Report - facebook.friedland.business/

Report Overview

Submitted URL
facebook.friedland.business/
IP
64.251.1.115
ASN
#15083 INFOLINK-MIA
Submitted
2023-02-06 22:12:32
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	1.8 kB	93.184.220.29
builderall.com	96203	2016-10-18T18:22:44Z	2023-03-09T08:06:26Z	425 B	15 kB	172.67.20.48
i.vimeocdn.com	3126	2014-03-27T23:24:57Z	2023-03-13T05:09:09Z	483 B	22 kB	151.101.86.109
161vod-adaptive.akamaized.net	118602	2019-10-11T14:46:17Z	2023-03-01T10:10:16Z	5.6 kB	3.1 MB	95.101.11.17
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	1.9 kB	104.18.20.226
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.3 kB	62 kB	34.120.237.76
cheetah-api.builderall.com	311731	2019-12-29T21:44:13Z	2023-03-09T08:06:27Z	461 B	1.4 kB	172.67.20.48
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.1 kB	4.3 kB	216.58.211.3
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	427 B	11 kB	104.17.24.14
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.186.209.73
f.vimeocdn.com	3234	2014-04-09T20:24:34Z	2023-03-13T05:09:11Z	1.6 kB	234 kB	151.101.86.109
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	465 B	166 kB	216.58.211.3
fresnel.vimeocdn.com	3128	2014-12-13T10:04:00Z	2023-03-13T05:09:12Z	1.1 kB	520 B	34.120.202.204
player-telemetry.vimeo.com	8115	2020-06-17T18:09:32Z	2023-03-13T07:33:34Z	493 B	300 B	34.120.202.204
facebook.friedland.business	unknown	2020-02-10T18:24:53Z	2023-01-27T02:06:03Z	11 kB	681 kB	64.251.1.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	1.4 kB	400 kB	151.101.1.229
player.vimeo.com	1858	2013-09-26T05:16:08Z	2023-03-13T05:09:11Z	510 B	10 kB	162.159.128.61

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-06	medium	facebook.friedland.business/	Phishing
2023-02-06	medium	facebook.friedland.business/static/FontList/Muli/Muli.woff2	Phishing
2023-02-06	medium	facebook.friedland.business/static/jquery-ui.js	Phishing
2023-02-06	medium	facebook.friedland.business/js/chunk-vendors.bfe9948e.js	Phishing
2023-02-06	medium	facebook.friedland.business/static/FontList/Roboto/Roboto-Regular.ttf	Phishing
2023-02-06	medium	facebook.friedland.business/static/jquery-1.12.4.min.js	Phishing
2023-02-06	medium	facebook.friedland.business/static/FontList/Muli/Muli-Black.woff2	Phishing
2023-02-06	medium	facebook.friedland.business/static/FontList/Lato/Lato-Black.woff2	Phishing
2023-02-06	medium	facebook.friedland.business/js/app.30e064a7.js	Phishing
2023-02-06	medium	facebook.friedland.business/static/GDPRPlugin/jquery.ihavecookies.min.js	Phishing
2023-02-06	medium	facebook.friedland.business/	Phishing
2023-02-06	medium	facebook.friedland.business/cheetah/split-test	Phishing
2023-02-06	medium	facebook.friedland.business/cheetah/pixel/get	Phishing
2023-02-06	medium	facebook.friedland.business/static/bootstrap/dist/js/bootstrap.min.js	Phishing
2023-02-06	medium	facebook.friedland.business/static/jarallax/jarallax.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	facebook.friedland.business/static/GDPRPlugin/jquery.ihavecookies.min.js	4.1 kB	2023-03-07	2024-01-21
Pretty URL facebook.friedland.business/static/GDPRPlugin/jquery.ihavecookies.min.js IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:29 Last Seen2024-01-21 22:56:53 Times Seen50 Hash 747a63bd60d1b9ec50d4805122558586 bdef332baae594de48d234a799f5941ebd827cf0 ca4519debaef9ff5c2c7b275b324238949277ced2b03bd6fea48dca99cee3d3b Loading...

	facebook.friedland.business/static/jarallax/jarallax.min.js	15 kB	2023-03-07	2024-04-08
Pretty URL facebook.friedland.business/static/jarallax/jarallax.min.js IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:29 Last Seen2024-04-08 17:30:57 Times Seen174 Hash bed39a7b861d26383c30e983d0d6aa77 2f2d3463475a071e6760b3f82975aee922836a69 88657838a7c1595fd358051dceb1619cd44afa923c22ee397420d677fb5cf196 Loading...

	facebook.friedland.business/cheetah/link/recaptcha?lang=de	916 B	2023-03-13	2023-03-13
Pretty URL facebook.friedland.business/cheetah/link/recaptcha?lang=de IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:38:29 Last Seen2023-03-13 18:38:29 Times Seen1 Hash b9362093c23ac84dcba8d29b2a31012d 2ed35c8afd91a293a6b7e2e24a1fa71cb9b77d02 c5bf6a40b9bc44d08db5335d0b650404917420ad9bdea9578919f83d2d5bb544 Loading...

	player.vimeo.com/video/363782125?autoplay=1&loop=1	359 B	2023-03-08	2023-03-18
Pretty URL player.vimeo.com/video/363782125?autoplay=1&loop=1 IP 162.159.128.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:12 Last Seen2023-03-18 07:43:20 Times Seen1 Hash 3bebca74492661d309358758a5066f7f 35eb0d0a00a8f3df0c825a0093eacb71bc6e7d43 c5251ebe799b83572d361fe5378abcfe1c5f08fd2f9ad71d34e43b492b85b94b Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 03:06:17 Times Seen37081967 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	facebook.friedland.business/	15 kB	2023-03-13	2023-03-13
Pretty URL facebook.friedland.business/ IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:38:29 Last Seen2023-03-13 18:38:29 Times Seen1 Hash 6d1ff89f60040a90b19875072f1b4866 3aa1e5ed34b4c67b4d3662fc6cd0f26d8443841f a4cc7728c2b4d6c4ed9ea1641a6269e7803be3a1ddbf8c161dcf381e9eaa4c3a Loading...

	facebook.friedland.business/	139 B	2023-03-07	2024-01-02
Pretty URL facebook.friedland.business/ IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:29 Last Seen2024-01-02 02:00:36 Times Seen27 Hash 61adceae1e8060d44e743c1bbb236123 ce07256a84a6fe899d875dd8ae244b80209724b1 954d0c833426160875e690897eb8569bbc1f2a9f836412487194057e72064a4b Loading...

	facebook.friedland.business/	1.0 kB	2023-03-13	2023-03-13
Pretty URL facebook.friedland.business/ IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:38:29 Last Seen2023-03-13 18:38:29 Times Seen1 Hash 4d029ae2b7b3165452857a0a1b924245 c50ad74205cc091df02f0f0d9f84e0d1faba6de7 71b88b1fd6de2bc0e5801775346f01891099693d6bb2f1a8073b125b11b65a23 Loading...

	facebook.friedland.business/static/bootstrap/dist/js/bootstrap.min.js	58 kB	2023-03-07	2024-04-25
Pretty URL facebook.friedland.business/static/bootstrap/dist/js/bootstrap.min.js IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-25 19:59:10 Times Seen19599 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	facebook.friedland.business/js/app.30e064a7.js	804 kB	2023-03-13	2023-03-13
Pretty URL facebook.friedland.business/js/app.30e064a7.js IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:38:29 Last Seen2023-03-13 18:38:29 Times Seen1 Hash b9d1273536576a2c6a45b97b787b329b d228e0fdcba252ef0f3277f49b67892bca8faac8 f1f4f5b90f42847afb2d24c55a98a27449f09bd3bcbae196efbae0c1ebb5b6ec Loading...

	player.vimeo.com/video/363782125?autoplay=1&loop=1	200 B	2023-03-07	2023-12-19
Pretty URL player.vimeo.com/video/363782125?autoplay=1&loop=1 IP 162.159.128.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2023-12-19 13:15:14 Times Seen10 Hash af8cc9e4334b181797ba45066b8ef4d8 c4c1b4ea678176597ae6720445f701d40bfda97d f675bde2f1e403c77205aa30dfe61dc90f15027df3679a79c4582cc804690783 Loading...

	f.vimeocdn.com/js_opt/modules/utils/vuid.min.js	1.9 kB	2023-03-07	2024-04-26
Pretty URL f.vimeocdn.com/js_opt/modules/utils/vuid.min.js IP 151.101.86.109 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2024-04-26 01:04:12 Times Seen1402 Hash 83583a4061ddc27e8b6ee0dc269519cd 8b1c0acc28729208f640473eb5d8fb82c4ba3e15 c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Loading...

	facebook.friedland.business/static/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-01-25
Pretty URL facebook.friedland.business/static/jquery-1.12.4.min.js IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:29 Last Seen2024-01-25 02:53:41 Times Seen215 Hash 725f2c44fc3e8c2010cebf14e755e487 7582a974bdc567ada934b953bc97fe50e3ba393a 4574aea110cdaa1cf0c27bc5d0d9364a3c18e7a33a185c87d581c6b159703e01 Loading...

	facebook.friedland.business/static/jquery-ui.js	521 kB	2023-03-07	2024-04-26
Pretty URL facebook.friedland.business/static/jquery-ui.js IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-04-26 02:50:36 Times Seen5947 Hash ab5284de5e3d221e53647fd348e5644b 75c20acdc6cbc6334fe2b918ab7afeec007f969e 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d Loading...

	player.vimeo.com/video/363782125?autoplay=1&loop=1	15 kB	2023-03-13	2023-03-13
Pretty URL player.vimeo.com/video/363782125?autoplay=1&loop=1 IP 162.159.128.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:38:30 Last Seen2023-03-13 18:38:30 Times Seen1 Hash ee0a17bad032d0ee3b8deb1301bd617f ee7603a46e215050b0ea43afb60b115590b27d82 c6f9aed3d1f939144c845ead99f45ad225829c6572ddef27bbf07174885ec6a3 Loading...

	player.vimeo.com/video/363782125?autoplay=1&loop=1	820 B	2023-03-08	2023-03-18
Pretty URL player.vimeo.com/video/363782125?autoplay=1&loop=1 IP 162.159.128.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:12 Last Seen2023-03-18 07:43:22 Times Seen1 Hash ef57c0109c58c2cbc1c0ef49652eb902 180b3bab67f413ffb480bd1eabfe0c66e2550b1a 5598f2690bcdf9b90ff7c652108104895b8e0f0346dd6cf425e4b36380a2a411 Loading...

	facebook.friedland.business/	929 B	2023-03-07	2024-01-06
Pretty URL facebook.friedland.business/ IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:32 Last Seen2024-01-06 17:36:22 Times Seen32 Hash a5f12a323b9e01c8cccdb77b8abd5eb5 2848fd3a6327830ebf096e6ca008db5309698837 4e29ad6c4cb43f5fe5ed0fc6e7756fece1e200158ffffc29df4a4870955d3462 Loading...

	facebook.friedland.business/	2.0 kB	2023-03-13	2023-03-13
Pretty URL facebook.friedland.business/ IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:38:30 Last Seen2023-03-13 18:38:30 Times Seen1 Hash 9c126ab5c33bbff76af998f02145a9b5 60df494fc988d34999c1ab94b73eddde27643d98 52a298e3333e11ba6ac4c57111909b1823f2e6117d05fd6dd8e0645c922e2653 Loading...

	facebook.friedland.business/	1.6 kB	2023-03-13	2023-03-13
Pretty URL facebook.friedland.business/ IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:38:30 Last Seen2023-03-13 18:38:30 Times Seen1 Hash ed06d260c7392b21c1fbd947180ec21d 3922c8e55bebe29cfac7157e4351b1e190478423 73123ac5053057cb9a7bb12b77bf3dcc1987b8d7c7ae257bf88979af0f99420a Loading...

	facebook.friedland.business/	960 B	2023-03-07	2024-01-21
Pretty URL facebook.friedland.business/ IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:29 Last Seen2024-01-21 22:56:53 Times Seen44 Hash 380cd7585baabe472d0881ce83b6da97 d90aedeabe547241bb9e14117f35e9588540ac04 358581df36e27478b71cf499993732a35b922e47a3fe1518bd82e1e76648433f Loading...

	facebook.friedland.business/js/chunk-vendors.bfe9948e.js	736 kB	2023-03-07	2023-03-17
Pretty URL facebook.friedland.business/js/chunk-vendors.bfe9948e.js IP 64.251.1.115 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:21:41 Last Seen2023-03-17 12:38:34 Times Seen1 Hash c0f8b2ab1d9481bb668cb8dec0713f8e 27226bfd13d4ecdeda52d6c38ba159262fec5454 b310ba483afcea88d26d770a094bf72af036cf73b8cf934a6036857fb42fccd7 Loading...

	player.vimeo.com/video/363782125?autoplay=1&loop=1	283 B	2023-03-07	2023-03-17
Pretty URL player.vimeo.com/video/363782125?autoplay=1&loop=1 IP 162.159.128.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2023-03-17 12:34:41 Times Seen1 Hash c68eaa734a767f8e1a6025c05a5c4d34 909a3ee7f9a6a080ddd98b727ef50bbfa1cc7527 2a7828f048951a6793a918dd8a02ddd7584c814422373ee7f0490caadb225c60 Loading...

	player.vimeo.com/video/363782125?autoplay=1&loop=1	88 B	2023-03-08	2023-03-18
Pretty URL player.vimeo.com/video/363782125?autoplay=1&loop=1 IP 162.159.128.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:12 Last Seen2023-03-18 07:43:21 Times Seen1 Hash ad413198e105cd8f701ecfbbd330f933 10ce91413b40b42e0db106f75f9b906c53aadeae a2eae90d055f51a5223ced60b71f552e93c37d5a8c6caa224f92b90af6a2b971 Loading...

	f.vimeocdn.com/p/4.19.2/js/vendor.module.js	386 kB	2023-03-13	2023-03-13
Pretty URL f.vimeocdn.com/p/4.19.2/js/vendor.module.js IP 151.101.86.109 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:33:47 Last Seen2023-03-13 19:07:58 Times Seen1 Hash 858fa334185c601b86150f1233471cb2 7b1750904361738164db6c0848e3f060d10e50d8 75e6a5db75d196dd55763a6cc8aebae724d3198c64898c939c0eed9082f9ef4e Loading...

HTTP Transactions (75)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3797
Expires: Mon, 06 Feb 2023 23:15:37 GMT
Date: Mon, 06 Feb 2023 22:12:20 GMT
Connection: keep-alive

facebook.friedland.business/

64.251.1.115

301 Moved Permanently

162 B

URL HTTP/1.1
facebook.friedland.business/
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 06 Feb 2023 22:12:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://facebook.friedland.business/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3640
Expires: Mon, 06 Feb 2023 23:13:00 GMT
Date: Mon, 06 Feb 2023 22:12:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 21:36:29 GMT
content-type: application/json
age: 2151
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11865
Expires: Tue, 07 Feb 2023 01:30:05 GMT
Date: Mon, 06 Feb 2023 22:12:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: s8nJEEPYtirnF7zG5TSfTttsebbCJbXG9XmH4zcmGHqq4X96d7t277Tl+T7WoSlvP31xGH1sseg=
x-amz-request-id: W6M05YPXCY423H27
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 21:45:19 GMT
age: 1621
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:20 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 22:07:20 GMT
age: 300
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
01df2a4a4af1e1620ab446d8bda29f4a
b91e2f6a17072adb20a42c3b046336bf294b7aaf
71c693941ff941d3e95389a5da03f253e7a7a141f2fcf20e6fa431fed48e2f4d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71C693941FF941D3E95389A5DA03F253E7A7A141F2FCF20E6FA431FED48E2F4D"
Last-Modified: Mon, 06 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Tue, 07 Feb 2023 04:11:21 GMT
Date: Mon, 06 Feb 2023 22:12:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14310
Expires: Tue, 07 Feb 2023 02:10:50 GMT
Date: Mon, 06 Feb 2023 22:12:20 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/d20o9eOJVd4

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/d20o9eOJVd4
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6dcbfee6a2e5388d05f5408bc7f88dbc
8a8eb046b2fc4379cec22bbbc31f9a3108f2ffbb
61dbcbd99a0fdbb74326d16d34fd65e6265ba3938a511666345f850ef6edc86f

HTTP Headers

POST /s/gts1p5/d20o9eOJVd4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.186.209.73

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.209.73:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Kf0WX5paq5IHU+IXGbroEA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JT/vDK3DDGVeSsgwLraoVZMbE0k=

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
639b4ed809597e03ff6fd6297015c2e9
dcfa40acb18ff8b82da6e1a71fe56c5ba344c3e5
4a647643c16b1ffe6b712d3f82e4be2c337cca1f8fe719b49cecf5133c67c18c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4445
Cache-Control: max-age=170808
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:21 GMT
Etag: "63e16220-118"
Expires: Wed, 08 Feb 2023 21:39:09 GMT
Last-Modified: Mon, 06 Feb 2023 20:25:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

104.17.24.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58392)
Size
10 kB (10301 bytes)
Hash
536b6de3113d2c4762be5f5fa6d4b11e
6819ef5f5338f8c86f42dc6ecf5e6a17679e0dab
a0bd64b9dfc97e8ac4ccd97e7dd54209901dcffef8a5cabf701750746201c5ac

HTTP Headers

GET /ajax/libs/font-awesome/5.13.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css; charset=utf-8
content-length: 10301
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-e4d2"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 12530617
expires: Sat, 27 Jan 2024 22:12:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tzeVA6ZFQlfvUErDDc9sXzlDCTIq9y1mbbBHORI1XnYChvwnaeXn%2Fhby4Yql26GIKrMzkj3%2Bw2ddmivDlMMdgXEW50ZGIGga7nTx7XWi%2FUwEd4GeVxlfjNIQyGr9LGNfmqg%2F%2BMp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79573a121cbd0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
639b4ed809597e03ff6fd6297015c2e9
dcfa40acb18ff8b82da6e1a71fe56c5ba344c3e5
4a647643c16b1ffe6b712d3f82e4be2c337cca1f8fe719b49cecf5133c67c18c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4445
Cache-Control: max-age=170808
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:21 GMT
Etag: "63e16220-118"
Expires: Wed, 08 Feb 2023 21:39:09 GMT
Last-Modified: Mon, 06 Feb 2023 20:25:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

cdn.jsdelivr.net/npm/@mdi/font@5.8.55/css/materialdesignicons.min.css

151.101.1.229

200 OK

43 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@mdi/font@5.8.55/css/materialdesignicons.min.css
IP
151.101.1.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
43 kB (43447 bytes)
Hash
8175a6e0c0f7b0a5a14d1b5d537000b2
050a2822317cabc1c32085327219cccc3b160d72
4aa2fb5657a8cef07fbb07bbe5a60d6094a4423769885bd52206816946dbe72b

HTTP Headers

GET /npm/@mdi/font@5.8.55/css/materialdesignicons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.8.55
x-jsd-version-type: version
etag: W/"41c3a-V0/1rmiSzFfK1zStZ4TO8mjD9Pg"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:21 GMT
age: 5434363
x-served-by: cache-fra-eddf8230056-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43447
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@mdi/font@4.4.95/css/materialdesignicons.min.css

151.101.1.229

200 OK

34 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@mdi/font@4.4.95/css/materialdesignicons.min.css
IP
151.101.1.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33827 bytes)
Hash
ff6865890c5631dbb4db7e13bdcb0f85
1e9252866f8a116e12bb4d89f4cfbacc89952b52
1af73d46d0b9552679e6272872856bbe4b43cb941bec99b826e2d3493f3e5972

HTTP Headers

GET /npm/@mdi/font@4.4.95/css/materialdesignicons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.4.95
x-jsd-version-type: version
etag: W/"30ca6-Rm/JxyaDxAlQuY5XEBYILuIosEc"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:21 GMT
age: 2393270
x-served-by: cache-fra-eddf8230135-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33827
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
c10fa9412538514b77a2304cdd3106ba
0b6985812ee0780067e72588c89bf331b93e3ba9
22feeb5cc7007e7fd6c05f4b7ae2fb4366935aef4ed972b26120fa682188e412

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 22:12:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "7519734A1CE62BBF14F1965CB400B7462098F49D"
Expires: Tue, 07 Feb 2023 10:00:00 GMT
Last-Modified: Mon, 06 Feb 2023 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 78
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79573a12fc0bb4eb-OSL

builderall.com//franquias/2/73748/editor-html/3484811.png

172.67.20.48

200 OK

15 kB

URL HTTP/2
builderall.com//franquias/2/73748/editor-html/3484811.png
IP
172.67.20.48:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 363 x 363, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14694 bytes)
Hash
57262c3f5580ea758e2f5023cb81db8e
9b338767e472caa4d3a735e2556b77972d176aa4
1d4c3406a11d08dbb8ced3f83e497764aefed787149c0138ea33487c99f47f66

HTTP Headers

GET //franquias/2/73748/editor-html/3484811.png HTTP/1.1
Host: builderall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: image/png
content-length: 14694
last-modified: Thu, 23 Jun 2022 05:43:02 GMT
etag: "62b3fd66-3966"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: ALLOW
x-content-type-options: nosniff
cf-cache-status: BYPASS
set-cookie: Path=/; HttpOnly; Secure
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79573a102e66b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

facebook.friedland.business/static/FontList/Muli/Muli.woff2

64.251.1.115

200 OK

25 kB

URL HTTP/2
facebook.friedland.business/static/FontList/Muli/Muli.woff2
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type
Web Open Font Format (Version 2), TrueType, length 24884, version 1.0\012- data
Size
25 kB (24884 bytes)
Hash
463e1d870377d943fe1b8a1ea9a44df5
3a72930c0c14dc43b196ea8dbb91f7dd465a7ca0
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/FontList/Muli/Muli.woff2 HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://facebook.friedland.business/static/FontList.css
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/octet-stream
content-length: 24884
last-modified: Wed, 15 Apr 2020 12:29:58 GMT
etag: "5e96fe46-6134"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/d20o9eOJVd4

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/d20o9eOJVd4
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6dcbfee6a2e5388d05f5408bc7f88dbc
8a8eb046b2fc4379cec22bbbc31f9a3108f2ffbb
61dbcbd99a0fdbb74326d16d34fd65e6265ba3938a511666345f850ef6edc86f

HTTP Headers

POST /s/gts1p5/d20o9eOJVd4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

facebook.friedland.business/static/jquery-ui.js

64.251.1.115

200 OK

144 kB

URL HTTP/2
facebook.friedland.business/static/jquery-ui.js
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type
data
Size
144 kB (144218 bytes)
Hash
e9c071a3c7bc273e4b452608e2bb46d5
479310b9cf3d806479fc7aa7bef0571974a9cf6d
441be2061d101f9e7f6e7f7a69d681f38e804eeeda6ad31e510b28f5b47f2960

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/jquery-ui.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 2019 20:42:22 GMT
vary: Accept-Encoding
etag: W/"5daa23ae-7f20a"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/js/chunk-vendors.bfe9948e.js

64.251.1.115

200 OK

255 kB

URL HTTP/2
facebook.friedland.business/js/chunk-vendors.bfe9948e.js
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type
data
Size
255 kB (255232 bytes)
Hash
e264456f30c03a3505ab53c72ea91446
37f89885b8c95856be6fef0ab6bed97601ad0b68
33ceebcbd33dfc0150a5a9c6fe5e8a48936afaaf13bff71f1a988e809244d381

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/chunk-vendors.bfe9948e.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Tue, 06 Sep 2022 17:59:00 GMT
vary: Accept-Encoding
etag: W/"63178a64-b38ea"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7569
Expires: Tue, 07 Feb 2023 00:18:30 GMT
Date: Mon, 06 Feb 2023 22:12:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7568
Expires: Tue, 07 Feb 2023 00:18:30 GMT
Date: Mon, 06 Feb 2023 22:12:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9808 bytes)
Hash
ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bKYMmv-CTu5g0q9cDF0dV8USpQzNB7hfSUzT7ehM9z--o8QMqzjV6w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:10:59 GMT
age: 83
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

facebook.friedland.business/static/FontList/Roboto/Roboto-Regular.ttf

64.251.1.115

200 OK

171 kB

URL HTTP/2
facebook.friedland.business/static/FontList/Roboto/Roboto-Regular.ttf
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type
TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data
Size
171 kB (171272 bytes)
Hash
11eabca2251325cfc5589c9c6fb57b46
096c9245b6a192d1403a82848e104a65f578a8ec
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/FontList/Roboto/Roboto-Regular.ttf HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/static/FontList.css
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/octet-stream
content-length: 171272
last-modified: Thu, 09 Apr 2020 20:05:35 GMT
etag: "5e8f800f-29d08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-header: *
accept-ranges: bytes
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10905 bytes)
Hash
1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gcy4nCriTOJhhTqFJBuks649uy0s4r3TVV3-yAcUhImLwqKpn1d2_w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 14:03:29 GMT
age: 29333
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4442 bytes)
Hash
7d8c3ebd17a435401c7f9fe3b8f842be
f2106be148fea23bf961fcdb69ea4cb127aa5f3e
ee708e68414539c75ddc077e0be7b75a86fd4fc9b6c1ddd1da86d0b9aca35558

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4442
x-amzn-requestid: 1bb3d1b3-ff58-4b0d-9a2b-c25797530c5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQG1JoAMFRtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1bb478453ececa9613e7e4a2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: a6qwcT9sfonMVlyq2ZX6CSXWeW2upfeAWqqNEgVI2sqq7280sCfolw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:50:14 GMT
age: 1328
etag: "f2106be148fea23bf961fcdb69ea4cb127aa5f3e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11481 bytes)
Hash
f0f48a44e1aece8d271028a7b0684cac
9f7247a3bb9248cd281c568ebba6e52b38b00149
0a34b5dc66f170403e79b2315a7cacef1703ce3777a20914525f86d46c0cd637

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11481
x-amzn-requestid: b50de2d1-c23b-4908-8fc3-e84eea0382a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRFL-oAMFnSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-0254cda141886e0f39e8f8b3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MMng1v3N8xzpjYVfdSDS7QfZX6DmvbEt1pWXM5GXicjxt8lZwItNoA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:53 GMT
age: 989
etag: "9f7247a3bb9248cd281c568ebba6e52b38b00149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

facebook.friedland.business/static/jquery-1.12.4.min.js

64.251.1.115

200 OK

46 kB

URL HTTP/2
facebook.friedland.business/static/jquery-1.12.4.min.js
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type
data
Size
46 kB (45784 bytes)
Hash
635ef24d571e56acdec0b6340e8f4263
656cc04529080d7952bc0ce15aa6e9a9db8d35e2
b5381f3fdf4e60e934d9febf57cda5c7cd9eb2da6e0c0f43451656e79683c4c2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/jquery-1.12.4.min.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 2019 20:42:25 GMT
vary: Accept-Encoding
etag: W/"5daa23b1-17b93"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10514 bytes)
Hash
9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s4aaciuNuISH_IBccafT_H4hK8g0BRI7KaA1ZKSTIZCKAb3PcvGZTw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:50:12 GMT
age: 1330
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
e9abb2fefdfbc9ecd2ed10d8019ab372
c3ffda12c9ae4e6ebca6f4b80bfebf61bd8c617f
75210ebc0d1d7eef6461a15725a842af6fb8c2dfb2d3d9a2bb7e6464d8a9754a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6423
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:22 GMT
Last-Modified: Mon, 06 Feb 2023 20:25:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278

cdn.jsdelivr.net/npm/@mdi/font@5.8.55/fonts/materialdesignicons-webfont.woff2?v=5.8.55

151.101.1.229

200 OK

320 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@mdi/font@5.8.55/fonts/materialdesignicons-webfont.woff2?v=5.8.55
IP
151.101.1.229:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 319984, version 1.0\012- data
Size
320 kB (319984 bytes)
Hash
4187121a4353440c2a865dbf1bc1901b
24d77a27ad03c38e046c91fcd48011f16c72429b
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67

HTTP Headers

GET /npm/@mdi/font@5.8.55/fonts/materialdesignicons-webfont.woff2?v=5.8.55 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook.friedland.business
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 5.8.55
x-jsd-version-type: version
etag: W/"4e1f0-JNd6J60Dw44EbJH81IAR8WxyQps"
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:22 GMT
age: 2930443
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1677-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 319984
X-Firefox-Spdy: h2

facebook.friedland.business/static/FontList/Muli/Muli-Black.woff2

64.251.1.115

200 OK

12 kB

URL HTTP/2
facebook.friedland.business/static/FontList/Muli/Muli-Black.woff2
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type
Web Open Font Format (Version 2), TrueType, length 11644, version 1.0\012- data
Size
12 kB (11644 bytes)
Hash
2bbc60d491c1486c14c125be6f5c1aa6
58f87500c55cf75ad3496968c4bcacb98493d033
e6600dc3d4a01ea1e1f10f82d3046b4995142fa6c8d5e8564b0c3674f02fd85b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/FontList/Muli/Muli-Black.woff2 HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://facebook.friedland.business/static/FontList.css
Cookie: Path=/; Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: application/octet-stream
content-length: 11644
last-modified: Tue, 07 Apr 2020 18:50:00 GMT
etag: "5e8ccb58-2d7c"
expires: Tue, 06 Feb 2024 22:12:22 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
accept-ranges: bytes
X-Firefox-Spdy: h2

facebook.friedland.business/static/FontList/Lato/Lato-Black.woff2

64.251.1.115

200 OK

14 kB

URL HTTP/2
facebook.friedland.business/static/FontList/Lato/Lato-Black.woff2
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type
Web Open Font Format (Version 2), TrueType, length 13732, version 1.0\012- data
Size
14 kB (13732 bytes)
Hash
e6769e88a9b4b8da71003fa6116c3e1f
01b44a4ed805df82a6f28dde801c508831b86092
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/FontList/Lato/Lato-Black.woff2 HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://facebook.friedland.business/static/FontList.css
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: application/octet-stream
content-length: 13732
last-modified: Tue, 07 Apr 2020 18:50:01 GMT
etag: "5e8ccb59-35a4"
expires: Tue, 06 Feb 2024 22:12:22 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
accept-ranges: bytes
X-Firefox-Spdy: h2

player.vimeo.com/video/363782125?autoplay=1&loop=1

162.159.128.61

200 OK

5.8 kB

URL HTTP/1.1
player.vimeo.com/video/363782125?autoplay=1&loop=1
IP
162.159.128.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18715), with no line terminators
Size
5.8 kB (5819 bytes)
Hash
60c29b39a9d9be5d8908ceb4980f9897
e42a72ec74295b7e0565f6635e820bb1d1099f45
92a55d86e1d6ac66606dc4b3f7f3a08f0b8eae3b0095300d982b72ed73473425

HTTP Headers

GET /video/363782125?autoplay=1&loop=1 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 22:12:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Mon, 06 Feb 2023 22:22:22 GMT
x-host: player-7b7859db66-7fvw2
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-3
x-backend-proxy: playproxy4
x-bapp-server: player-7b7859db66-7fvw2
Age: 0
X-Served-By: cache-cph2320034-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675721542.258484,VS0,VE289
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=2Qz8_4ym9.ca9gRgf4_nyUb6gsBFp9sqgdCf56sOsfo-1675721542-0-ATCCEeE/JWFo9ub8h1HZ85WIE+FhqL98W79y0EbNm8RiUuLPQB6xbKfLBertPvsX9k8as66yuG3gNMxXoXC+qKo=; path=/; expires=Mon, 06-Feb-23 22:42:22 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 79573a170fedb50f-OSL
Content-Encoding: gzip

f.vimeocdn.com/p/4.19.2/css/player.css

151.101.86.109

200 OK

20 kB

URL HTTP/2
f.vimeocdn.com/p/4.19.2/css/player.css
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65495)
Size
20 kB (20069 bytes)
Hash
c0026d31413bb2152b7719a0760a9e35
7807e493c951cb8ad095ae2456cde9719470ea44
89344b91b186bccdd3f4a2a9c71702950700b9cfa66aced10935de2ab81b9a67

HTTP Headers

GET /p/4.19.2/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:22 GMT
age: 532204
x-served-by: cache-iad-kiad7000158-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 10, 139470
x-timer: S1675721543.642564,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20069
X-Firefox-Spdy: h2

f.vimeocdn.com/p/4.19.2/js/player.module.js

151.101.86.109

200 OK

118 kB

URL HTTP/2
f.vimeocdn.com/p/4.19.2/js/player.module.js
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65445)
Size
118 kB (118106 bytes)
Hash
a3997f52d132221645130f34951abf8d
ed1765341e8f05646536584c18d519ee3f455f47
dba3f740169da84d5ad9c5a18d60c16b7b1b5a084ff33abc9abff3758381d54d

HTTP Headers

GET /p/4.19.2/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:22 GMT
age: 532205
x-served-by: cache-iad-kiad7000084-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
x-cache-hits: 10, 110224
x-timer: S1675721543.738937,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 118106
X-Firefox-Spdy: h2

f.vimeocdn.com/p/4.19.2/js/vendor.module.js

151.101.86.109

200 OK

92 kB

URL HTTP/2
f.vimeocdn.com/p/4.19.2/js/vendor.module.js
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65457)
Size
92 kB (92489 bytes)
Hash
e19c45e679b1f6522d7fd4e720bbc735
5c3dcd4a1a4509f1c6ae0106da139d3993faeb4c
36921f993763972f5e285ae77f8714d4c84402aed750f2f456ecde98d727c684

HTTP Headers

GET /p/4.19.2/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:22 GMT
age: 532205
x-served-by: cache-iad-kiad7000044-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
x-cache-hits: 20, 128607
x-timer: S1675721543.876809,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 92489
X-Firefox-Spdy: h2

f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

151.101.86.109

200 OK

985 B

URL HTTP/2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1839)
Size
985 B (985 bytes)
Hash
0541e0ff8702adadfd34ee8c298afbdf
c10da432fdb8736622c8c1fb7708b2599cae882c
967903be4f14e85fe685577417cf83d53b5363e5f02baa3b2242c19a7030b652

HTTP Headers

GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:22 GMT
age: 1784109
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 4460, 351799
x-timer: S1675721543.985262,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 985
X-Firefox-Spdy: h2

facebook.friedland.business/static/powered_by.png

64.251.1.115

200 OK

3.4 kB

URL HTTP/2
facebook.friedland.business/static/powered_by.png
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type
PNG image data, 138 x 63, 8-bit/color RGBA, non-interlaced\012- data
Size
3.4 kB (3370 bytes)
Hash
0a6dc7ed0ee427d80e7a138a2e1bae0a
f7e88bfc8d95ec65c60f07af176e6d35076058b4
b66db702101679c30cb46dae5dcf940e62e615ee94c4fe750b5d7e7f8f014ddb

HTTP Headers

GET /static/powered_by.png HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: image/png
content-length: 3370
last-modified: Wed, 25 Mar 2020 15:29:59 GMT
etag: "5e7b78f7-d2a"
expires: Tue, 06 Feb 2024 22:12:22 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
accept-ranges: bytes
X-Firefox-Spdy: h2

i.vimeocdn.com/video/819029638-dfc12cb0d72bd65511add9fef5f7538b45a84c9a2a1593fba3981f6d7d7a48e8-d?mw=1000&mh=562

151.101.86.109

200 OK

21 kB

URL HTTP/2
i.vimeocdn.com/video/819029638-dfc12cb0d72bd65511add9fef5f7538b45a84c9a2a1593fba3981f6d7d7a48e8-d?mw=1000&mh=562
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
ISO Media, AVIF Image\012- data
Size
21 kB (21428 bytes)
Hash
8ebddef50be37d3e5489aaefea5383a3
5a7495acbe731ed2139c47840051de9be6bcb254
32ee764a03066e2fb565e14be575f97662e80b805f3399313399502d2099ec4a

HTTP Headers

GET /video/819029638-dfc12cb0d72bd65511add9fef5f7538b45a84c9a2a1593fba3981f6d7d7a48e8-d?mw=1000&mh=562 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/avif
etag: 8ebddef50be37d3e5489aaefea5383a3
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-x6q0
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:23 GMT
age: 936242
x-served-by: cache-dfw-kdfw8210135-DFW, cache-bma1670-BMA
x-cache: miss, HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675721543.016175,VS0,VE131
vary: Accept
content-length: 21428
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

216.58.211.3

200 OK

166 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (622)
Size
166 kB (165540 bytes)
Hash
2ea1a9fb8dfcdafa252df2e421b227eb
eeecc9d04fdc17536f46f9fd95116e8b2ecf19fb
a7cf73b4e7745ca0202b7c3144ca7a84f9a456cead50e32adb029dc9fb9cb19e

HTTP Headers

GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://facebook.friedland.business
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 165540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 21:57:21 GMT
expires: Mon, 05 Feb 2024 21:57:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 87302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/597f846a,05e8be74,99335e3f,7f0a3185,8c02ac08/master.json?base64_init=1

95.101.11.17

200 OK

2.2 kB

URL HTTP/1.1
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/597f846a,05e8be74,99335e3f,7f0a3185,8c02ac08/master.json?base64_init=1
IP
95.101.11.17:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with very long lines (14516)
Size
2.2 kB (2228 bytes)
Hash
b4d4e144a570b9f6998b2aab3008130f
cbf2ae03bf20f18dede43ed554b256e51e2d4c7f
b157018ad030655f17a49ec85b7b1d7d4a8ee1a99aca294140e2fbaa319219d4

HTTP Headers

GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/597f846a,05e8be74,99335e3f,7f0a3185,8c02ac08/master.json?base64_init=1 HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: application/json
ETag: W/"523048e7f5ca9550505f2d8ea6d587e7"
origin-retrieved-hour: 1671958800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Content-Length: 2228
Aka-c-hit: cache-hit
Cache-Control: max-age=29973809
Date: Mon, 06 Feb 2023 22:12:23 GMT
Connection: keep-alive
Vary: Accept-Encoding
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.d0b655f.1675721543.38aeffda
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *

95.101.11.17

200 OK

48 kB

URL HTTP/1.1
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/05e8be74/chop/segment-1.m4s?r=dXM%3D
IP
95.101.11.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
48 kB (48359 bytes)
Hash
ab9931584abbe8e37a43daef9cd1a65d
e818bb53b06bf2b07fd78ff54e7431d27c295cfc
af40aa815dfc108125ce7313727bfa9a13476566d0651cdeee1ab5978ab0e34c

HTTP Headers

GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/05e8be74/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 48359
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671958800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=29973715
Date: Mon, 06 Feb 2023 22:12:23 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721543.38af0080
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *

ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3b63ca4994180f27fdda918675f9a626
bc81b0cb4adb3226de1a680666e7944f37bae1ff
30985391d442448c2d2e8d2c6917c6f66664d5e064c5ca1f944b4c7eaba8f910

HTTP Headers

POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

facebook.friedland.business/static/material-icon.css

64.251.1.115

200 OK

820 B

URL HTTP/2
facebook.friedland.business/static/material-icon.css
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type
data
Size
820 B (820 bytes)
Hash
f4ab48fa20d4adda09916b49a8909711
d3dd82f063999686c126866d3921adcf7728826b
49ef346d547420fe1bb2167fc0bf03bb087036c5c43958b662ecdb2db85d70b4

HTTP Headers

GET /static/material-icon.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Tue, 07 Apr 2020 18:50:00 GMT
vary: Accept-Encoding
etag: W/"5e8ccb58-237"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

95.101.11.17

200 OK

149 kB

URL HTTP/1.1
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/05e8be74/chop/segment-1.m4s?r=dXM%3D
IP
95.101.11.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
149 kB (148956 bytes)
Hash
e1c25175cc50b05388b703a558187236
5cc96f388564803a63bac2ea0ded6f3d4dc76436
d064bf6ff70a0c69ee5ecb823b2084bf48e55a25ed82607fa2ffc17975ad5110

HTTP Headers

GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/05e8be74/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 148956
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671958800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=29973857
Date: Mon, 06 Feb 2023 22:12:23 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721543.38af012b
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *

cheetah-api.builderall.com/get-plan/6043483

172.67.20.48

200 OK

96 B

URL HTTP/2
cheetah-api.builderall.com/get-plan/6043483
IP
172.67.20.48:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
96 B (96 bytes)
Hash
59fe84c128feb5976b2c52ad08ef9db6
9c452d7a0867634083616a79cc55812a4dfa987f
6ca5e4d31422a394cdbbe6dc7c9183ffb5287d7eb4f5ba3adb0f6159e8999e5a

HTTP Headers

GET /get-plan/6043483 HTTP/1.1
Host: cheetah-api.builderall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://facebook.friedland.business
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
cache-control: private, must-revalidate, public
pragma: no-cache, public
expires: -1
x-xss-protection: 1; mode=block
set-cookie: XSRF-TOKEN=eyJpdiI6Ikx3dit2MTVjclQ5Y05uOWpUY0dScGc9PSIsInZhbHVlIjoibEhRelpYT2pjXC9wNDZtYlN3SHVMakozNUdBNXRiQ2F6Y3R3eEVzNkFIbmJrb1Z6RkUyNTlNYk1scDdnT1JOTEMiLCJtYWMiOiIzNmJkYzEzMzBhNDUyZjZlZjliZjMxNDc3MzM2NTVjNTc1ODZiNWRmOGUyYmJhMjYwN2JhYWNiMzlhZjhmMDc2In0%3D; expires=Tue, 07-Feb-2023 00:12:22 GMT; Max-Age=7200; path=/;HttpOnly;Secure
laravel_session=eyJpdiI6InFrNjc4T1JRd1pNRjFibE8xTDFSRnc9PSIsInZhbHVlIjoieGo1M2w3aWdna1BQOU5wQVNtUzJvMWtDY1JyTjNWSFlsek1nRlppV2Rwb2FrallHMVJYczVoSWlKQjdERXNaMyIsIm1hYyI6ImRiM2JhMjg0ZjJjMzZkNDA2OTczYjk0ZDBkMmQ4NTJkZTkxYzBkNmQ0OTRiMTdhYTY1ODI4ZGVkZjAwODY0NWIifQ%3D%3D; expires=Tue, 07-Feb-2023 00:12:22 GMT; Max-Age=7200; path=/; httponly;HttpOnly;Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79573a168ce9b4f3-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542

34.120.202.204

200 OK

0 B

URL HTTP/2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542
IP
34.120.202.204:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1725
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Mon, 06 Feb 2023 22:12:23 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

player-telemetry.vimeo.com/player-events/log/play

34.120.202.204

200 OK

0 B

URL HTTP/2
player-telemetry.vimeo.com/player-events/log/play
IP
34.120.202.204:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /player-events/log/play HTTP/1.1
Host: player-telemetry.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 665
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
content-type: text/html; charset=UTF-8
date: Mon, 06 Feb 2023 22:12:23 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542

34.120.202.204

200 OK

0 B

URL HTTP/2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542
IP
34.120.202.204:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1434
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Mon, 06 Feb 2023 22:12:23 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3b63ca4994180f27fdda918675f9a626
bc81b0cb4adb3226de1a680666e7944f37bae1ff
30985391d442448c2d2e8d2c6917c6f66664d5e064c5ca1f944b4c7eaba8f910

HTTP Headers

POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3b63ca4994180f27fdda918675f9a626
bc81b0cb4adb3226de1a680666e7944f37bae1ff
30985391d442448c2d2e8d2c6917c6f66664d5e064c5ca1f944b4c7eaba8f910

HTTP Headers

POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

95.101.11.17

200 OK

194 kB

URL HTTP/1.1
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-1.m4s?r=dXM%3D
IP
95.101.11.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
194 kB (193471 bytes)
Hash
3b4a2dd29ebab83c185e037699de9530
cd98df12b40e02dddd1bfdb938276816061fbd0d
095878ab558c66195607770183cfccbdb544d69ca2347ffaae2b16b8cde6f2ca

HTTP Headers

GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 193471
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671958800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30601664
Date: Mon, 06 Feb 2023 22:12:23 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721543.38af01c6
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *

95.101.11.17

200 OK

864 kB

URL HTTP/1.1
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-1.m4s?r=dXM%3D
IP
95.101.11.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
864 kB (864479 bytes)
Hash
e2159421f3981cf72a9c6dec2ebea303
69659c57d85b5bfdc9360e0069430d56b713ea33
0e093518de4a2dd09cc7b25ddd4ea2715b73617fb604242e678d8c0eebd31a39

HTTP Headers

GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 864479
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671958800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30601600
Date: Mon, 06 Feb 2023 22:12:24 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721544.38af0280
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *

95.101.11.17

200 OK

194 kB

URL HTTP/1.1
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-2.m4s?r=dXM%3D
IP
95.101.11.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
194 kB (193865 bytes)
Hash
125093f168acb1b6a00c8a2b583237dd
6405560d9455bb7d54b1c1e9a27218c4c71a2e34
4f7f097809fc20bc48e1ed6e7e0e74885ebc342712ec62ab8df4e1dd9579f678

HTTP Headers

GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-2.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 193865
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671969600
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30601630
Date: Mon, 06 Feb 2023 22:12:25 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721545.38af06d3
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *

95.101.11.17

200 OK

730 kB

URL HTTP/1.1
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-2.m4s?r=dXM%3D
IP
95.101.11.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
730 kB (729777 bytes)
Hash
601a7574747cf6181dd2126078638e32
28e523a87ea3b144651baf24564f01a699aeb729
ad19e49769a9608fb9a882dc15d6c421f68a9e1bf31f66fda1a28463eeee4fb0

HTTP Headers

GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-2.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 729777
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1673110800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31535978
Date: Mon, 06 Feb 2023 22:12:25 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721545.38af07c4
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *

95.101.11.17

200 OK

751 kB

URL HTTP/1.1
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-3.m4s?r=dXM%3D
IP
95.101.11.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
751 kB (751400 bytes)
Hash
cb949894b2150b6794a951df850fab04
d3ff1317f04be9cadd073dbd186d3f7639dc381f
c408812823cf495be13b62217711760d1c6f6f6fed19296f7e0e134b0556bd2c

HTTP Headers

GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-3.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 751400
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671969600
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30601581
Date: Mon, 06 Feb 2023 22:12:25 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721545.38af0852
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *

95.101.11.17

200 OK

192 kB

URL HTTP/1.1
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-3.m4s?r=dXM%3D
IP
95.101.11.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
192 kB (192541 bytes)
Hash
e7230bf84924051e8cbd2c9b69e243b4
5baebb22cbf2982c45b5fa409471ab7cd65330bd
3a57a828052bc542c2a28dc39317164770378f7deac7dd1e28ceb20b4fe4ce39

HTTP Headers

GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-3.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 192541
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1673110800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31535950
Date: Mon, 06 Feb 2023 22:12:26 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721546.38af08f6
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8981 bytes)
Hash
714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixAMZh_xOYWVESJ0jOEPOXZ4GQBDUZZsh26yEDYfl8APcBF2x2sZYg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:02:54 GMT
age: 574
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

facebook.friedland.business/static/bootstrap-carousel/css/bootstrap.css

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/static/bootstrap-carousel/css/bootstrap.css
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/bootstrap-carousel/css/bootstrap.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Thu, 28 May 2020 20:00:16 GMT
vary: Accept-Encoding
etag: W/"5ed01850-177c"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/js/app.30e064a7.js

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/js/app.30e064a7.js
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/app.30e064a7.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Wed, 25 Jan 2023 19:16:22 GMT
vary: Accept-Encoding
etag: W/"63d18006-c4648"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/static/GDPRPlugin/jquery.ihavecookies.min.js

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/static/GDPRPlugin/jquery.ihavecookies.min.js
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/GDPRPlugin/jquery.ihavecookies.min.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Mon, 04 Nov 2019 13:02:33 GMT
vary: Accept-Encoding
etag: W/"5dc02169-ff7"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
set-cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=63072000;includeSubDomains
x-frame-options: ALLOW
x-content-type-options: nosniff
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/static/FontList.css

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/static/FontList.css
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/FontList.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 23:19:00 GMT
vary: Accept-Encoding
etag: W/"5f73c0e4-d23"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/css/chunk-vendors.27c712ba.css

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/css/chunk-vendors.27c712ba.css
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/chunk-vendors.27c712ba.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Fri, 18 Sep 2020 12:04:01 GMT
vary: Accept-Encoding
etag: W/"5f64a231-14438"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/cheetah/split-test

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/cheetah/split-test
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cheetah/split-test HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
strict-transport-security: max-age=63072000;includeSubDomains
x-frame-options: ALLOW
x-content-type-options: nosniff
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/cheetah/pixel/get

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/cheetah/pixel/get
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cheetah/pixel/get HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
strict-transport-security: max-age=63072000;includeSubDomains
x-frame-options: ALLOW
x-content-type-options: nosniff
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/css/app.3b105bbd.css

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/css/app.3b105bbd.css
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/app.3b105bbd.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Wed, 25 Jan 2023 19:16:15 GMT
vary: Accept-Encoding
etag: W/"63d17fff-72e2e"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/static/bootstrap/dist/js/bootstrap.min.js

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/static/bootstrap/dist/js/bootstrap.min.js
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bootstrap/dist/js/bootstrap.min.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Fri, 27 Mar 2020 17:18:47 GMT
vary: Accept-Encoding
etag: W/"5e7e3577-e2d8"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/static/jarallax/jarallax.min.js

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/static/jarallax/jarallax.min.js
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/jarallax/jarallax.min.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2019 16:00:35 GMT
vary: Accept-Encoding
etag: W/"5e0a1f23-3b6b"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

facebook.friedland.business/static/bootstrap.min.css

64.251.1.115

200 OK

0 B

URL HTTP/2
facebook.friedland.business/static/bootstrap.min.css
IP
64.251.1.115:0
ASN
#15083 INFOLINK-MIA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/bootstrap.min.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Fri, 18 Oct 2019 20:42:23 GMT
vary: Accept-Encoding
etag: W/"5daa23af-2606e"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL