nzdJ88K2MQgQNYcdBdL3NYYJAhZCgCpCw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=98
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
servecontent.net/images/6071643724afa565b894d47d171636ee.png
135.148.245.193200 OK 24 kB URL HTTP/1.1 servecontent.net/images/6071643724afa565b894d47d171636ee.png
IP 135.148.245.193:0
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 6071643724afa565b894d47d171636ee
8f98aae05d07ea0adf350bd6cd51e9fefc979396
809aa7a19416b5aa3d28da7750b5f065ca3764f0f37a4048fea153deccea1c29
GET /images/6071643724afa565b894d47d171636ee.png HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://servecontent.net/content/www/d/adale.php?refresh=60&n=a4dc702b&zoneid=8&target=_blank
Cookie: OAID=01000111010001000101000001010010; OAVARS[a4dc702b]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%228%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 20 Dec 2021 07:34:26 GMT
ETag: "5f95-5d38eeb193057"
Accept-Ranges: bytes
Content-Length: 24469
Keep-Alive: timeout=1, max=97
Connection: Keep-Alive
Content-Type: image/png
servecontent.net/content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=9&loc=https%3A%2F%2Fny.hideip.co%2F&cb=d0eba9c921
135.148.245.193200 OK 43 B URL HTTP/1.1 servecontent.net/content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=9&loc=https%3A%2F%2Fny.hideip.co%2F&cb=d0eba9c921
IP 135.148.245.193:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /content/www/d/noah.php?bannerid=69&campaignid=8&zoneid=9&loc=https%3A%2F%2Fny.hideip.co%2F&cb=d0eba9c921 HTTP/1.1
Host: servecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://servecontent.net/content/www/d/adale.php?refresh=60&n=a3bcf696&zoneid=9&target=_blank
Cookie: OAID=01000111010001000101000001010010; OAVARS[a4dc702b]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%228%22%7D; OAVARS[a3bcf696]=%7B%22bannerid%22%3A%2269%22%2C%22zoneid%22%3A%229%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.4.19
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Mon, 29-Jan-2024 19:39:29 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Length: 43
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: image/gif
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lpL3IvaVk1bnlIVDJuYVguanM_X25jX3g9SWozV3A4bGc1S3o-+
198.98.51.35200 OK 27 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lpL3IvaVk1bnlIVDJuYVguanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 198.98.51.35:0
File type ASCII text, with very long lines (8848)
Hash 29346c46dd0768862ef8e9405177223e
e17c58ff26b1803b0c36c3c13df6f84909b11c1e
7b12b0646f318991508457c2f39e2e36107cd925392357a992e8cd8c6d89a6af
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lpL3IvaVk1bnlIVDJuYVguanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 24 Jan 2024 19:05:47 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: tRgIslIhg1DfXrvNZ7vBQg==
x-fb-debug: g1ov+D8VVRr9B57vw8Iw2TXMHQX7cdYx2uJWdphiU/A+3Jlhgs8k25V6zmEHHgOgl8xi5szD3VDUhL/zURE3rw==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=96
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaUxsNTQveUsvbC9lbl9VUy8wRDc1Vncwc091RC5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
198.98.51.35200 OK 8.8 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaUxsNTQveUsvbC9lbl9VUy8wRDc1Vncwc091RC5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
IP 198.98.51.35:0
File type ASCII text, with very long lines (6870)
Hash af3a1391eb744fca4f32b53306f226c7
8da8012a0c8103db30ecf58cb81bba45bc18d657
96a1b9a7cfa40aeb294427625db3de9a71609b77c5ff0335a6f8613524a8b660
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaUxsNTQveUsvbC9lbl9VUy8wRDc1Vncwc091RC5qcz9fbmNfeD1JajNXcDhsZzVLeg--+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Thu, 25 Jan 2024 21:09:49 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: rrq61JnsEVL+xCp0RlB/zg==
x-fb-debug: fyd2ZbaARg1c06caBRj/c/P58brgZTvQ1pPDExN1D2P1t/ZHF5YdHoeBNJa9Q1DZJ2iGKAPsl4sYi9yh4EjwIQ==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=97
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lnL3IvR2FUMC1EUUpkV0QuanM_X25jX3g9SWozV3A4bGc1S3o-+
198.98.51.35200 OK 313 B URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lnL3IvR2FUMC1EUUpkV0QuanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 198.98.51.35:0
Hash e647dca510effb226de36a63bef2203f
50b0a1ddc258f27ab5a54385384ee2ff6610f04f
0dfdfbee24a09f48ebeaf6475da29c527799a0faeeb20c68a58a2dfdfb3040d3
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lnL3IvR2FUMC1EUUpkV0QuanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sun, 21 Jan 2024 04:25:40 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: WvOSe9lqrJ70c48G5gxjbw==
x-fb-debug: yoFSSzRn3udREd0UqxXy/mZ0s6CXEWpnFJln3+rrRSBrhXXUR8Kf4+s6PqHp4/Ez/gTd3kBNgokta6PL+J1dGQ==
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Content-Length: 313
Keep-Alive: timeout=10, max=95
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k5L3IvaWUzOG1wME8wN1AuanM_X25jX3g9SWozV3A4bGc1S3o-+
198.98.51.35200 OK 25 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k5L3IvaWUzOG1wME8wN1AuanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 198.98.51.35:0
File type ASCII text, with very long lines (18915)
Hash d03405286255f92c495fb7cbeb7c9556
0fad02cc6fcfca74b57a1db092b5c16e4e9c0759
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k5L3IvaWUzOG1wME8wN1AuanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Fri, 19 Jan 2024 15:26:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1ezP5GQ+AmxBfmUBZlBzeA==
x-fb-debug: N+Md7zXoGYgthNUrxN1KpvLjZr5NBY7GIuBaKGLEnvpLRvZCIa7gR1ecXHZSM4wwQICeLdlB3GSlSzqeN4DxJw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=96
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaUxRRzQveXYvbC9lbl9VUy9TYTFqaGkxLUJ0OS5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
198.98.51.35200 OK 39 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaUxRRzQveXYvbC9lbl9VUy9TYTFqaGkxLUJ0OS5qcz9fbmNfeD1JajNXcDhsZzVLeg--+
IP 198.98.51.35:0
File type ASCII text, with very long lines (7411)
Hash 47c4df42b41b14cfed1343b5c24b6daf
0c742c69af6e76941f3e1a1d1d39b5e0da72d10b
90a71cf86cb2cd4ff387adb0b434b6f6da4f18f835b086d0ad1941caea6dedfb
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaUxRRzQveXYvbC9lbl9VUy9TYTFqaGkxLUJ0OS5qcz9fbmNfeD1JajNXcDhsZzVLeg--+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Fri, 26 Jan 2024 16:36:30 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: N8bSNG/L6yxUGxSOu+aK0Q==
x-fb-debug: QV+8BdH08BqSCHvS/XeQ8BjfXK2R+eW8+vEg0TD/IvyPW74woFisfl2vmbF0bCUIaSyUtJ+tkwmWfwidw5mQcA==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=100
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lPL3IvX3RKMTdzR3l4T1guanM_X25jX3g9SWozV3A4bGc1S3o-+
198.98.51.35200 OK 18 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lPL3IvX3RKMTdzR3l4T1guanM_X25jX3g9SWozV3A4bGc1S3o-+
IP 198.98.51.35:0
File type ASCII text, with very long lines (17932)
Hash 73111912f4b4f7a5b5501dc74d50025b
94bae7be09cae37c16321425b151eb0de4592f0d
ab6777f622dce53efa7d6a93432292afba7757445eb4cc111b25810882375b98
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lPL3IvX3RKMTdzR3l4T1guanM_X25jX3g9SWozV3A4bGc1S3o-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Fri, 19 Jan 2024 03:26:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 8+8w3OlaRgQuE5P3aQtiSA==
x-fb-debug: bPCgNs9IUhzsmprgf+5JK3ji0dvFjCzj/ETCYvltw52ZQA5me6DutOUc7FiA6Qg9xggqtrfDNr+vXJqu0Hcxhg==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=95
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
ny.hideip.co/direct/aHR0cHM6Ly9zY29udGVudC54eC5mYmNkbi5uZXQvaGFkcy1hay1wcm4yLzE0ODc2NDVfNjAxMjQ3NTQxNDY2MF8xNDM5MzkzODYxX24ucG5n+
198.98.51.35200 OK 79 B URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9zY29udGVudC54eC5mYmNkbi5uZXQvaGFkcy1hay1wcm4yLzE0ODc2NDVfNjAxMjQ3NTQxNDY2MF8xNDM5MzkzODYxX24ucG5n+
IP 198.98.51.35:0
File type PNG image data, 10 x 10, 8-bit/color RGB, non-interlaced\012- data
Hash 8dc258a49b60fae051e9a7ce11ad05cf
dafef280663f4205fc7f0e47799e9945e6a68d6d
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly9zY29udGVudC54eC5mYmNkbi5uZXQvaGFkcy1hay1wcm4yLzE0ODc2NDVfNjAxMjQ3NTQxNDY2MF8xNDM5MzkzODYxX24ucG5n+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sun, 29 Jan 2023 19:39:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
access-control-allow-origin: *
Keep-Alive: timeout=10, max=96
Transfer-Encoding: chunked
Content-Type: image/png
ny.hideip.co/secure/c4~Z35I8T~3RfKnuRKU0G317RYloiGzP03FqJvwKOQGAtQsX65shwQwF~8EhOOcz_WanzAKUMx2Aj9pSJ4a7dA--
198.98.51.35200 OK 61 kB URL HTTP/1.1 ny.hideip.co/secure/c4~Z35I8T~3RfKnuRKU0G317RYloiGzP03FqJvwKOQGAtQsX65shwQwF~8EhOOcz_WanzAKUMx2Aj9pSJ4a7dA--
IP 198.98.51.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8265)
Hash 3fd97d3ab31207cbd584490a3e16ac04
b6f1a216b42c009f363d0f89335f7bc93df25556
3ea49522b8d5e0edc7d723d1fd68cb0b8e13b27ff48f7592f5534f28643d3437
Analyzer Verdict Alert fortinet Malware
GET /secure/c4~Z35I8T~3RfKnuRKU0G317RYloiGzP03FqJvwKOQGAtQsX65shwQwF~8EhOOcz_WanzAKUMx2Aj9pSJ4a7dA-- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stv.AWUNS-hDvow; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:28 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
vary: Accept-Encoding
set-cookie: fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; Domain=ny.hideip.co; Path=/
4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; Domain=ny.hideip.co; Path=/
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
Pragma: no-cache, no-cache
Cache-Control: no-store, no-cache, must-revalidate, private, no-cache, no-store, must-revalidate
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-fb-debug: ydQeO4kigqThTRi+JrYeN51J7pylqwDspvIDGi/E28Kyb3mqrfuC6Z7A8kstS/DEKTtYbNrgHNerXrExGfph4A==
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
access-control-allow-origin: *
Keep-Alive: timeout=10, max=97
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116423 bytes)
Hash d5b9b7a3accd3b7b7de639c072ae3ee2
9583b5c046d78af5c6379d844219f828aa2222d0
648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116423
date: Sun, 29 Jan 2023 19:39:30 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 19:39:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
Hash 9d9bc37c9e497122ba9ad56da7b4e99b
04f452c41f4d08d3fade3322701f036d7e12bef8
413f12551050c0fa2e81259f0cd86b4d19120724f9d25dd6117d65f8b9f0b05e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 17:46:59 GMT
expires: Sun, 29 Jan 2023 19:46:59 GMT
cache-control: public, max-age=7200
age: 6751
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ny.hideip.co/direct/aHR0cHM6Ly9tLmZhY2Vib29rLmNvbS9hL2J6P2ZiX2R0c2c9TkFjT1B0ckVBaFIxY0F6OUJSX2E4STJNbXFIbFNPMVRSanQ5WVdNWF9GdkVadWE5MFk0Vkt0QSUzQTAlM0EwJmphem9lc3Q9MjQ3OTQmbHNkPUFWb2FFVUhTZVdNJl9fZHluPTFLaWRBRzFtd0h3aDgtdDBCQkJnOW9kRTRhMmk1VTRlMEM4NnU3RTM5eDYwbFc0bzNCdzRFd2s5RTRXMG9tME1VMEQyVVMwc2UyMjl3NnR3NVV3cDgxN1UyZXc0S3d3dzRXd1N5RTE1ODJad3JVMnB3OE8welUmX19jc3I9Jl9fcmVxPTEmX19hPUFZbFBwaEE4cE1hc2tGM3VMWGtnTjNzUy0xY1hiZk82eFY5ZGpZX3RNR2pDalhQNW9Td09EOFJqamVJU3VNbmhvaTkyd29lcGtkaHV2Rm5jTkJ5aHVhTlEzTUloLTBuNWY0dGRxSWhHMlNOZEpRJl9fdXNlcj0w+
198.98.51.35200 OK 249 B URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9tLmZhY2Vib29rLmNvbS9hL2J6P2ZiX2R0c2c9TkFjT1B0ckVBaFIxY0F6OUJSX2E4STJNbXFIbFNPMVRSanQ5WVdNWF9GdkVadWE5MFk0Vkt0QSUzQTAlM0EwJmphem9lc3Q9MjQ3OTQmbHNkPUFWb2FFVUhTZVdNJl9fZHluPTFLaWRBRzFtd0h3aDgtdDBCQkJnOW9kRTRhMmk1VTRlMEM4NnU3RTM5eDYwbFc0bzNCdzRFd2s5RTRXMG9tME1VMEQyVVMwc2UyMjl3NnR3NVV3cDgxN1UyZXc0S3d3dzRXd1N5RTE1ODJad3JVMnB3OE8welUmX19jc3I9Jl9fcmVxPTEmX19hPUFZbFBwaEE4cE1hc2tGM3VMWGtnTjNzUy0xY1hiZk82eFY5ZGpZX3RNR2pDalhQNW9Td09EOFJqamVJU3VNbmhvaTkyd29lcGtkaHV2Rm5jTkJ5aHVhTlEzTUloLTBuNWY0dGRxSWhHMlNOZEpRJl9fdXNlcj0w+
IP 198.98.51.35:0
File type ASCII text, with no line terminators
Hash b398b1a38e5ccb18fb3e5cf32e706bfe
780db9ac16cccad2a87b93045581bb86842ffa10
da87a0610c788906b6e50f8e9d8d77a7587af748fcc2e3a78f92d696ec9fa0a2
Analyzer Verdict Alert fortinet Malware
POST /direct/aHR0cHM6Ly9tLmZhY2Vib29rLmNvbS9hL2J6P2ZiX2R0c2c9TkFjT1B0ckVBaFIxY0F6OUJSX2E4STJNbXFIbFNPMVRSanQ5WVdNWF9GdkVadWE5MFk0Vkt0QSUzQTAlM0EwJmphem9lc3Q9MjQ3OTQmbHNkPUFWb2FFVUhTZVdNJl9fZHluPTFLaWRBRzFtd0h3aDgtdDBCQkJnOW9kRTRhMmk1VTRlMEM4NnU3RTM5eDYwbFc0bzNCdzRFd2s5RTRXMG9tME1VMEQyVVMwc2UyMjl3NnR3NVV3cDgxN1UyZXc0S3d3dzRXd1N5RTE1ODJad3JVMnB3OE8welUmX19jc3I9Jl9fcmVxPTEmX19hPUFZbFBwaEE4cE1hc2tGM3VMWGtnTjNzUy0xY1hiZk82eFY5ZGpZX3RNR2pDalhQNW9Td09EOFJqamVJU3VNbmhvaTkyd29lcGtkaHV2Rm5jTkJ5aHVhTlEzTUloLTBuNWY0dGRxSWhHMlNOZEpRJl9fdXNlcj0w+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
X-Response-Format: JSONStream
X-Requested-With: XMLHttpRequest
X-FB-LSD: AVoaEUHSeWM
X_FB_BACKGROUND_STATE: 1
Content-Type: multipart/form-data; boundary=---------------------------123855474831111207792831013429
Content-Length: 1018
Origin: https://ny.hideip.co
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
vary: Accept-Encoding
set-cookie: fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stx.AWXYgQkcC00; Domain=ny.hideip.co; Path=/
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
Pragma: no-cache, no-cache
Cache-Control: no-store, no-cache, must-revalidate, private, no-cache, no-store, must-revalidate
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-fb-debug: UqsEHWGKx6hGxzeYtmKHdALDTgZZ6grUVb37dATZ7dW7um/Fz2loPKw+ELD1blDPFWxLw14F3uQrjx91ZHgFbA==
priority: u=3,i
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
access-control-allow-origin: *
Content-Length: 249
Keep-Alive: timeout=10, max=94
Content-Type: application/x-javascript; charset=utf-8
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2231
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: dZJpBrK+MhShBKkTGag/XitiCMQwQP1dTXi2KeQ1W5As3snJx0SupAfDgoVx6aYvFv/aRlOv3F+2xYUhzG8tqQ==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2286
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 7v7YWdmjgeR2SUzRAR368vxnLlnnbq7QyjbcmAcghkYkMkh8wpikxHIBuhS/x4UXc3W/Thf0KxiZOQJwEiZoFg==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2348
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: qU9Lqhmo0Ug6pbKAZSwj/mmhH0zcBoy7e9F1oa94wVGoZXN/fxRVkSlWlxkMI3tsOtcqp0qO7zj0eYHXFvzAuA==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2286
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ixwzmCHVSdHnlRlJT7SBbt1YMwpFQg7B4JYOPaQCBKxEhxROAKC/mVyExEefh+YuJ91stazfUjhka/R529WRnA==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2216
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: pyvzBT+1a3m+kcAk7ivjps4w1cnvP4zSQY3FATFXUpv72Z+tg2Ra2CI9UuM5Vfx23YBkk6bV73bf6unpZrIp4Q==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2328
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: CQggc9Fu40oQIZUqa4ucL6NheOgQZZSQmbhMezGK02yGuDHL06Ord4UFLiizPzq0G1a/MlooDem5/kvBQsrdhg==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 19:39:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2286
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: vSPJDNDTpiRtuoCXzX/XMxjekzlJHjV3BagAJ9WuJ0HA1QPEcaGvgt0GXZNkm7KTSLm93hdqXXQ3SDeGhMWWJg==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 265 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0bf729544b0390ba1fda4b5fdfd7aa14
69aaccaf7c7b0fccc30b8df97fcebd26bba3f7e3
f1357dc58e583e3fe1b9ab8cc980b319a3eb3788fd7fa8b966eee8d12cc8defb
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2232
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: bv4wLDmiCqn+HJudrhlWPfkfzMPke7lvVm9tCGdlH1irHxQLNjIsoAXzXIsSPH48Gj+9RvG8RPwKef6JhuvRsA==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=877856942&t=pageview&_s=1&dl=https%3A%2F%2Fny.hideip.co%2Fdirect%2FaHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--&ul=en-us&de=UTF-8&dt=Facebook%20-%20log%20in%20or%20sign%20up&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1882604917&gjid=1174343546&cid=348367671.1675021179&tid=UA-29237810-1&_gid=2072811355.1675021179&_r=1&_slc=1&z=545715366
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=877856942&t=pageview&_s=1&dl=https%3A%2F%2Fny.hideip.co%2Fdirect%2FaHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--&ul=en-us&de=UTF-8&dt=Facebook%20-%20log%20in%20or%20sign%20up&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1882604917&gjid=1174343546&cid=348367671.1675021179&tid=UA-29237810-1&_gid=2072811355.1675021179&_r=1&_slc=1&z=545715366
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=877856942&t=pageview&_s=1&dl=https%3A%2F%2Fny.hideip.co%2Fdirect%2FaHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--&ul=en-us&de=UTF-8&dt=Facebook%20-%20log%20in%20or%20sign%20up&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1882604917&gjid=1174343546&cid=348367671.1675021179&tid=UA-29237810-1&_gid=2072811355.1675021179&_r=1&_slc=1&z=545715366 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ny.hideip.co
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://ny.hideip.co
date: Sun, 29 Jan 2023 19:39:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2328
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: r3sNsp9HUA+jf0vvLiWSkDDljSNTA30km1rHIAgXtOzczmnI6Diyp75wYSny8epEMOrB3bwPYCgwpOLeuK6JmQ==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2231
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 4HLvrvgdBZxEutUmvkQMa7/06PKBjMiDQRfCPXXufczI3jpvgjgXtTt2LuobPWilmgptDfvFzELZCpkOZdSAPg==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2225
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: AMCUsj5zDK9X7EW3UrizclEdruP7xfVBy5W5P3GhXdvQ6J5V1PBf2MbhJ10WEVxBUjmTOdYto2i5wFemJD+LcQ==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2231
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: hq/hM3pwrPI1z2LGPKmpYHxqofLLWFytJhBlh3HzOChRhEUx1qbxG5NnDVAvRHMFgWV7Jgu9aAN+w0bAfm4BPQ==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2232
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ZH+X/rSviHAkcvjBqLam8Pl9Vihb7auJ2Ab8GO1iAkSQR8kDLlxkmhVoB5QLwz0XwZINz8M/XdSiW/3lRV2DIw==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2286
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: thuA3kXooudEhemaaeDMJqNO/DcFftH1R8VJOOzJssUPeeW9U2eJvlhclxxw1gFLYRGVZhkV2+w2SCQ+cmT5Nw==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2348
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: AfNm0t9xahVf3yuME97Bbbh4w8/iKDsWxha2v/aKgkpFOrt/wyRknWrDopYytFA0sSgMPpotQTOUpnht89pqkA==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2328
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: +29bU3XRLBffkwsFbqQzcNqIgvTjvaTMsArVsU1lde0UoNBnvAckHBNDqDuSWbYSQwsyWG9m54BD09kEG7weTw==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2217
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: mClpvTfFUQKBqr2WNsUi0L77xGXiVlSjC+b+669IkIIJLVDEXpXjqSZEh3OPr3G77H7LW4pGWS/MtwiiB98wHg==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2462
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: /yGGKeCoH4QGMGUNPaOvGs9tCuvOLFT2Z41OBSD0x4kMe9Fii0JglQgOECp4OePV07RB/ipdbVoZhUvuP/K8ww==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.serveuk7.com/public/cache/fe9be950129735bbb9f4afea4e5b8ab2.js
104.21.0.90301 Moved Permanently 3.3 kB URL HTTP/2 www.serveuk7.com/public/cache/fe9be950129735bbb9f4afea4e5b8ab2.js
IP 104.21.0.90:0
Hash ec317c861d39cc209edce9753ae20d59
5027098cddefd95ef3c3c009159aa07bce9eaa7d
9f0879cd37ae3e731840c655e3134080d7592cc5a14f17cf6c94d54edd31f045
Analyzer Verdict Alert fortinet Malware
GET /public/cache/fe9be950129735bbb9f4afea4e5b8ab2.js HTTP/1.1
Host: www.serveuk7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 29 Jan 2023 19:39:28 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.4everproxy.com/public/cache/fe9be950129735bbb9f4afea4e5b8ab2.js
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2678400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FwukGXl%2BrgCzlmGZeM52uhxxyzOx9xa3PiTz0hig7lns1pvSugEEtpZg2081QhmCLrkuqcGiwgtb%2FiFHFzpaD7gO5VkEm8XPXS9Y7cKSoKwtDx8l%2BkitxPPegvjE6Qh%2Bx5T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79146f184a3db506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2476
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: euGmb4JOIfYmpQRk7k4rhQX+DqbdBe7r2GoIMrAyd7LoYxNHFPGHtHBVNGYWEe1wNXPGIO9ySgLHMVkysXmncQ==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 272 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 560dc0825f6fefbde84e220684ee663e
b38d4bf09a5ed75469f06f422804c382700b1168
fe52ee95760b40aceda3039f33bf9e9e3e5f23e3537aaf3284452a43f3b611a5
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2476
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: FAgnowlFIc/lkQqXvP82HAGt4Ad+e3NnnUoBuDhfxkhc/jTycB6aQ2TFAX0ezJ0K3v4sD9a8ZlGyqnCpU+WxRQ==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2432
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: yf4I2tZlaE6Lqb6zdQFSxXUau+uO/4B67Vu3Dl9PFkQ0/BlLsagTMisalKTpdjQ6sENbNVaROv8jBfLVZJA0bw==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 271 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f9f17f7143906d52eb76088da6da93bb
c5733948992cb8a837344143f68f49f4954cdcd5
c63e03bd68c37f14a3ea984afac23705720ea2a30bf80242d13a2a6433be3964
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2220
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: WcwWXb8eRhAkk5ZfR+WZeTCLmRPUK38RbguXrCwgj9df/RDZMoRm6s9dceUsVARQyXpsoHdA7ajrqjEP5PMlAQ==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2328
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: va9+uXP4IUVnW2Ih1/qyxhNa+lLtjTjuucMOVge78k7ddodgRSqBzMGWeVhvsQ/Y2qD8CR1vbsC7hRZw4YwLgw==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2246
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: C4VDekrRbxPmgS4AdMIUL3BcOC0Uq129QFPaGOtOJZ87CpC18fQjcAhXEiIJnzHAOfPrT2ljzM6XM4bWx9KSZw==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2231
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: gm4zvj7esLgTwl+TVVCepDVdrcw7izWEuZefxsxTooDy8xxVFteQejOqXS/Lh/xPU/bi+UxhJiaciFAzMPLZBQ==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2225
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: XsOmkI4SeChuYMIht01sJr3CeOPuEzZ6UGnYhARKTJ85SJEDqNtimtUjRJ9C9qHYDK1/kawM8cqEVroN4dY2Sw==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2246
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: e/tU2ROOjSopzWtEIm2NNWKAbxX7mLKzUxNwI66PMOQsh3MUyjDCkYjERSPqq6iP4KYN7GBnVDjzgN3d0whHpw==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64Qx7pM1sDc8LkNd7iddGjS9p2PfAD6BuZKzaWRmfl_W4w--
198.98.51.35200 OK 6.7 kB URL HTTP/1.1 ny.hideip.co/secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64Qx7pM1sDc8LkNd7iddGjS9p2PfAD6BuZKzaWRmfl_W4w--
IP 198.98.51.35:0
File type PNG image data, 196 x 196, 8-bit colormap, non-interlaced\012- data
Hash 389dfa18be34d8cf767e06fd5cde4ec6
47b751cffab47d076816c63ce08d3e84600376ee
3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
Analyzer Verdict Alert fortinet Malware
GET /secure/trs2dTn5Xw863nP2ns_kvhTMQgttdWrtdx8UH~eJ64Qx7pM1sDc8LkNd7iddGjS9p2PfAD6BuZKzaWRmfl_W4w-- HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stw.AWWeJYlO9hU; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Pragma: no-cache
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OJ36GL402M92fgb9XN5Oxg==
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Fri, 19 Jan 2024 06:57:38 GMT
Cache-Control: no-store, no-cache, must-revalidate, public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
x-fb-debug: OfpiWjfXWZ735IF0Qmg/uiFyBkrCd+uGt1O911LPWU2YQp9hF5GlE+sg3kMAsYeVFqo+OGT7S2XbKzSENKi2uw==
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
Keep-Alive: timeout=10, max=94
Transfer-Encoding: chunked
Content-Type: image/png
ny.hideip.co/direct/aHR0cHM6Ly96Lm1vYXRhZHMuY29tL2FkZHRoaXNtb2F0ZnJhbWU1Njg5MTE5NDE0ODMvbW9hdGZyYW1lLmpz+
198.98.51.35200 OK 1.7 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly96Lm1vYXRhZHMuY29tL2FkZHRoaXNtb2F0ZnJhbWU1Njg5MTE5NDE0ODMvbW9hdGZyYW1lLmpz+
IP 198.98.51.35:0
File type ASCII text, with very long lines (523)
Hash dd1a19cb8d13e4571d2b293c0a0d2ccf
18070dd5c894930a8aef7117bf8d49bd4922a723
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly96Lm1vYXRhZHMuY29tL2FkZHRoaXNtb2F0ZnJhbWU1Njg5MTE5NDE0ODMvbW9hdGZyYW1lLmpz+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stx.AWXYgQkcC00; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024; _ga@hideip.co/=GA1.2.348367671.1675021179; _ga@ny.hideip.co/=GA1.3.348367671.1675021179; _ga@m.facebook.com/=GA1.1.348367671.1675021179; _gid@m.facebook.com/=GA1.1.2072811355.1675021179; _gat@m.facebook.com/=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
x-amz-id-2: fTkstOy4TD+0w0Emr+5O1vEZ/Bm820G8UAv0OxrtQY2FpR0Nd+fTPiwidwjLZF+NMDkRCcReH/o=
x-amz-request-id: 58EF4CEE151E545B
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
accept-ranges: bytes
vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=28513
connection: keep-alive, Keep-Alive
access-control-allow-origin: *
Content-Length: 1705
Keep-Alive: timeout=10, max=93
Content-Type: application/x-javascript
www.facebook.com/csp/reporting/?minimize=0
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/csp/reporting/?minimize=0
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/reporting/?minimize=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2684
Origin: https://ny.hideip.co
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: zpf15v2jwzhgOXs3cCin4Qya3oV9BrmDE8BYYHMInwW10T+PC4qvx6mU9O6l/T20yiY8pAevhe50IJGLQnVNlA==
content-length: 0
date: Sun, 29 Jan 2023 19:39:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ny.hideip.co/direct/aHR0cHM6Ly92MS5hZGR0aGlzZWRnZS5jb20vbGl2ZS9ib29zdC9yYS01ZTNiYTkyMmNmYTM2OGNkL19hdGUudHJhY2suY29uZmlnX3Jlc3A-+
198.98.51.35200 OK 2.5 kB URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly92MS5hZGR0aGlzZWRnZS5jb20vbGl2ZS9ib29zdC9yYS01ZTNiYTkyMmNmYTM2OGNkL19hdGUudHJhY2suY29uZmlnX3Jlc3A-+
IP 198.98.51.35:0
File type ASCII text, with very long lines (2543), with no line terminators
Hash 7ba0dd97024c069b5d96ad486ad1b265
8f231a28dac059dfb98a87a57a0c4105d44fea13
bbe21191bc5731641bbe4d2272fd79f8522366d435d9f1dbbbdc37d07c77ecbd
Analyzer Verdict Alert fortinet Malware
GET /direct/aHR0cHM6Ly92MS5hZGR0aGlzZWRnZS5jb20vbGl2ZS9ib29zdC9yYS01ZTNiYTkyMmNmYTM2OGNkL19hdGUudHJhY2suY29uZmlnX3Jlc3A-+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stx.AWXYgQkcC00; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024; _ga@hideip.co/=GA1.2.348367671.1675021179; _ga@ny.hideip.co/=GA1.3.348367671.1675021179; _ga@m.facebook.com/=GA1.1.348367671.1675021179; _gid@m.facebook.com/=GA1.1.2072811355.1675021179; _gat@m.facebook.com/=1; __atuvc@m.facebook.com/=1%7C5; __atuvs@m.facebook.com/=63d6cb7af364db52000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
etag: -1493488983--gzip
content-disposition: attachment; filename=1.txt
Cache-Control: no-store, no-cache, must-revalidate, public, max-age=51, s-maxage=86400
connection: keep-alive, Keep-Alive
vary: Accept-Encoding
access-control-allow-origin: *
Content-Length: 2543
Keep-Alive: timeout=10, max=92
Content-Type: application/javascript;charset=utf-8
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Sun, 29 Jan 2023 19:39:30 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ny.hideip.co/direct/aHR0cHM6Ly9tLmZhY2Vib29rLmNvbS9hL2J6P2ZiX2R0c2c9TkFjT1B0ckVBaFIxY0F6OUJSX2E4STJNbXFIbFNPMVRSanQ5WVdNWF9GdkVadWE5MFk0Vkt0QSUzQTAlM0EwJmphem9lc3Q9MjQ3OTQmbHNkPUFWb2FFVUhTZVdNJl9fZHluPTFLaWRBRzFtd0h3aDgtdDBCQkJnOW9kRTRhMmk1VTRlMEM4NnU3RTM5eDYwbFc0bzNCdzRFd2s5RTRXMG9tME1VMEQyVVMwc2UyMjl3NnR3NVV3cDgxN1UyZXc0S3d3dzRXd1N5RTE1ODJad3JVMnB3OE8welUmX19jc3I9Jl9fcmVxPTImX19hPUFZbFBwaEE4cE1hc2tGM3VMWGtnTjNzUy0xY1hiZk82eFY5ZGpZX3RNR2pDalhQNW9Td09EOFJqamVJU3VNbmhvaTkyd29lcGtkaHV2Rm5jTkJ5aHVhTlEzTUloLTBuNWY0dGRxSWhHMlNOZEpRJl9fdXNlcj0w+
198.98.51.35200 OK 249 B URL HTTP/1.1 ny.hideip.co/direct/aHR0cHM6Ly9tLmZhY2Vib29rLmNvbS9hL2J6P2ZiX2R0c2c9TkFjT1B0ckVBaFIxY0F6OUJSX2E4STJNbXFIbFNPMVRSanQ5WVdNWF9GdkVadWE5MFk0Vkt0QSUzQTAlM0EwJmphem9lc3Q9MjQ3OTQmbHNkPUFWb2FFVUhTZVdNJl9fZHluPTFLaWRBRzFtd0h3aDgtdDBCQkJnOW9kRTRhMmk1VTRlMEM4NnU3RTM5eDYwbFc0bzNCdzRFd2s5RTRXMG9tME1VMEQyVVMwc2UyMjl3NnR3NVV3cDgxN1UyZXc0S3d3dzRXd1N5RTE1ODJad3JVMnB3OE8welUmX19jc3I9Jl9fcmVxPTImX19hPUFZbFBwaEE4cE1hc2tGM3VMWGtnTjNzUy0xY1hiZk82eFY5ZGpZX3RNR2pDalhQNW9Td09EOFJqamVJU3VNbmhvaTkyd29lcGtkaHV2Rm5jTkJ5aHVhTlEzTUloLTBuNWY0dGRxSWhHMlNOZEpRJl9fdXNlcj0w+
IP 198.98.51.35:0
File type ASCII text, with no line terminators
Hash b398b1a38e5ccb18fb3e5cf32e706bfe
780db9ac16cccad2a87b93045581bb86842ffa10
da87a0610c788906b6e50f8e9d8d77a7587af748fcc2e3a78f92d696ec9fa0a2
Analyzer Verdict Alert fortinet Malware
POST /direct/aHR0cHM6Ly9tLmZhY2Vib29rLmNvbS9hL2J6P2ZiX2R0c2c9TkFjT1B0ckVBaFIxY0F6OUJSX2E4STJNbXFIbFNPMVRSanQ5WVdNWF9GdkVadWE5MFk0Vkt0QSUzQTAlM0EwJmphem9lc3Q9MjQ3OTQmbHNkPUFWb2FFVUhTZVdNJl9fZHluPTFLaWRBRzFtd0h3aDgtdDBCQkJnOW9kRTRhMmk1VTRlMEM4NnU3RTM5eDYwbFc0bzNCdzRFd2s5RTRXMG9tME1VMEQyVVMwc2UyMjl3NnR3NVV3cDgxN1UyZXc0S3d3dzRXd1N5RTE1ODJad3JVMnB3OE8welUmX19jc3I9Jl9fcmVxPTImX19hPUFZbFBwaEE4cE1hc2tGM3VMWGtnTjNzUy0xY1hiZk82eFY5ZGpZX3RNR2pDalhQNW9Td09EOFJqamVJU3VNbmhvaTkyd29lcGtkaHV2Rm5jTkJ5aHVhTlEzTUloLTBuNWY0dGRxSWhHMlNOZEpRJl9fdXNlcj0w+ HTTP/1.1
Host: ny.hideip.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ny.hideip.co/direct/aHR0cHM6Ly9tb2JpbGUuZmFjZWJvb2suY29tLw--
X-Response-Format: JSONStream
X-Requested-With: XMLHttpRequest
X-FB-LSD: AVoaEUHSeWM
X_FB_BACKGROUND_STATE: 1
Content-Type: multipart/form-data; boundary=---------------------------234747720821643139431484489
Content-Length: 6273
Origin: https://ny.hideip.co
Connection: keep-alive
Cookie: 4everproxy=486f8c909d52084042fc416463b73288; datr@facebook.com/=bsvWY7od0nGSsngE_P4XvI0o; fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1stx.AWXYgQkcC00; sb@facebook.com/=b8vWY76JBlu_T0Hxo96S5MXP; 4everproxy_referer=https://m.facebook.com/?_rdc=1&_rdr&refsrc=deprecated; m_pixel_ratio@facebook.com/=1; wd@facebook.com/=1280x1024; _ga@hideip.co/=GA1.2.348367671.1675021179; _ga@ny.hideip.co/=GA1.3.348367671.1675021179; _ga@m.facebook.com/=GA1.1.348367671.1675021179; _gid@m.facebook.com/=GA1.1.2072811355.1675021179; _gat@m.facebook.com/=1; __atuvc@m.facebook.com/=1%7C5; __atuvs@m.facebook.com/=63d6cb7af364db52000; __atrfs@m.facebook.com/=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 19:39:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Powered-By: PHP/7.1.26
vary: Accept-Encoding
set-cookie: _ga@m.facebook.com/=deleted; Domain=ny.hideip.co; Path=/
_ga@facebook.com/=deleted; Domain=ny.hideip.co; Path=/
_ga@m.facebook.com/=deleted; Domain=ny.hideip.co; Path=/
_gid@m.facebook.com/=deleted; Domain=ny.hideip.co; Path=/
_gid@facebook.com/=deleted; Domain=ny.hideip.co; Path=/
_gid@m.facebook.com/=deleted; Domain=ny.hideip.co; Path=/
_gat@m.facebook.com/=deleted; Domain=ny.hideip.co; Path=/
_gat@facebook.com/=deleted; Domain=ny.hideip.co; Path=/
_gat@m.facebook.com/=deleted; Domain=ny.hideip.co; Path=/
__atuvc@m.facebook.com/=deleted; Domain=ny.hideip.co; Path=/
__atuvc@facebook.com/=deleted; Domain=ny.hideip.co; Path=/
__atuvc@m.facebook.com/=deleted; Domain=ny.hideip.co; Path=/
__atuvs@m.facebook.com/=deleted; Domain=ny.hideip.co; Path=/
__atuvs@facebook.com/=deleted; Domain=ny.hideip.co; Path=/
__atuvs@m.facebook.com/=deleted; Domain=ny.hideip.co; Path=/
fr@facebook.com/=0krvECeXDh3JnkrT0..Bj1stv.kn.AAA.0.0.Bj1sty.AWW95PSMevA; Domain=ny.hideip.co; Path=/
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
Pragma: no-cache, no-cache
Cache-Control: no-store, no-cache, must-revalidate, private, no-cache, no-store, must-revalidate
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-fb-debug: LZ3PR+daEmzhFC81TfK3KTcwJyHMqR3aQnobrZJ0j30A6VfauQKgM+Z54RuL60WCS1xOGeJ+yLkdb0FZixuRyg==
priority: u=3,i
alt-svc: h3=":443"; ma=86400
connection: keep-alive, Keep-Alive
access-control-allow-origin: *
Content-Length: 249
Keep-Alive: timeout=10, max=91
Content-Type: application/x-javascript; charset=utf-8
m.addthis.com/live/red_lojson/300lo.json?si=63d6cb7a9174d9c2&bkl=0&bl=1&pdt=1377&sid=63d6cb7a9174d9c2&pub=ra-5e3ba922cfa368cd&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ny.hideip.co&fp=secure%2Fo9jOjUS~HY6yPCEIwSAAaU8I47Cyk_e2goArbFN3O_E-&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1675021179040&jsl=1&uvs=63d6cb7af364db52000&skipb=1&callback=addthis.cbs.jsonp__038064213554036110
23.38.200.123200 OK 90 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63d6cb7a9174d9c2&bkl=0&bl=1&pdt=1377&sid=63d6cb7a9174d9c2&pub=ra-5e3ba922cfa368cd&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ny.hideip.co&fp=secure%2Fo9jOjUS~HY6yPCEIwSAAaU8I47Cyk_e2goArbFN3O_E-&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1675021179040&jsl=1&uvs=63d6cb7af364db52000&skipb=1&callback=addthis.cbs.jsonp__038064213554036110
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 538b5fc1358005a7a2acaa373ec245d5
e4fdd002fa67f90217046dc98a131969f8d2938d
4d174ff129807ef47a35f7afc2cf98827e7e4c41b9ec2be563f940ce8a8fdea4
GET /live/red_lojson/300lo.json?si=63d6cb7a9174d9c2&bkl=0&bl=1&pdt=1377&sid=63d6cb7a9174d9c2&pub=ra-5e3ba922cfa368cd&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ny.hideip.co&fp=secure%2Fo9jOjUS~HY6yPCEIwSAAaU8I47Cyk_e2goArbFN3O_E-&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1675021179040&jsl=1&uvs=63d6cb7af364db52000&skipb=1&callback=addthis.cbs.jsonp__038064213554036110 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ny.hideip.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sun, 29 Jan 2023 19:39:30 GMT
X-Firefox-Spdy: h2