r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5392
Expires: Thu, 08 Dec 2022 03:18:35 GMT
Date: Thu, 08 Dec 2022 01:48:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2614
Expires: Thu, 08 Dec 2022 02:32:17 GMT
Date: Thu, 08 Dec 2022 01:48:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 01:08:06 GMT
content-type: application/json
age: 2437
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c3470f9f0a4df8c1496b577fa9435ff6
f83b0226bb57ed0f3e1acdad61b940414add135d
f542579e3a3577a646babde862282c2afda6ed784360a915143216100f7a3d91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12677
Expires: Thu, 08 Dec 2022 05:20:00 GMT
Date: Thu, 08 Dec 2022 01:48:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oVpyZI0hFYB3vERdLT97GaPOJBnC3ZfcUBHlyQJ85rrZQN0zp4OQNsD81qBkVKqci/o9WBR3QI0=
x-amz-request-id: 3BVRS6J7ETS4DDF5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 00:49:34 GMT
age: 3549
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 01:48:43 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 01:07:55 GMT
age: 2449
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebooks.org.ua/
185.104.45.145200 OK 20 kB IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (29689)
Hash 6f84ecf9c587070a696b5ded3ba94418
6111dff0e900c97a0db0a77e311897aeb8671529
fc16a40f94f4331eaf5c34a156551ee33d6c42e28bc56db5b46a0fceead4e35d
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET / HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-ray: p1111:0.410/wn22758:0.400/wa22758:D=401112
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/GG0K83AfMkn.css
185.104.45.145200 OK 4.1 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/GG0K83AfMkn.css
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (3836)
Hash 2f6c454175bf414a8144a618ae0e7259
fc4d01b150f8617a20c52dedee11783cc239d350
220a2d23cab9691af48fabaab96ea316fe95f187a806cab5d97de14389d9cf2c
Analyzer Verdict Alert openphish Facebook, Inc.
GET /Facebook/GG0K83AfMkn.css HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-3d73"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/6yiKOJP5bvY.css
185.104.45.145200 OK 3.1 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/6yiKOJP5bvY.css
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (1591)
Hash b1e2571bbfe011fa342da46e8aaaf14e
d436ff84fa869d8a2db987b791ab653d11ac6d13
9a8820979a3b9e479bbaf5de71e3e8f7458068e62126dd9ab4d5d799fbc2ac49
Analyzer Verdict Alert openphish Facebook, Inc.
GET /Facebook/6yiKOJP5bvY.css HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-253b"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/IISturdsBIu.js
185.104.45.145200 OK 11 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/IISturdsBIu.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (10494)
Hash a76c532b688e026bccb24995aed83806
9c90d1c6c45ec0f14d110ec0177761dce4c942fb
889446a804630f612c6f1465cc1963430b1f6ac2ddb60c4459f731836c83634b
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/IISturdsBIu.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-8a05"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/Dn1P5ckmz0X.js
185.104.45.145200 OK 16 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/Dn1P5ckmz0X.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type exported SGML document, ASCII text, with very long lines (43749)
Hash 15a13d2bb75f23a9959a2a419ae12a78
966972ca0e087423e3485134675ca240590f0a28
ab40288262dfda31101c00bcd786a644e9e36c65d2ed809a187b0e536002b7bc
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/Dn1P5ckmz0X.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-f189"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/yuXZQk4LUL2.js
185.104.45.145200 OK 1.8 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/yuXZQk4LUL2.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (1350)
Hash ee7b5ff27b1955f7885e3f15ddea8198
f812e8b462247b4347143c76ccc7fa09bb85674f
fa84f1cf970aba76d4b131b18271b50df1c8c402c51b6a3a89706ae9f7433b17
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/yuXZQk4LUL2.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Content-Length: 1786
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: "638f5d38-6fa"
x-ray: p1111:0.000/wn22758:0.000/
Accept-Ranges: bytes
www.facebooks.org.ua/Facebook/LFJDMBbOfee.js
185.104.45.145200 OK 7.5 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/LFJDMBbOfee.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (5542)
Hash 988318e25f5b571cf9d3e9092a5d2b67
5b82709cfb9c55b59b21237a14fb04d88d6b36f8
446e98b4d465a454e15015455de71e893182bd15408e2d77a788ea9b21faf2a7
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/LFJDMBbOfee.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-5951"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/qu9vi-bmWl3.js
185.104.45.145200 OK 3.0 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/qu9vi-bmWl3.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (1747)
Hash c49413c27c871673df173bcef762931e
613644bd787f550da38d581fa79ad949aa1b2675
259e054858fe683061057f2683282b28af9f36caff30a7284786faaf153ca53b
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/qu9vi-bmWl3.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-212c"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/p0bcnVbl1Lr.js
185.104.45.145200 OK 12 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/p0bcnVbl1Lr.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (9053)
Hash d795b2bad64ee0cf00afd3b217854dd0
bfd3dadcc7a8641c46ab432a044f57c7d8436ac9
63baaa2e0d6242f9cb715bfcf215359ea6cbff25c6741927a6c1abb5b2572031
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/p0bcnVbl1Lr.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-88ed"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/j_uHdvkyoIZ.js
185.104.45.145200 OK 4.1 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/j_uHdvkyoIZ.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (3203)
Hash cacf1242e4a30b7232ea1f64d2422500
ef4a7d08096a8b0c041668248cb45af8f573c6db
06bd73c0d58777de84ca4a13bc63a5081cf29842b2c49ef3e63f9b4d112ac6b4
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/j_uHdvkyoIZ.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-2670"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/Sy7PDSbAImi.js
185.104.45.145200 OK 7.5 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/Sy7PDSbAImi.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (4643)
Hash fb123acec624db566d2f7e4e3838ee92
22eb6048cc1223395277231d69c35659c4495cfe
34ec08fb96d28bb320b7045121b5e2899644e53d1fa2def764778756a5349c8a
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/Sy7PDSbAImi.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-5459"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2187
Cache-Control: max-age=114872
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:48:44 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:43:16 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
www.facebooks.org.ua/Facebook/M08arqdo_nN.js
185.104.45.145200 OK 1.6 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/M08arqdo_nN.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (1603)
Hash b4c7a00e3ecaabbc8c9b06b3f43c8df2
384878e16d859f5c9aafe984a7807fca1d2a34c7
2e4be2aad34cce455fc007fbd7be603fb27a8e6b756f5841327cad667667f83b
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/M08arqdo_nN.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Content-Length: 1622
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: "638f5d38-656"
x-ray: p1111:0.000/wn22758:0.000/
Accept-Ranges: bytes
www.facebooks.org.ua/Facebook/lS9_2HUikEH.js
185.104.45.145200 OK 9.9 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/lS9_2HUikEH.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (7258)
Hash 9c991c72782fdf4fc45376aace85bd17
8c50268e4e9d782321f5a45c620c81378b368fdd
3523f925621a8be142f508a146f5b8a7f1eb600281f5c8f220cf67dd58d37d46
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/lS9_2HUikEH.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-764b"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/2X0xHj2P49v.js
185.104.45.145200 OK 9.6 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/2X0xHj2P49v.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (4438)
Hash 2ecafb54e979a814fa3cb0b952a3bf47
810b05c44b6d4183af85f35256ade58790027b9e
dd0b65a331e5cb40264bee37ba58147d5f53c3b711024700a42e3da1bc9db8cf
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/2X0xHj2P49v.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-8117"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/LgvwffuKmeX.js
185.104.45.145200 OK 14 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/LgvwffuKmeX.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (32588)
Hash 0cd36112e586ee3ffc66a4e46c35a5f5
fa98cac27e3c0916ec7214baa36937875562f2c9
d2c4529c1b76e5cb62e6414283367ecdfbd81804b07e36a47e8ce5682eebc97b
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/LgvwffuKmeX.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-a9f6"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/_tJ17sGyxOX.js
185.104.45.145200 OK 8.1 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/_tJ17sGyxOX.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (17932)
Hash 6edc9af67523afcf6bd819de55a99f1f
0632a8d804b4b98b14aa98b144f75fae835feda7
6e10dc7701c200f169561cb555cb3b35bb98622b461a3882e50a28930d038480
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/_tJ17sGyxOX.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-46ea"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/xXDOO3oMCfl.js
185.104.45.145200 OK 10 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/xXDOO3oMCfl.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (7732)
Hash 017269812a975412a5302db6d84c7f15
59ad9e60fd9c64b7975fa357b625113c2bd62718
e9fef2155a4ba8bdbd339df4bda6959fc99dbac01b1f6666b7ddeb0e0fba4b8b
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/xXDOO3oMCfl.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-c68c"
x-ray: p1111:0.001/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/iVBWJtU1mxB.js
185.104.45.145200 OK 878 B URL HTTP/1.1 www.facebooks.org.ua/Facebook/iVBWJtU1mxB.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (1204)
Hash e826fa44536d7b971461d97df6245086
71cc4a64f02572d2c7ff9c00aea00045e874e64b
a032c037cab1f6f52c3d5bc847531054cdbff67875c88ec6fef428bf380a78bd
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/iVBWJtU1mxB.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-8a2"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/PvgsZ6D1RbV.js
185.104.45.145200 OK 5.3 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/PvgsZ6D1RbV.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type C source, ASCII text, with very long lines (5828)
Hash 163ac60bc6ea15e308338e7ab1fd691c
8ea6c72ba9b6784d84b0335fbb77d079d2bb4dd8
7d6e6fcd37c6a6eb18525efe3fd7af46f970391e957a147bda8c3c4328c7cc7a
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/PvgsZ6D1RbV.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-45d7"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/C3CnmLDYuAn.js
185.104.45.145200 OK 1.2 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/C3CnmLDYuAn.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (2772)
Hash a791d7536178d3565dd281def2801eb0
4e468534e8e72f7bad9ef30ecc5b29600782dc55
b8f08b8a6c57371d9e8d4efdd675e60f6139597b05a79f70a95eb64d6bc07cd2
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/C3CnmLDYuAn.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-dbb"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/XRBIW2_mxwG.js
185.104.45.145200 OK 1.2 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/XRBIW2_mxwG.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (1888)
Hash e410d5622289e8787a03feb69cb93bfc
6a9f600399c470306fc9fa6663d31e643f276163
d6b1b36ae15478c05801e00762326b133fd4bdac5ab8467771a45c0fe253a761
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/XRBIW2_mxwG.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-b05"
x-ray: p1111:0.001/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/WLiNYJ89VSl.css
185.104.45.145200 OK 1.9 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/WLiNYJ89VSl.css
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (3575)
Hash dd3edd7c97872bffb96fad244a76c7f8
0561a78d0755d57e3578062fb96e1ae126f78056
5c72f4f47eb666ce16460d04e987312ca516e5b34c35ff77aa3e299a92a323a6
Analyzer Verdict Alert openphish Facebook, Inc.
GET /Facebook/WLiNYJ89VSl.css HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-1b71"
x-ray: p1111:0.001/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/wfcbmQCMxG3.js
185.104.45.145200 OK 14 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/wfcbmQCMxG3.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type C source, ASCII text, with very long lines (8741)
Hash 44391a47ab6d63da4a001228585cd362
559093f7a91f64e99dd7a6487fc98572c3455a40
8181cf47c5e8f0923f9d13469357636849ead178a45a2eea40e5080a3ed25ced
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/wfcbmQCMxG3.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-af05"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/hYZSPreW-_h.css
185.104.45.145200 OK 3.8 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/hYZSPreW-_h.css
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (4583)
Hash 84b7925299569a1a0b0297571c18adef
a6e2b3498cd14b29fecfc45f2c6d27eb28f2d6ae
c13b15258cc73c7ca7dfc7de7b904d250916f51bc463cb35570d6ffc0fb1d8e2
Analyzer Verdict Alert openphish Facebook, Inc.
GET /Facebook/hYZSPreW-_h.css HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-3b5b"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/qoSyz577Lea.css
185.104.45.145200 OK 5.0 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/qoSyz577Lea.css
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (2821)
Hash 4fc0749db43245966e1f220026126d64
26453bb900408c194d881ee0e0383c14fbb26d0e
073cbcb9a5b7f645a2690de4d7e4dc1dc44f142c748ed86e1de20f71c113c2e9
Analyzer Verdict Alert openphish Facebook, Inc.
GET /Facebook/qoSyz577Lea.css HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-46e1"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/wr1zxrk-G50.css
185.104.45.145200 OK 1.5 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/wr1zxrk-G50.css
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (1421)
Hash 4d1a83d9175b6dc9cc48ddc7a2f49671
a19859a52ef99ad87fa80e85d4655e6bc4a4bed4
dcce1b80a287d82f7ca739b2c7637276d8f43748774e4755ecf2a177484c5adc
Analyzer Verdict Alert openphish Facebook, Inc.
GET /Facebook/wr1zxrk-G50.css HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: text/css
Content-Length: 1501
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: "638f5d38-5dd"
x-ray: p1111:0.000/wn22758:0.000/
Accept-Ranges: bytes
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6A2X2em6i7ZGyYFL5fVLBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LOBf62nMn2ggxfe8JRC0p2unJVE=
www.facebooks.org.ua/Facebook/LWFrgKrNwhY.js
185.104.45.145200 OK 94 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/LWFrgKrNwhY.js
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (18622)
Hash e784d71d9c77b4ca86f9729764dcc615
bfba4f36b09b44efcabe54198b26cfcd124a7861
1f0c61bd3f458af00f7a2e595da7e08db2019acf5b38e2beaca56bc6a25560b3
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/LWFrgKrNwhY.js HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-4e2db"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/dF5SId3UHWd.svg
185.104.45.145200 OK 1.1 kB URL HTTP/1.1 www.facebooks.org.ua/Facebook/dF5SId3UHWd.svg
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2384)
Hash e189b2a4d563299fae10012d423c19b6
8d71b1e04bece7ddc4ceaf14bf822f706fc4649d
2c1fd57a1e371308cd6e4863ace4b4c906f3606681738f3e329900304325df21
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /Facebook/dF5SId3UHWd.svg HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:45 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: W/"638f5d38-951"
x-ray: p1111:0.000/wn22758:0.000/
Content-Encoding: gzip
www.facebooks.org.ua/Facebook/hsts-pixel.gif
185.104.45.145200 OK 43 B URL HTTP/1.1 www.facebooks.org.ua/Facebook/hsts-pixel.gif
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Analyzer Verdict Alert openphish Facebook, Inc.
GET /Facebook/hsts-pixel.gif HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 01:48:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 15:18:16 GMT
ETag: "638f5d38-2b"
x-ray: p1111:0.000/wn22758:0.000/
Accept-Ranges: bytes
www.facebooks.org.ua/rsrc.php/v3/yK/r/kNYkizqJr9j.png
185.104.45.145404 Not Found 196 B URL HTTP/1.1 www.facebooks.org.ua/rsrc.php/v3/yK/r/kNYkizqJr9j.png
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert openphish Facebook, Inc.
GET /rsrc.php/v3/yK/r/kNYkizqJr9j.png HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.facebooks.org.ua/Facebook/hYZSPreW-_h.css
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 08 Dec 2022 01:48:45 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
x-ray: p1111:0.010/wn22758:0.000/wa22758:D=2847
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1417
Cache-Control: max-age=93201
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:48:45 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 03:42:06 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1417
Cache-Control: max-age=93201
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:48:45 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 03:42:06 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2757
Cache-Control: max-age=94541
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:48:45 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 04:04:26 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/y_/r/yuXZQk4LUL2.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 828 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y_/r/yuXZQk4LUL2.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1350)
Hash 2fe155095cb5686e908b46952db34035
ef59dfd22ec00daf0b87df60587446a1f588e4a9
bead1e83813076694618b6b212c7b85b196dfea4886d80ebcdadb0663c2aba0d
GET /rsrc.php/v3/y_/r/yuXZQk4LUL2.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 07 Dec 2023 19:04:37 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: L+FVCVy1aG6Qi0aVLbNANQ==
x-fb-debug: nRIZavs+W4pHQWc96IHF15+4UR1gxyNmTGiTkOj+MJbY5jJw0UkDAO0I+KRSPZ9vyWdEV7egl0TeSdd9VSjJ+w==
priority: u=3,i
content-length: 828
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yT/r/IISturdsBIu.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 11 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yT/r/IISturdsBIu.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (10494)
Hash b0f907083b90a32ed97bba1c89021318
875281dae2ed20e0798e1b9130554309e7b4375d
79df570f49fe4ecad21589794be95b410227c1bd3c257f1b1b3dec7f85ffb24f
GET /rsrc.php/v3/yT/r/IISturdsBIu.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 16:25:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: sPkHCDuQoy7Ze7ociQITGA==
x-fb-debug: 0786SxyPvO+yIGjnstDn/+896NOb+mY0kZ5x/Q3URnl3wr9WH3XyK5zNsy7orFwFjpgjjftfIhIz1VYss1IxJg==
content-length: 10990
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yd/r/LFJDMBbOfee.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yd/r/LFJDMBbOfee.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5542)
Hash 22fcf51d2087704b358c413b3663d7bf
09ab8e41fb31a48523224e3c07c6333685e4a385
b365f2110ef23a63d42cc101690a81a145993dae4332f604f3d4180fcd79adc6
GET /rsrc.php/v3/yd/r/LFJDMBbOfee.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 18:31:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Ivz1HSCHcEs1jEE7NmPXvw==
x-fb-debug: MIMNp2Dyxgnnbo/Xtp1uB4KgEsm2/3+3LAeOyw5DPzjzcIyi20g/sm0NkZnEEvAxo44zhcjJ5evepVtWcAOubA==
priority: u=3,i
content-length: 7289
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3i6l24/yI/l/ru_RU/Dn1P5ckmz0X.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3i6l24/yI/l/ru_RU/Dn1P5ckmz0X.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type exported SGML document, ASCII text, with very long lines (43749)
Hash ce44101a277bf2c0843a93bc2b59896d
4d59841b40a8a09d1c71aafc0d8080ff83965ab4
9634e101d1d7e48c9fac13b727c6919f0e45d2f2257c6fc391e1ec76db209cfb
GET /rsrc.php/v3i6l24/yI/l/ru_RU/Dn1P5ckmz0X.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 19:19:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: zkQQGid78sCEOpO8K1mJbQ==
x-fb-debug: PA2K0GJwBPCztm0PV/gHv8oAeqYpBru/2xWtL57XxAaMkRGhLoTnCaZzI18nt5eMTGHIhqWjTYzOb+DGEMSvUA==
content-length: 15482
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/qu9vi-bmWl3.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 2.9 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/qu9vi-bmWl3.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1747)
Hash c9bbd77181b1fcf7c7d8156dbd5de540
2350487ad41cf11b99d9ca8181c68831480bd83a
ca5549eb72b27073aa2a0120e2662bc396d96ebf8eef62d935ddf486752cfa7e
GET /rsrc.php/v3/y-/r/qu9vi-bmWl3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 18:31:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ybvXcYGx/PfH2BVtvV3lQA==
x-fb-debug: RJvTghmFodY10azL3zJlt8wswheL4CO06ppMsPEXd6zmmr80InGTefymoT6M1k49LpgkJbZIZHkCVah+jf1Sbg==
content-length: 2895
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/yb/r/hLRJ1GG_y0J.ico
157.240.200.14200 OK 4.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/yb/r/hLRJ1GG_y0J.ico
IP 157.240.200.14:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 8cddca427dae9b925e73432f8733e05a
1999a6f624a25cfd938eef6492d34fdc4f55dedc
89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
GET /rsrc.php/yb/r/hLRJ1GG_y0J.ico HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: jN3KQn2um5Jec0MvhzPgWg==
expires: Mon, 27 Nov 2023 03:40:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 1QWzE0XW5ftTFU8DqNQmUALJ9hZoHZoryFhA80jPpOyWzK1hk8NVKCIxHKd7sSEnCYrhSE0g0SKZ6ounrHyxGw==
priority: u=3,i
content-length: 4286
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1417
Cache-Control: max-age=93201
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:48:45 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 03:42:06 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/yC/r/p0bcnVbl1Lr.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 11 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yC/r/p0bcnVbl1Lr.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (9053)
Hash b850db8f9b8030cc236804e9785c05cc
fbc2ca4b518b04998c74868ee0301e413759ad75
59187e9fef33bc1842c12cebcdadb9d0cc0ca46b820d10b9590603d6ec08ad79
GET /rsrc.php/v3/yC/r/p0bcnVbl1Lr.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 18:31:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: uFDbj5uAMMwjaATpeFwFzA==
x-fb-debug: Hwi9FsYiS+Hq1dxJ0JbFZzowWLdD/2st4nBgaNoMSqyn40BVYwdppYjl++N769Mky49k4N4EVL0D5njoMj2HcA==
priority: u=3,i
content-length: 11277
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ye/r/j_uHdvkyoIZ.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 3.9 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ye/r/j_uHdvkyoIZ.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (3203)
Hash 35041c5dd4b42040875137839724a6af
453a8f2044e8b7169a34d9f638bdc30af1f5e870
d0c7f8492700da9c737997ad5203a4165370bcce24edffcb608fdebccfad4147
GET /rsrc.php/v3/ye/r/j_uHdvkyoIZ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 18:31:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NQQcXdS0IECHUTeDlySmrw==
x-fb-debug: NPbFtIBmSXLS3quzAfcmtpiieiR1v5M36HbXMyvrxcnFlCiX53V0jmoEfPRkE214A69Urhp9hU+CBWPS2607kQ==
priority: u=3,i
content-length: 3930
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/Sy7PDSbAImi.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/Sy7PDSbAImi.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4643)
Hash 3c06e10afc387ef08f7f2270830f3af5
d77bc5044f3f62877abf4e9b5d200c994c7438bf
938a936858ee8bbbb10123da1a2ce231a8f2a5a8c0ecd5d987b29cec15b7c1af
GET /rsrc.php/v3/y-/r/Sy7PDSbAImi.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 18:31:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PAbhCvw4fvCPfyJwgw869Q==
x-fb-debug: tEJmZblE7JKimuS1oqe+M4uCf7Qkq4jp2TvK8O4uHZf/6g79WyPj5NrcX/BrDRvhCCUh1YPWkNOoyo+k8p5yrg==
content-length: 7201
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yC/r/M08arqdo_nN.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 720 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yC/r/M08arqdo_nN.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1603)
Hash f00063cbfde798873cf63d2e1ac2572f
3b23466b07db2743e2541a141e4805b8dae7f173
9a8ebbc8b222a5ae1ff6652a2e47ca53be9c555cfe6548a778a1ecf08a245385
GET /rsrc.php/v3/yC/r/M08arqdo_nN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 27 Nov 2023 16:54:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 8ABjy/3nmIc89j0uGsJXLw==
x-fb-debug: DfpVjUXSsvpFVEgiy2EdTzCG+qS0Cdm51GZ3XQxkiYkcFWV4nQKsUi6F+tqIcJBp4nYkDGDfwDDQ/8eFyhxRkA==
priority: u=3,i
content-length: 720
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ye/r/lS9_2HUikEH.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 9.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ye/r/lS9_2HUikEH.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (7258)
Hash 9db0fc07a9f76fd6656445d3e39418dd
eb39fe3f59a2cf3040f42318147938b91fbc3e4f
8b2aaa29c31c0b5d1be146fd97f6966dd69a8bc82f2651fda710652ec8279f3a
GET /rsrc.php/v3/ye/r/lS9_2HUikEH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 18:31:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: nbD8B6n3b9ZlZEXT45QY3Q==
x-fb-debug: WlffJzjQhjA2WLAfvZxhMrg8KV+rF9YTHNAZ0HS3F7/2rdfzsgJ9Rawq+EByTIFxojalI+vkCWP/M9NSWSmLKA==
content-length: 9588
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/r/2X0xHj2P49v.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 9.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/r/2X0xHj2P49v.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4438)
Hash c3e06f5b3641b01a7e82827a05c3346b
1d8baa4e0c43ea2895cbf5404d7dddad88c7ca99
6f88796f565f8976afd4b35b3f9fa007aa935b553601a68adf6b37f9e5026497
GET /rsrc.php/v3/yW/r/2X0xHj2P49v.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 19:00:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: w+BvWzZBsBp+goJ6BcM0aw==
x-fb-debug: r2P0ruVNXs76oQxZatGG55ea7MogQo0xz+XoMstSPwhemCnCc52y73ClJPT0i/aYypaHYkExSqEwHLL4oXrNUQ==
content-length: 9188
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 13 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (32588)
Hash 34dd9849794de6e455b38c372e6af714
71d938f601eb56283143df5d367c46f1b25e3c4d
282985aa4c8e10951ed1b17f49a8e28b062187ac741c35bb5c6e6153dd7a27e6
GET /rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 14:48:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NN2YSXlN5uRVs4w3Lmr3FA==
x-fb-debug: BjWwMybphjKF7i2tNz88ofDeMvdVqRpDEItX4Awn6mZIJQvxczWrf5syk/H6BOOZy5l9h5HTWghyOD/kTjhB0A==
content-length: 13014
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebooks.org.ua/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5MKdwnU1oU884y0lW0SU2swdq0Ho2ew4Kw5rwSyE1582ZwrU19E&__hs=19332.BP%3ADEFAULT.2.0.0.0.0&__hsi=7174029600462488557&__req=1&__rev=1006690336&__s=jce48b%3A01wie6%3Amfv0n2&__spin_b=trunk&__spin_r=1006690336&__spin_t=1670333929&__user=0&dpr=1&jazoest=2917&lsd=AVrYYMOS7sA
185.104.45.145404 Not Found 196 B URL HTTP/1.1 www.facebooks.org.ua/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5MKdwnU1oU884y0lW0SU2swdq0Ho2ew4Kw5rwSyE1582ZwrU19E&__hs=19332.BP%3ADEFAULT.2.0.0.0.0&__hsi=7174029600462488557&__req=1&__rev=1006690336&__s=jce48b%3A01wie6%3Amfv0n2&__spin_b=trunk&__spin_r=1006690336&__spin_t=1670333929&__user=0&dpr=1&jazoest=2917&lsd=AVrYYMOS7sA
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert openphish Facebook, Inc.
POST /ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5MKdwnU1oU884y0lW0SU2swdq0Ho2ew4Kw5rwSyE1582ZwrU19E&__hs=19332.BP%3ADEFAULT.2.0.0.0.0&__hsi=7174029600462488557&__req=1&__rev=1006690336&__s=jce48b%3A01wie6%3Amfv0n2&__spin_b=trunk&__spin_r=1006690336&__spin_t=1670333929&__user=0&dpr=1&jazoest=2917&lsd=AVrYYMOS7sA HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Content-Type: multipart/form-data; boundary=---------------------------25662026839733382843969398353
Content-Length: 961
Origin: http://www.facebooks.org.ua
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 08 Dec 2022 01:48:45 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
x-ray: p1111:0.008/wn22758:0.010/wa22758:D=8663
static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (17932)
Hash 5b98e07045ca8a854cc251c5589c9a8c
5bf081390c53ab7e8189938e63098e8d7bbce3a0
1c1c815ddbda67edd699b03e86f8755fe5e09a2b435daf0191706e656a66a555
GET /rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 14:41:23 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: W5jgcEXKioVMwlHFWJyajA==
x-fb-debug: 91rSNm6kX3jHlXE+muVaZ4QzBM3Mo+RXA7vVlkuVjdrMvyFCHPbAJm4PgGEnImDHHlkl7h95aLNnB8DGp2Et6g==
content-length: 7497
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/xXDOO3oMCfl.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 9.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/xXDOO3oMCfl.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (7732)
Hash 544d77ebb9e2bdcbb0bf6a266081af0e
c0f62f4a212fb7998dcdc602e46453e0d9cf9668
d4e798354cdbfeed7a6ee6e11a872de9f331f642e06022074a8e4e2beeb4be58
GET /rsrc.php/v3/yH/r/xXDOO3oMCfl.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 27 Nov 2023 06:49:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VE1367nivcuwv2omYIGvDg==
x-fb-debug: S4DnZW8D90qOi5jm2BwvLmaAm8ry7M1B+H8PtGFPQEneAQ4Zg5g1PhkrfH0u2AsdoYOnq1eh8FfGSnFLis/dLw==
content-length: 9272
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iQyr4/yg/l/ru_RU/wfcbmQCMxG3.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 14 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iQyr4/yg/l/ru_RU/wfcbmQCMxG3.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (8741)
Hash c2d64efa8e3ee75041acef60a50fb96c
8e493f5e8427f5319d08eff821dafd9f9d32ea4b
7ea11275d229a4eaa88069009adb666543267ee8ad2133f381624ec7c65d365c
GET /rsrc.php/v3iQyr4/yg/l/ru_RU/wfcbmQCMxG3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 06 Dec 2023 00:13:39 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: wtZO+o4+51BBrO9gpQ+5bA==
x-fb-debug: sad+EgMduul/A7WK572WI23re3l1OwXcuJMSu73d7gaz0i2sj8hA79+com7IXv9IM5F3qX4V70KyQl7L+q+IRg==
priority: u=3,i
content-length: 13627
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y9/r/PvgsZ6D1RbV.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y9/r/PvgsZ6D1RbV.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (5828)
Hash bcc8aa41cd59575a330d4fd4e2c842a6
8894580479197aed6896bbaf2beab4db7eb64f57
3b082862abddeeee4842636a9a4c0e4921417dce36e9bc615457ec780750be92
GET /rsrc.php/v3/y9/r/PvgsZ6D1RbV.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 16:25:11 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: vMiqQc1ZV1ozDU/U4shCpg==
x-fb-debug: ps5N5+oReE3MRT9ah32nQOQJPneRO+HZJF8RVgvTQsJtgreaJLdz+CzO+n6+kYbIH+y5TFV6PZKOVc4JFI7JOA==
priority: u=3,i
content-length: 5087
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yY/r/iVBWJtU1mxB.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 803 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yY/r/iVBWJtU1mxB.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1204)
Hash 0cfd34ccf14dceb3a537e83f69dd39d6
f3fd5d84b60d292897898d03a5da493778d4b5fd
a7097039e06a74a68905d28ca6f9e8b82652393c6694452b0a80c8bcc1246135
GET /rsrc.php/v3/yY/r/iVBWJtU1mxB.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 05 Dec 2023 19:46:48 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: DP00zPFNzrOlN+g/ad051g==
x-fb-debug: R2WUQJPSOg/zbCG7mN08ZYlZ0Ai+b8p1t9NvdaPHGv2ykUEQhL5QffeKBC53DQv1q0snabrGcvQUu2YECCSoyQ==
content-length: 803
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yI/r/C3CnmLDYuAn.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yI/r/C3CnmLDYuAn.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (2772)
Hash 928afc675ee4f48bc1c04765c166303d
e78d91cae20f35bcee1a1bbd9fcf921de34e6f73
6db4b15fd648f31f107e891029ba17e3a66d164fd92ae9661a5778cdd1d74b86
GET /rsrc.php/v3/yI/r/C3CnmLDYuAn.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 19:30:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: kor8Z17k9IvBwEdlwWYwPQ==
x-fb-debug: lFdsqiI76GlAUQYHOAxmISFA9Mfm21kooz1xAdTe9IbPS4FGsaOd2habAU5PAR4kfU9kfmfXmuO3P2GlWbG6Cw==
priority: u=3,i
content-length: 1078
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/r/XRBIW2_mxwG.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/XRBIW2_mxwG.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1888)
Hash a49e21c0cef8efd5ead3036f7504971a
b4a64e0283e6331bbb84368e82f6e76b3b17c263
e2f0d1161025320bfffa73e1760e768b4a66f536b94bcb8532c82a77de4cd8ec
GET /rsrc.php/v3/yi/r/XRBIW2_mxwG.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.facebooks.org.ua
Connection: keep-alive
Referer: http://www.facebooks.org.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 07 Dec 2023 19:15:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: pJ4hwM7479Xq0wNvdQSXGg==
x-fb-debug: I3JtH7Q+V9ywGTCAOzHJswTw0JJ0cSAMwcIi/X+ZqwiXYr0BpAsv9B3KOQM4TpwT++BuSbSoJHVr3lhn0lTZSw==
priority: u=3,i
content-length: 1107
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 01:48:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9483
Expires: Thu, 08 Dec 2022 04:26:48 GMT
Date: Thu, 08 Dec 2022 01:48:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9483
Expires: Thu, 08 Dec 2022 04:26:48 GMT
Date: Thu, 08 Dec 2022 01:48:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9483
Expires: Thu, 08 Dec 2022 04:26:48 GMT
Date: Thu, 08 Dec 2022 01:48:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9483
Expires: Thu, 08 Dec 2022 04:26:48 GMT
Date: Thu, 08 Dec 2022 01:48:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 70624
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43fdc85bfd574fa803f0bcdc216ef622
27f558d5cdc150a50f080c054423500666b63d74
fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2DHUS5fGT4uoPPdjDXmHUOQVF93ULtO4zSHRmrx7KMu3lO0y0K9ag==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:24:13 GMT
age: 12272
etag: "27f558d5cdc150a50f080c054423500666b63d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9483
Expires: Thu, 08 Dec 2022 04:26:48 GMT
Date: Thu, 08 Dec 2022 01:48:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 7993
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00cdac5a7f801c10e53b8651ceb94c46
d83d7a30038bbf534c531c3786c3458c66d6504a
4d767e2c8aee11a230ecbb4c5c2339a65ca380e87b713f2ad6c1efc02df07238
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4565
x-amzn-requestid: 153e9d72-d9e1-498e-b74b-f4fad27f4efd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_pHs4oAMFYYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-44aa3006114060145bd0b16d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R18FvbBqHk-TVWaS2scvsqim40JdzbHScbg9ougAYX9zwLx91NoS0A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:01:22 GMT
age: 13643
etag: "d83d7a30038bbf534c531c3786c3458c66d6504a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2d14fc1b5d2e6d6f4751a2fe741b990
86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef
bfe88cb97ccec5af627853d0bbc02f4799c4b8a25a995c8578365cb5a2914d6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: c5f3e36b-87f1-4938-819c-7b1a6ec6bfeb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4BXHJ0oAMFaKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d5-15635f9a10d25d8c1d702bbd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zQXtGXxwwTmn7gMQQj5wM69mPzAmYXRyfTbYfgUovTGsS0y048GZDg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:06:53 GMT
age: 13312
etag: "86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0c8a8dbe6c3ae6eaa2e464296708f5c
98556b27bc3759d0ceb8200ff5bc7b9567e428a5
bfc64a0e18c0137360f746eca256f464e26d23a04521ea629c46ae50ea6af173
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 1f7fdd3d-1e65-46f7-8ef2-d164bf81e72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz4FtuIAMFjsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-4866b3fd61fdb35d34317038;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rKTosJz8cRhO0Bh2MpbFNF5gHtR5wecakD1UZvR2wZUaFRUQC6IW5Q==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:18:54 GMT
age: 66591
etag: "98556b27bc3759d0ceb8200ff5bc7b9567e428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebooks.org.ua/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5MKdwnU1oU884y0lW0SU2swdq0Ho2ew4Kw5rwSyE1582ZwrU19E&__hs=19332.BP%3ADEFAULT.2.0.0.0.0&__hsi=7174029600462488557&__req=2&__rev=1006690336&__s=jce48b%3A01wie6%3Amfv0n2&__spin_b=trunk&__spin_r=1006690336&__spin_t=1670333929&__user=0&dpr=1&jazoest=2917&lsd=AVrYYMOS7sA
185.104.45.145404 Not Found 196 B URL HTTP/1.1 www.facebooks.org.ua/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5MKdwnU1oU884y0lW0SU2swdq0Ho2ew4Kw5rwSyE1582ZwrU19E&__hs=19332.BP%3ADEFAULT.2.0.0.0.0&__hsi=7174029600462488557&__req=2&__rev=1006690336&__s=jce48b%3A01wie6%3Amfv0n2&__spin_b=trunk&__spin_r=1006690336&__spin_t=1670333929&__user=0&dpr=1&jazoest=2917&lsd=AVrYYMOS7sA
IP 185.104.45.145:0
ASN #200000 Hosting Ukraine LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert openphish Facebook, Inc.
POST /ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5MKdwnU1oU884y0lW0SU2swdq0Ho2ew4Kw5rwSyE1582ZwrU19E&__hs=19332.BP%3ADEFAULT.2.0.0.0.0&__hsi=7174029600462488557&__req=2&__rev=1006690336&__s=jce48b%3A01wie6%3Amfv0n2&__spin_b=trunk&__spin_r=1006690336&__spin_t=1670333929&__user=0&dpr=1&jazoest=2917&lsd=AVrYYMOS7sA HTTP/1.1
Host: www.facebooks.org.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebooks.org.ua/
Content-Type: multipart/form-data; boundary=---------------------------6718152003614902997251103740
Content-Length: 5546
Origin: http://www.facebooks.org.ua
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 08 Dec 2022 01:48:46 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
x-ray: p1111:0.172/wn22758:0.170/wa22758:D=164429
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cbac0c7e45d3f33c38dbf3af4de05ba
e9106fec14ddda290951c61eda64a69ada9a244a
98d3785eb167ea6bbba3782ab3cfd8cc9c7715f493265ac6d59494c00d3b002e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: bf2f33a6-7f13-4f5b-ba9c-da33282135b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERHFRSoAMFgYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb406-121af6ba1b7b6a3066ffa103;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yTLFIBUWHjudn2h6VKM79RUnXfuUTmQBkYSCFrRuY7_biVW5bEKZfA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 18:39:08 GMT
age: 25784
etag: "e9106fec14ddda290951c61eda64a69ada9a244a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2