r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3797
Expires: Mon, 06 Feb 2023 23:15:37 GMT
Date: Mon, 06 Feb 2023 22:12:20 GMT
Connection: keep-alive
facebook.friedland.business/
64.251.1.115301 Moved Permanently 162 B URL HTTP/1.1 facebook.friedland.business/
IP 64.251.1.115:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 06 Feb 2023 22:12:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://facebook.friedland.business/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3640
Expires: Mon, 06 Feb 2023 23:13:00 GMT
Date: Mon, 06 Feb 2023 22:12:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 21:36:29 GMT
content-type: application/json
age: 2151
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11865
Expires: Tue, 07 Feb 2023 01:30:05 GMT
Date: Mon, 06 Feb 2023 22:12:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: s8nJEEPYtirnF7zG5TSfTttsebbCJbXG9XmH4zcmGHqq4X96d7t277Tl+T7WoSlvP31xGH1sseg=
x-amz-request-id: W6M05YPXCY423H27
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 21:45:19 GMT
age: 1621
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:20 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 22:07:20 GMT
age: 300
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 01df2a4a4af1e1620ab446d8bda29f4a
b91e2f6a17072adb20a42c3b046336bf294b7aaf
71c693941ff941d3e95389a5da03f253e7a7a141f2fcf20e6fa431fed48e2f4d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71C693941FF941D3E95389A5DA03F253E7A7A141F2FCF20E6FA431FED48E2F4D"
Last-Modified: Mon, 06 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Tue, 07 Feb 2023 04:11:21 GMT
Date: Mon, 06 Feb 2023 22:12:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14310
Expires: Tue, 07 Feb 2023 02:10:50 GMT
Date: Mon, 06 Feb 2023 22:12:20 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/d20o9eOJVd4
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/d20o9eOJVd4
IP 216.58.211.3:0
Hash 6dcbfee6a2e5388d05f5408bc7f88dbc
8a8eb046b2fc4379cec22bbbc31f9a3108f2ffbb
61dbcbd99a0fdbb74326d16d34fd65e6265ba3938a511666345f850ef6edc86f
POST /s/gts1p5/d20o9eOJVd4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Kf0WX5paq5IHU+IXGbroEA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JT/vDK3DDGVeSsgwLraoVZMbE0k=
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 639b4ed809597e03ff6fd6297015c2e9
dcfa40acb18ff8b82da6e1a71fe56c5ba344c3e5
4a647643c16b1ffe6b712d3f82e4be2c337cca1f8fe719b49cecf5133c67c18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4445
Cache-Control: max-age=170808
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:21 GMT
Etag: "63e16220-118"
Expires: Wed, 08 Feb 2023 21:39:09 GMT
Last-Modified: Mon, 06 Feb 2023 20:25:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (58392)
Hash 536b6de3113d2c4762be5f5fa6d4b11e
6819ef5f5338f8c86f42dc6ecf5e6a17679e0dab
a0bd64b9dfc97e8ac4ccd97e7dd54209901dcffef8a5cabf701750746201c5ac
GET /ajax/libs/font-awesome/5.13.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css; charset=utf-8
content-length: 10301
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-e4d2"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 12530617
expires: Sat, 27 Jan 2024 22:12:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tzeVA6ZFQlfvUErDDc9sXzlDCTIq9y1mbbBHORI1XnYChvwnaeXn%2Fhby4Yql26GIKrMzkj3%2Bw2ddmivDlMMdgXEW50ZGIGga7nTx7XWi%2FUwEd4GeVxlfjNIQyGr9LGNfmqg%2F%2BMp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79573a121cbd0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 639b4ed809597e03ff6fd6297015c2e9
dcfa40acb18ff8b82da6e1a71fe56c5ba344c3e5
4a647643c16b1ffe6b712d3f82e4be2c337cca1f8fe719b49cecf5133c67c18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4445
Cache-Control: max-age=170808
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:21 GMT
Etag: "63e16220-118"
Expires: Wed, 08 Feb 2023 21:39:09 GMT
Last-Modified: Mon, 06 Feb 2023 20:25:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
cdn.jsdelivr.net/npm/@mdi/font@5.8.55/css/materialdesignicons.min.css
151.101.1.229200 OK 43 kB URL HTTP/2 cdn.jsdelivr.net/npm/@mdi/font@5.8.55/css/materialdesignicons.min.css
IP 151.101.1.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8175a6e0c0f7b0a5a14d1b5d537000b2
050a2822317cabc1c32085327219cccc3b160d72
4aa2fb5657a8cef07fbb07bbe5a60d6094a4423769885bd52206816946dbe72b
GET /npm/@mdi/font@5.8.55/css/materialdesignicons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.8.55
x-jsd-version-type: version
etag: W/"41c3a-V0/1rmiSzFfK1zStZ4TO8mjD9Pg"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:21 GMT
age: 5434363
x-served-by: cache-fra-eddf8230056-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43447
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@mdi/font@4.4.95/css/materialdesignicons.min.css
151.101.1.229200 OK 34 kB URL HTTP/2 cdn.jsdelivr.net/npm/@mdi/font@4.4.95/css/materialdesignicons.min.css
IP 151.101.1.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ff6865890c5631dbb4db7e13bdcb0f85
1e9252866f8a116e12bb4d89f4cfbacc89952b52
1af73d46d0b9552679e6272872856bbe4b43cb941bec99b826e2d3493f3e5972
GET /npm/@mdi/font@4.4.95/css/materialdesignicons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.4.95
x-jsd-version-type: version
etag: W/"30ca6-Rm/JxyaDxAlQuY5XEBYILuIosEc"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:21 GMT
age: 2393270
x-served-by: cache-fra-eddf8230135-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33827
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash c10fa9412538514b77a2304cdd3106ba
0b6985812ee0780067e72588c89bf331b93e3ba9
22feeb5cc7007e7fd6c05f4b7ae2fb4366935aef4ed972b26120fa682188e412
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 22:12:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "7519734A1CE62BBF14F1965CB400B7462098F49D"
Expires: Tue, 07 Feb 2023 10:00:00 GMT
Last-Modified: Mon, 06 Feb 2023 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 78
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79573a12fc0bb4eb-OSL
builderall.com//franquias/2/73748/editor-html/3484811.png
172.67.20.48200 OK 15 kB URL HTTP/2 builderall.com//franquias/2/73748/editor-html/3484811.png
IP 172.67.20.48:0
File type PNG image data, 363 x 363, 8-bit/color RGBA, non-interlaced\012- data
Hash 57262c3f5580ea758e2f5023cb81db8e
9b338767e472caa4d3a735e2556b77972d176aa4
1d4c3406a11d08dbb8ced3f83e497764aefed787149c0138ea33487c99f47f66
GET //franquias/2/73748/editor-html/3484811.png HTTP/1.1
Host: builderall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: image/png
content-length: 14694
last-modified: Thu, 23 Jun 2022 05:43:02 GMT
etag: "62b3fd66-3966"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: ALLOW
x-content-type-options: nosniff
cf-cache-status: BYPASS
set-cookie: Path=/; HttpOnly; Secure
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79573a102e66b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
facebook.friedland.business/static/FontList/Muli/Muli.woff2
64.251.1.115200 OK 25 kB URL HTTP/2 facebook.friedland.business/static/FontList/Muli/Muli.woff2
IP 64.251.1.115:0
File type Web Open Font Format (Version 2), TrueType, length 24884, version 1.0\012- data
Hash 463e1d870377d943fe1b8a1ea9a44df5
3a72930c0c14dc43b196ea8dbb91f7dd465a7ca0
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Analyzer Verdict Alert fortinet Phishing
GET /static/FontList/Muli/Muli.woff2 HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://facebook.friedland.business/static/FontList.css
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/octet-stream
content-length: 24884
last-modified: Wed, 15 Apr 2020 12:29:58 GMT
etag: "5e96fe46-6134"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/d20o9eOJVd4
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/d20o9eOJVd4
IP 216.58.211.3:0
Hash 6dcbfee6a2e5388d05f5408bc7f88dbc
8a8eb046b2fc4379cec22bbbc31f9a3108f2ffbb
61dbcbd99a0fdbb74326d16d34fd65e6265ba3938a511666345f850ef6edc86f
POST /s/gts1p5/d20o9eOJVd4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
facebook.friedland.business/static/jquery-ui.js
64.251.1.115200 OK 144 kB URL HTTP/2 facebook.friedland.business/static/jquery-ui.js
IP 64.251.1.115:0
Size 144 kB (144218 bytes)
Hash e9c071a3c7bc273e4b452608e2bb46d5
479310b9cf3d806479fc7aa7bef0571974a9cf6d
441be2061d101f9e7f6e7f7a69d681f38e804eeeda6ad31e510b28f5b47f2960
Analyzer Verdict Alert fortinet Phishing
GET /static/jquery-ui.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 2019 20:42:22 GMT
vary: Accept-Encoding
etag: W/"5daa23ae-7f20a"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/js/chunk-vendors.bfe9948e.js
64.251.1.115200 OK 255 kB URL HTTP/2 facebook.friedland.business/js/chunk-vendors.bfe9948e.js
IP 64.251.1.115:0
Size 255 kB (255232 bytes)
Hash e264456f30c03a3505ab53c72ea91446
37f89885b8c95856be6fef0ab6bed97601ad0b68
33ceebcbd33dfc0150a5a9c6fe5e8a48936afaaf13bff71f1a988e809244d381
Analyzer Verdict Alert fortinet Phishing
GET /js/chunk-vendors.bfe9948e.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Tue, 06 Sep 2022 17:59:00 GMT
vary: Accept-Encoding
etag: W/"63178a64-b38ea"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7569
Expires: Tue, 07 Feb 2023 00:18:30 GMT
Date: Mon, 06 Feb 2023 22:12:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7568
Expires: Tue, 07 Feb 2023 00:18:30 GMT
Date: Mon, 06 Feb 2023 22:12:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bKYMmv-CTu5g0q9cDF0dV8USpQzNB7hfSUzT7ehM9z--o8QMqzjV6w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:10:59 GMT
age: 83
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
facebook.friedland.business/static/FontList/Roboto/Roboto-Regular.ttf
64.251.1.115200 OK 171 kB URL HTTP/2 facebook.friedland.business/static/FontList/Roboto/Roboto-Regular.ttf
IP 64.251.1.115:0
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data
Size 171 kB (171272 bytes)
Hash 11eabca2251325cfc5589c9c6fb57b46
096c9245b6a192d1403a82848e104a65f578a8ec
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
Analyzer Verdict Alert fortinet Phishing
GET /static/FontList/Roboto/Roboto-Regular.ttf HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/static/FontList.css
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/octet-stream
content-length: 171272
last-modified: Thu, 09 Apr 2020 20:05:35 GMT
etag: "5e8f800f-29d08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-header: *
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gcy4nCriTOJhhTqFJBuks649uy0s4r3TVV3-yAcUhImLwqKpn1d2_w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 14:03:29 GMT
age: 29333
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d8c3ebd17a435401c7f9fe3b8f842be
f2106be148fea23bf961fcdb69ea4cb127aa5f3e
ee708e68414539c75ddc077e0be7b75a86fd4fc9b6c1ddd1da86d0b9aca35558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4442
x-amzn-requestid: 1bb3d1b3-ff58-4b0d-9a2b-c25797530c5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQG1JoAMFRtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1bb478453ececa9613e7e4a2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: a6qwcT9sfonMVlyq2ZX6CSXWeW2upfeAWqqNEgVI2sqq7280sCfolw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:50:14 GMT
age: 1328
etag: "f2106be148fea23bf961fcdb69ea4cb127aa5f3e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0f48a44e1aece8d271028a7b0684cac
9f7247a3bb9248cd281c568ebba6e52b38b00149
0a34b5dc66f170403e79b2315a7cacef1703ce3777a20914525f86d46c0cd637
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11481
x-amzn-requestid: b50de2d1-c23b-4908-8fc3-e84eea0382a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRFL-oAMFnSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-0254cda141886e0f39e8f8b3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MMng1v3N8xzpjYVfdSDS7QfZX6DmvbEt1pWXM5GXicjxt8lZwItNoA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:53 GMT
age: 989
etag: "9f7247a3bb9248cd281c568ebba6e52b38b00149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
facebook.friedland.business/static/jquery-1.12.4.min.js
64.251.1.115200 OK 46 kB URL HTTP/2 facebook.friedland.business/static/jquery-1.12.4.min.js
IP 64.251.1.115:0
Hash 635ef24d571e56acdec0b6340e8f4263
656cc04529080d7952bc0ce15aa6e9a9db8d35e2
b5381f3fdf4e60e934d9febf57cda5c7cd9eb2da6e0c0f43451656e79683c4c2
Analyzer Verdict Alert fortinet Phishing
GET /static/jquery-1.12.4.min.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 2019 20:42:25 GMT
vary: Accept-Encoding
etag: W/"5daa23b1-17b93"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s4aaciuNuISH_IBccafT_H4hK8g0BRI7KaA1ZKSTIZCKAb3PcvGZTw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:50:12 GMT
age: 1330
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e9abb2fefdfbc9ecd2ed10d8019ab372
c3ffda12c9ae4e6ebca6f4b80bfebf61bd8c617f
75210ebc0d1d7eef6461a15725a842af6fb8c2dfb2d3d9a2bb7e6464d8a9754a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6423
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:22 GMT
Last-Modified: Mon, 06 Feb 2023 20:25:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
cdn.jsdelivr.net/npm/@mdi/font@5.8.55/fonts/materialdesignicons-webfont.woff2?v=5.8.55
151.101.1.229200 OK 320 kB URL HTTP/2 cdn.jsdelivr.net/npm/@mdi/font@5.8.55/fonts/materialdesignicons-webfont.woff2?v=5.8.55
IP 151.101.1.229:0
File type Web Open Font Format (Version 2), TrueType, length 319984, version 1.0\012- data
Size 320 kB (319984 bytes)
Hash 4187121a4353440c2a865dbf1bc1901b
24d77a27ad03c38e046c91fcd48011f16c72429b
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67
GET /npm/@mdi/font@5.8.55/fonts/materialdesignicons-webfont.woff2?v=5.8.55 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook.friedland.business
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 5.8.55
x-jsd-version-type: version
etag: W/"4e1f0-JNd6J60Dw44EbJH81IAR8WxyQps"
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:22 GMT
age: 2930443
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1677-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 319984
X-Firefox-Spdy: h2
facebook.friedland.business/static/FontList/Muli/Muli-Black.woff2
64.251.1.115200 OK 12 kB URL HTTP/2 facebook.friedland.business/static/FontList/Muli/Muli-Black.woff2
IP 64.251.1.115:0
File type Web Open Font Format (Version 2), TrueType, length 11644, version 1.0\012- data
Hash 2bbc60d491c1486c14c125be6f5c1aa6
58f87500c55cf75ad3496968c4bcacb98493d033
e6600dc3d4a01ea1e1f10f82d3046b4995142fa6c8d5e8564b0c3674f02fd85b
Analyzer Verdict Alert fortinet Phishing
GET /static/FontList/Muli/Muli-Black.woff2 HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://facebook.friedland.business/static/FontList.css
Cookie: Path=/; Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: application/octet-stream
content-length: 11644
last-modified: Tue, 07 Apr 2020 18:50:00 GMT
etag: "5e8ccb58-2d7c"
expires: Tue, 06 Feb 2024 22:12:22 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
accept-ranges: bytes
X-Firefox-Spdy: h2
facebook.friedland.business/static/FontList/Lato/Lato-Black.woff2
64.251.1.115200 OK 14 kB URL HTTP/2 facebook.friedland.business/static/FontList/Lato/Lato-Black.woff2
IP 64.251.1.115:0
File type Web Open Font Format (Version 2), TrueType, length 13732, version 1.0\012- data
Hash e6769e88a9b4b8da71003fa6116c3e1f
01b44a4ed805df82a6f28dde801c508831b86092
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Analyzer Verdict Alert fortinet Phishing
GET /static/FontList/Lato/Lato-Black.woff2 HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://facebook.friedland.business/static/FontList.css
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: application/octet-stream
content-length: 13732
last-modified: Tue, 07 Apr 2020 18:50:01 GMT
etag: "5e8ccb59-35a4"
expires: Tue, 06 Feb 2024 22:12:22 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
accept-ranges: bytes
X-Firefox-Spdy: h2
player.vimeo.com/video/363782125?autoplay=1&loop=1
162.159.128.61200 OK 5.8 kB URL HTTP/1.1 player.vimeo.com/video/363782125?autoplay=1&loop=1
IP 162.159.128.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18715), with no line terminators
Hash 60c29b39a9d9be5d8908ceb4980f9897
e42a72ec74295b7e0565f6635e820bb1d1099f45
92a55d86e1d6ac66606dc4b3f7f3a08f0b8eae3b0095300d982b72ed73473425
GET /video/363782125?autoplay=1&loop=1 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 22:12:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Mon, 06 Feb 2023 22:22:22 GMT
x-host: player-7b7859db66-7fvw2
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-3
x-backend-proxy: playproxy4
x-bapp-server: player-7b7859db66-7fvw2
Age: 0
X-Served-By: cache-cph2320034-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675721542.258484,VS0,VE289
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=2Qz8_4ym9.ca9gRgf4_nyUb6gsBFp9sqgdCf56sOsfo-1675721542-0-ATCCEeE/JWFo9ub8h1HZ85WIE+FhqL98W79y0EbNm8RiUuLPQB6xbKfLBertPvsX9k8as66yuG3gNMxXoXC+qKo=; path=/; expires=Mon, 06-Feb-23 22:42:22 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 79573a170fedb50f-OSL
Content-Encoding: gzip
f.vimeocdn.com/p/4.19.2/css/player.css
151.101.86.109200 OK 20 kB URL HTTP/2 f.vimeocdn.com/p/4.19.2/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash c0026d31413bb2152b7719a0760a9e35
7807e493c951cb8ad095ae2456cde9719470ea44
89344b91b186bccdd3f4a2a9c71702950700b9cfa66aced10935de2ab81b9a67
GET /p/4.19.2/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:22 GMT
age: 532204
x-served-by: cache-iad-kiad7000158-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 10, 139470
x-timer: S1675721543.642564,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20069
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.19.2/js/player.module.js
151.101.86.109200 OK 118 kB URL HTTP/2 f.vimeocdn.com/p/4.19.2/js/player.module.js
IP 151.101.86.109:0
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 118 kB (118106 bytes)
Hash a3997f52d132221645130f34951abf8d
ed1765341e8f05646536584c18d519ee3f455f47
dba3f740169da84d5ad9c5a18d60c16b7b1b5a084ff33abc9abff3758381d54d
GET /p/4.19.2/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:22 GMT
age: 532205
x-served-by: cache-iad-kiad7000084-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
x-cache-hits: 10, 110224
x-timer: S1675721543.738937,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 118106
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.19.2/js/vendor.module.js
151.101.86.109200 OK 92 kB URL HTTP/2 f.vimeocdn.com/p/4.19.2/js/vendor.module.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (65457)
Hash e19c45e679b1f6522d7fd4e720bbc735
5c3dcd4a1a4509f1c6ae0106da139d3993faeb4c
36921f993763972f5e285ae77f8714d4c84402aed750f2f456ecde98d727c684
GET /p/4.19.2/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:22 GMT
age: 532205
x-served-by: cache-iad-kiad7000044-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
x-cache-hits: 20, 128607
x-timer: S1675721543.876809,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 92489
X-Firefox-Spdy: h2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 985 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash 0541e0ff8702adadfd34ee8c298afbdf
c10da432fdb8736622c8c1fb7708b2599cae882c
967903be4f14e85fe685577417cf83d53b5363e5f02baa3b2242c19a7030b652
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:22 GMT
age: 1784109
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 4460, 351799
x-timer: S1675721543.985262,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 985
X-Firefox-Spdy: h2
facebook.friedland.business/static/powered_by.png
64.251.1.115200 OK 3.4 kB URL HTTP/2 facebook.friedland.business/static/powered_by.png
IP 64.251.1.115:0
File type PNG image data, 138 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a6dc7ed0ee427d80e7a138a2e1bae0a
f7e88bfc8d95ec65c60f07af176e6d35076058b4
b66db702101679c30cb46dae5dcf940e62e615ee94c4fe750b5d7e7f8f014ddb
GET /static/powered_by.png HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: image/png
content-length: 3370
last-modified: Wed, 25 Mar 2020 15:29:59 GMT
etag: "5e7b78f7-d2a"
expires: Tue, 06 Feb 2024 22:12:22 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
accept-ranges: bytes
X-Firefox-Spdy: h2
i.vimeocdn.com/video/819029638-dfc12cb0d72bd65511add9fef5f7538b45a84c9a2a1593fba3981f6d7d7a48e8-d?mw=1000&mh=562
151.101.86.109200 OK 21 kB URL HTTP/2 i.vimeocdn.com/video/819029638-dfc12cb0d72bd65511add9fef5f7538b45a84c9a2a1593fba3981f6d7d7a48e8-d?mw=1000&mh=562
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash 8ebddef50be37d3e5489aaefea5383a3
5a7495acbe731ed2139c47840051de9be6bcb254
32ee764a03066e2fb565e14be575f97662e80b805f3399313399502d2099ec4a
GET /video/819029638-dfc12cb0d72bd65511add9fef5f7538b45a84c9a2a1593fba3981f6d7d7a48e8-d?mw=1000&mh=562 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 8ebddef50be37d3e5489aaefea5383a3
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-x6q0
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Mon, 06 Feb 2023 22:12:23 GMT
age: 936242
x-served-by: cache-dfw-kdfw8210135-DFW, cache-bma1670-BMA
x-cache: miss, HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675721543.016175,VS0,VE131
vary: Accept
content-length: 21428
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
216.58.211.3200 OK 166 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (622)
Size 166 kB (165540 bytes)
Hash 2ea1a9fb8dfcdafa252df2e421b227eb
eeecc9d04fdc17536f46f9fd95116e8b2ecf19fb
a7cf73b4e7745ca0202b7c3144ca7a84f9a456cead50e32adb029dc9fb9cb19e
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://facebook.friedland.business
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 165540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 21:57:21 GMT
expires: Mon, 05 Feb 2024 21:57:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 87302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/597f846a,05e8be74,99335e3f,7f0a3185,8c02ac08/master.json?base64_init=1
95.101.11.17200 OK 2.2 kB URL HTTP/1.1 161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/597f846a,05e8be74,99335e3f,7f0a3185,8c02ac08/master.json?base64_init=1
IP 95.101.11.17:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (14516)
Hash b4d4e144a570b9f6998b2aab3008130f
cbf2ae03bf20f18dede43ed554b256e51e2d4c7f
b157018ad030655f17a49ec85b7b1d7d4a8ee1a99aca294140e2fbaa319219d4
GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/597f846a,05e8be74,99335e3f,7f0a3185,8c02ac08/master.json?base64_init=1 HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: application/json
ETag: W/"523048e7f5ca9550505f2d8ea6d587e7"
origin-retrieved-hour: 1671958800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Content-Length: 2228
Aka-c-hit: cache-hit
Cache-Control: max-age=29973809
Date: Mon, 06 Feb 2023 22:12:23 GMT
Connection: keep-alive
Vary: Accept-Encoding
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.d0b655f.1675721543.38aeffda
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/05e8be74/chop/segment-1.m4s?r=dXM%3D
95.101.11.17200 OK 48 kB URL HTTP/1.1 161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/05e8be74/chop/segment-1.m4s?r=dXM%3D
IP 95.101.11.17:0
ASN #20940 Akamai International B.V.
Hash ab9931584abbe8e37a43daef9cd1a65d
e818bb53b06bf2b07fd78ff54e7431d27c295cfc
af40aa815dfc108125ce7313727bfa9a13476566d0651cdeee1ab5978ab0e34c
GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/05e8be74/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 48359
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671958800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=29973715
Date: Mon, 06 Feb 2023 22:12:23 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721543.38af0080
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 216.58.211.3:0
Hash 3b63ca4994180f27fdda918675f9a626
bc81b0cb4adb3226de1a680666e7944f37bae1ff
30985391d442448c2d2e8d2c6917c6f66664d5e064c5ca1f944b4c7eaba8f910
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
facebook.friedland.business/static/material-icon.css
64.251.1.115200 OK 820 B URL HTTP/2 facebook.friedland.business/static/material-icon.css
IP 64.251.1.115:0
Hash f4ab48fa20d4adda09916b49a8909711
d3dd82f063999686c126866d3921adcf7728826b
49ef346d547420fe1bb2167fc0bf03bb087036c5c43958b662ecdb2db85d70b4
GET /static/material-icon.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Tue, 07 Apr 2020 18:50:00 GMT
vary: Accept-Encoding
etag: W/"5e8ccb58-237"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/05e8be74/chop/segment-1.m4s?r=dXM%3D
95.101.11.17200 OK 149 kB URL HTTP/1.1 161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/05e8be74/chop/segment-1.m4s?r=dXM%3D
IP 95.101.11.17:0
ASN #20940 Akamai International B.V.
Size 149 kB (148956 bytes)
Hash e1c25175cc50b05388b703a558187236
5cc96f388564803a63bac2ea0ded6f3d4dc76436
d064bf6ff70a0c69ee5ecb823b2084bf48e55a25ed82607fa2ffc17975ad5110
GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/05e8be74/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 148956
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671958800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=29973857
Date: Mon, 06 Feb 2023 22:12:23 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721543.38af012b
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
cheetah-api.builderall.com/get-plan/6043483
172.67.20.48200 OK 96 B URL HTTP/2 cheetah-api.builderall.com/get-plan/6043483
IP 172.67.20.48:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 59fe84c128feb5976b2c52ad08ef9db6
9c452d7a0867634083616a79cc55812a4dfa987f
6ca5e4d31422a394cdbbe6dc7c9183ffb5287d7eb4f5ba3adb0f6159e8999e5a
GET /get-plan/6043483 HTTP/1.1
Host: cheetah-api.builderall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://facebook.friedland.business
Connection: keep-alive
Referer: https://facebook.friedland.business/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
cache-control: private, must-revalidate, public
pragma: no-cache, public
expires: -1
x-xss-protection: 1; mode=block
set-cookie: XSRF-TOKEN=eyJpdiI6Ikx3dit2MTVjclQ5Y05uOWpUY0dScGc9PSIsInZhbHVlIjoibEhRelpYT2pjXC9wNDZtYlN3SHVMakozNUdBNXRiQ2F6Y3R3eEVzNkFIbmJrb1Z6RkUyNTlNYk1scDdnT1JOTEMiLCJtYWMiOiIzNmJkYzEzMzBhNDUyZjZlZjliZjMxNDc3MzM2NTVjNTc1ODZiNWRmOGUyYmJhMjYwN2JhYWNiMzlhZjhmMDc2In0%3D; expires=Tue, 07-Feb-2023 00:12:22 GMT; Max-Age=7200; path=/;HttpOnly;Secure
laravel_session=eyJpdiI6InFrNjc4T1JRd1pNRjFibE8xTDFSRnc9PSIsInZhbHVlIjoieGo1M2w3aWdna1BQOU5wQVNtUzJvMWtDY1JyTjNWSFlsek1nRlppV2Rwb2FrallHMVJYczVoSWlKQjdERXNaMyIsIm1hYyI6ImRiM2JhMjg0ZjJjMzZkNDA2OTczYjk0ZDBkMmQ4NTJkZTkxYzBkNmQ0OTRiMTdhYTY1ODI4ZGVkZjAwODY0NWIifQ%3D%3D; expires=Tue, 07-Feb-2023 00:12:22 GMT; Max-Age=7200; path=/; httponly;HttpOnly;Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79573a168ce9b4f3-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1725
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Mon, 06 Feb 2023 22:12:23 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
player-telemetry.vimeo.com/player-events/log/play
34.120.202.204200 OK 0 B URL HTTP/2 player-telemetry.vimeo.com/player-events/log/play
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /player-events/log/play HTTP/1.1
Host: player-telemetry.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 665
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
content-type: text/html; charset=UTF-8
date: Mon, 06 Feb 2023 22:12:23 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=278b12e6b4a2c892b4a30468849bc85fefb56ffb1675721542 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1434
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Mon, 06 Feb 2023 22:12:23 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 216.58.211.3:0
Hash 3b63ca4994180f27fdda918675f9a626
bc81b0cb4adb3226de1a680666e7944f37bae1ff
30985391d442448c2d2e8d2c6917c6f66664d5e064c5ca1f944b4c7eaba8f910
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 216.58.211.3:0
Hash 3b63ca4994180f27fdda918675f9a626
bc81b0cb4adb3226de1a680666e7944f37bae1ff
30985391d442448c2d2e8d2c6917c6f66664d5e064c5ca1f944b4c7eaba8f910
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 22:12:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-1.m4s?r=dXM%3D
95.101.11.17200 OK 194 kB URL HTTP/1.1 161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-1.m4s?r=dXM%3D
IP 95.101.11.17:0
ASN #20940 Akamai International B.V.
Size 194 kB (193471 bytes)
Hash 3b4a2dd29ebab83c185e037699de9530
cd98df12b40e02dddd1bfdb938276816061fbd0d
095878ab558c66195607770183cfccbdb544d69ca2347ffaae2b16b8cde6f2ca
GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 193471
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671958800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30601664
Date: Mon, 06 Feb 2023 22:12:23 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721543.38af01c6
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-1.m4s?r=dXM%3D
95.101.11.17200 OK 864 kB URL HTTP/1.1 161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-1.m4s?r=dXM%3D
IP 95.101.11.17:0
ASN #20940 Akamai International B.V.
Size 864 kB (864479 bytes)
Hash e2159421f3981cf72a9c6dec2ebea303
69659c57d85b5bfdc9360e0069430d56b713ea33
0e093518de4a2dd09cc7b25ddd4ea2715b73617fb604242e678d8c0eebd31a39
GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 864479
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671958800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30601600
Date: Mon, 06 Feb 2023 22:12:24 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721544.38af0280
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-2.m4s?r=dXM%3D
95.101.11.17200 OK 194 kB URL HTTP/1.1 161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-2.m4s?r=dXM%3D
IP 95.101.11.17:0
ASN #20940 Akamai International B.V.
Size 194 kB (193865 bytes)
Hash 125093f168acb1b6a00c8a2b583237dd
6405560d9455bb7d54b1c1e9a27218c4c71a2e34
4f7f097809fc20bc48e1ed6e7e0e74885ebc342712ec62ab8df4e1dd9579f678
GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-2.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 193865
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671969600
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30601630
Date: Mon, 06 Feb 2023 22:12:25 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721545.38af06d3
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-2.m4s?r=dXM%3D
95.101.11.17200 OK 730 kB URL HTTP/1.1 161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-2.m4s?r=dXM%3D
IP 95.101.11.17:0
ASN #20940 Akamai International B.V.
Size 730 kB (729777 bytes)
Hash 601a7574747cf6181dd2126078638e32
28e523a87ea3b144651baf24564f01a699aeb729
ad19e49769a9608fb9a882dc15d6c421f68a9e1bf31f66fda1a28463eeee4fb0
GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-2.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 729777
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1673110800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31535978
Date: Mon, 06 Feb 2023 22:12:25 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721545.38af07c4
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-3.m4s?r=dXM%3D
95.101.11.17200 OK 751 kB URL HTTP/1.1 161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-3.m4s?r=dXM%3D
IP 95.101.11.17:0
ASN #20940 Akamai International B.V.
Size 751 kB (751400 bytes)
Hash cb949894b2150b6794a951df850fab04
d3ff1317f04be9cadd073dbd186d3f7639dc381f
c408812823cf495be13b62217711760d1c6f6f6fed19296f7e0e134b0556bd2c
GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/video/8c02ac08/chop/segment-3.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 751400
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1671969600
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30601581
Date: Mon, 06 Feb 2023 22:12:25 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721545.38af0852
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-3.m4s?r=dXM%3D
95.101.11.17200 OK 192 kB URL HTTP/1.1 161vod-adaptive.akamaized.net/exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-3.m4s?r=dXM%3D
IP 95.101.11.17:0
ASN #20940 Akamai International B.V.
Size 192 kB (192541 bytes)
Hash e7230bf84924051e8cbd2c9b69e243b4
5baebb22cbf2982c45b5fa409471ab7cd65330bd
3a57a828052bc542c2a28dc39317164770378f7deac7dd1e28ceb20b4fe4ce39
GET /exp=1675725442~acl=%2F578c3daf-f576-4410-ba87-3244ac356f00%2F%2A~hmac=f14176f74ca5f1c3607aecd7626fbbc86bcd7f17e15463ee9693c83f91dbe116/578c3daf-f576-4410-ba87-3244ac356f00/sep/audio/597f846a/chop/segment-3.m4s?r=dXM%3D HTTP/1.1
Host: 161vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
accept-range: bytes
Content-Length: 192541
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
using-starlord: true
origin-retrieved-hour: 1673110800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31535950
Date: Mon, 06 Feb 2023 22:12:26 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.d0b655f.1675721546.38af08f6
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.17
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixAMZh_xOYWVESJ0jOEPOXZ4GQBDUZZsh26yEDYfl8APcBF2x2sZYg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:02:54 GMT
age: 574
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
facebook.friedland.business/static/bootstrap-carousel/css/bootstrap.css
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/static/bootstrap-carousel/css/bootstrap.css
IP 64.251.1.115:0
GET /static/bootstrap-carousel/css/bootstrap.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Thu, 28 May 2020 20:00:16 GMT
vary: Accept-Encoding
etag: W/"5ed01850-177c"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/js/app.30e064a7.js
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/js/app.30e064a7.js
IP 64.251.1.115:0
Analyzer Verdict Alert fortinet Phishing
GET /js/app.30e064a7.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Wed, 25 Jan 2023 19:16:22 GMT
vary: Accept-Encoding
etag: W/"63d18006-c4648"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/static/GDPRPlugin/jquery.ihavecookies.min.js
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/static/GDPRPlugin/jquery.ihavecookies.min.js
IP 64.251.1.115:0
Analyzer Verdict Alert fortinet Phishing
GET /static/GDPRPlugin/jquery.ihavecookies.min.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Mon, 04 Nov 2019 13:02:33 GMT
vary: Accept-Encoding
etag: W/"5dc02169-ff7"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/
IP 64.251.1.115:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
set-cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=63072000;includeSubDomains
x-frame-options: ALLOW
x-content-type-options: nosniff
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/static/FontList.css
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/static/FontList.css
IP 64.251.1.115:0
GET /static/FontList.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 23:19:00 GMT
vary: Accept-Encoding
etag: W/"5f73c0e4-d23"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/css/chunk-vendors.27c712ba.css
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/css/chunk-vendors.27c712ba.css
IP 64.251.1.115:0
GET /css/chunk-vendors.27c712ba.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Fri, 18 Sep 2020 12:04:01 GMT
vary: Accept-Encoding
etag: W/"5f64a231-14438"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/cheetah/split-test
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/cheetah/split-test
IP 64.251.1.115:0
Analyzer Verdict Alert fortinet Phishing
GET /cheetah/split-test HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
strict-transport-security: max-age=63072000;includeSubDomains
x-frame-options: ALLOW
x-content-type-options: nosniff
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/cheetah/pixel/get
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/cheetah/pixel/get
IP 64.251.1.115:0
Analyzer Verdict Alert fortinet Phishing
GET /cheetah/pixel/get HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:22 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
strict-transport-security: max-age=63072000;includeSubDomains
x-frame-options: ALLOW
x-content-type-options: nosniff
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/css/app.3b105bbd.css
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/css/app.3b105bbd.css
IP 64.251.1.115:0
GET /css/app.3b105bbd.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Wed, 25 Jan 2023 19:16:15 GMT
vary: Accept-Encoding
etag: W/"63d17fff-72e2e"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/static/bootstrap/dist/js/bootstrap.min.js
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/static/bootstrap/dist/js/bootstrap.min.js
IP 64.251.1.115:0
Analyzer Verdict Alert fortinet Phishing
GET /static/bootstrap/dist/js/bootstrap.min.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Fri, 27 Mar 2020 17:18:47 GMT
vary: Accept-Encoding
etag: W/"5e7e3577-e2d8"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/static/jarallax/jarallax.min.js
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/static/jarallax/jarallax.min.js
IP 64.251.1.115:0
Analyzer Verdict Alert fortinet Phishing
GET /static/jarallax/jarallax.min.js HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2019 16:00:35 GMT
vary: Accept-Encoding
etag: W/"5e0a1f23-3b6b"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2
facebook.friedland.business/static/bootstrap.min.css
64.251.1.115200 OK 0 B URL HTTP/2 facebook.friedland.business/static/bootstrap.min.css
IP 64.251.1.115:0
GET /static/bootstrap.min.css HTTP/1.1
Host: facebook.friedland.business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://facebook.friedland.business/
Cookie: Path=/; PHPSESSID=kehstj6pqdbmm47iqoj2me139q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 22:12:21 GMT
content-type: text/css
last-modified: Fri, 18 Oct 2019 20:42:23 GMT
vary: Accept-Encoding
etag: W/"5daa23af-2606e"
expires: Tue, 06 Feb 2024 22:12:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
x-frame-options: ALLOW
set-cookie: Path=/; HttpOnly; Secure
access-control-allow-origin: *
x-builderall: CDNUSA
content-encoding: gzip
X-Firefox-Spdy: h2