Overview

URLcaseid100615086501986510269.firebaseapp.com/
IP 199.36.158.100 (United States)
ASN#54113 FASTLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-09 05:51:42 UTC
StatusLoading report..
IDS alerts0
Blocklist alert6
urlquery alerts No alerts detected
Tags None

Domain Summary (18)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ipapi.co (1) 195030 2017-01-31 09:07:01 UTC 2022-11-08 19:52:25 UTC 104.26.8.44
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
ocsp.pki.goog (3) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.82.48.240
cdn.jsdelivr.net (2) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.85.229
ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-11-09 00:12:28 UTC 142.250.74.138
caseid100615086501986510269.firebaseapp.com (2) 0 2022-11-08 02:45:05 UTC 2022-11-09 02:39:40 UTC 199.36.158.100 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-09 05:05:32 UTC 34.117.237.239
e1.o.lencr.org (2) 6159 No data No data 23.36.77.32
fbcaseid.100347856345073495.com (5) 0 2022-11-07 20:42:44 UTC 2022-11-09 02:53:37 UTC 172.67.178.26 Unknown ranking
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
ka-f.fontawesome.com (5) 3598 2019-12-17 06:36:13 UTC 2020-09-25 12:57:14 UTC 172.64.203.28
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
api.ipify.org (1) 3267 2015-05-03 03:57:18 UTC 2020-03-11 13:27:58 UTC 54.91.59.199
kit.fontawesome.com (1) 1868 2019-12-16 19:51:31 UTC 2020-10-22 17:14:21 UTC 104.18.23.52
ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-09 2 caseid100615086501986510269.firebaseapp.com/ Phishing
2022-11-09 2 caseid100615086501986510269.firebaseapp.com/ Phishing
2022-11-09 2 fbcaseid.100347856345073495.com/cdn-cgi/images/trace/jsch/js/transparent.gi (...) Phishing
2022-11-09 2 fbcaseid.100347856345073495.com/cdn-cgi/challenge-platform/h/b/orchestrate/ (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-09 2 caseid100615086501986510269.firebaseapp.com Sinkholed
2022-11-09 2 caseid100615086501986510269.firebaseapp.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.36.158.100
Date UQ / IDS / BL URL IP
2023-01-31 14:19:26 +0000 0 - 0 - 2 gov-uk-add.web.app/ 199.36.158.100
2023-01-31 14:18:48 +0000 0 - 0 - 8 defi-connector.firebaseapp.com/ 199.36.158.100
2023-01-31 14:10:34 +0000 0 - 0 - 2 ukgov-uk.web.app/ 199.36.158.100
2023-01-31 13:49:07 +0000 0 - 0 - 4 business-page-appeal-cf646.web.app/ 199.36.158.100
2023-01-31 12:47:18 +0000 0 - 0 - 2 xqjatsazuk.web.app/ 199.36.158.100


Last 5 reports on ASN: FASTLY
Date UQ / IDS / BL URL IP
2023-01-31 14:19:26 +0000 0 - 0 - 2 gov-uk-add.web.app/ 199.36.158.100
2023-01-31 14:18:48 +0000 0 - 0 - 8 defi-connector.firebaseapp.com/ 199.36.158.100
2023-01-31 14:10:34 +0000 0 - 0 - 2 ukgov-uk.web.app/ 199.36.158.100
2023-01-31 14:04:42 +0000 0 - 0 - 2 byochange.org/wp-admin/css/colors/light/wlsh0 (...) 151.101.194.159
2023-01-31 14:04:38 +0000 0 - 0 - 2 byochange.org/wp-admin/css/colors/light/wlsh0 (...) 151.101.194.159


Last 1 reports on domain: caseid100615086501986510269.firebaseapp.com
Date UQ / IDS / BL URL IP
2022-11-09 05:51:42 +0000 0 - 0 - 6 caseid100615086501986510269.firebaseapp.com/ 199.36.158.100


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-12 21:59:58 +0000 0 - 0 - 5 caseid100523456345345345.firebaseapp.com/ 199.36.158.100
2022-11-10 02:38:14 +0000 0 - 0 - 7 caseid1007859469834578546.web.app/ 199.36.158.100
2022-11-06 05:37:41 +0000 0 - 0 - 10 caseid10098510296320.web.app/ 199.36.158.100
2022-10-23 02:30:16 +0000 0 - 0 - 5 case10064209612945129645.web.app/ 199.36.158.100
2022-10-22 09:38:45 +0000 0 - 0 - 7 case10012016528156230526.firebaseapp.com/ 199.36.158.100

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (1)
#1 JavaScript::Write (size: 3575) - SHA256: 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515
< html > < head > < style > # pr1 {
    border: solid 2.715 px;border - color: green;padding: 3.98 px;margin - left: 12.12 px;
}
# pr2 {
    border: solid 2 px;border - color: purple;font - size: 30 px;margin - top: 200 px; - webkit - transform: skewY(23.1753218 deg); - moz - transform: skewY(23.1753218 deg); - ms - transform: skewY(23.1753218 deg); - o - transform: skewY(23.1753218 deg);transform: skewY(23.1753218 deg);
}
# pr3 {
    border: solid 2.89 px;border - color: orange;font - size: 45 px;transform: scale(100000000000000000000009999999999999.99, 1.89);margin - top: 50 px;
}
# pr4 {
    border: solid 2 px;border - color: silver;transform: matrix(1.11, 2.0001, -1.0001, 1.009, 150, 94.4); - webkit - transform: matrix(0.95559, 2.13329, -0.9842, 0.98423, 150, 95); - moz - transform: matrix(0.66371, 1.94587, -0.6987, 0.98423, 150, 103.238); - ms - transform: matrix(0.5478, 1.94587, -0.7383, 0.98423, 150, 100.569); - o - transform: matrix(0.4623, 1.83523, -0.6734, 0.81231, 150, 99.324);position: absolute;margin - top: 11.1331 px;margin - left: 12.1212 px;padding: 4.4545 px;left: 239.4141 px;top: 178.5050 px;
}
# pr5 {
    border: solid 2 pt;border - color: red;margin - left: 42.395 pt;
}
caption {
    border: solid 2 px;border - color: darkred;font - size: 20.99 px;margin - left: 20.8 px;
}
# pr6 {
    border: solid 2 px;border - color: darkblue; - webkit - transform: perspective(12890 px) translateZ(101.5 px); - moz - transform: perspective(12890 px) translateZ(101.5 px); - ms - transform: perspective(12890 px) translateZ(101.5 px); - o - transform: perspective(12890 px) translateZ(101.5 px);transform: perspective(12890 px) translateZ(101.5 px);padding: 12 px;
}
# pr7 {
    position: absolute;margin - top: -350.552 px;margin - left: 0.9099 rem;border: solid 2 px;border - color: burlywood;
}
# pr8 {
    position: absolute;margin - top: -150.552 px;margin - left: 15.9099 rem;border: solid 2 px;border - color: sandybrown;
}
# pr9 {
    position: absolute;margin - top: -110.552 px;margin - left: 15.9099 rem;border: solid 2 px;border - color: orchid;
}
# pr10 {
    position: absolute;margin - top: -315.552 px;margin - left: 15.9099 rem;border: solid 2 px;border - color: turquoise;
} < /style></head > < body > < div id = "pr1" > Ssss tttt < /div>       <div id="pr2">TTTT tttt</div > < div id = "pr3" > WW & nbsp & nbsp; & nbsp; & nbsp; & nbsp; & nbsp;
ssss tttt < /div>       <div id="pr4">vvvv sssss ttttt tttt</div > < table id = "pr5" > < caption > ttttt cccc tttt < /caption>         <thead>         <tr>             <th>tttt hhhh</th > < /tr>         </thead > < tbody > < tr > < td > tttt bbbb < /td>         </tr > < /tbody>     </table > < div id = "pr6" > ttttt pppp tttt tttt < /div>     <div id="pr7">         <select>         <option>sss ooo</option > < /select>     </div > < div id = "pr8" > < details > < summary > dddd ssss < /summary>         </details > < /div>     <div id="pr9">         <progress value="49" max="100"></progress > < /div>     <div id="pr10">         <button type="button"></button > < /div>     <script>parent._cf_gcr();</script > < /body></html >


HTTP Transactions (50)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: caseid100615086501986510269.firebaseapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         199.36.158.100
HTTP/1.1 301 Moved Permanently
                                        
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://caseid100615086501986510269.firebaseapp.com/
Accept-Ranges: bytes
Date: Wed, 09 Nov 2022 05:51:30 GMT
X-Served-By: cache-bma1662-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1667973091.805394,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2230
Expires: Wed, 09 Nov 2022 06:28:40 GMT
Date: Wed, 09 Nov 2022 05:51:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2197
Cache-Control: max-age=105377
Date: Wed, 09 Nov 2022 05:51:31 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:07:48 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4539
Expires: Wed, 09 Nov 2022 07:07:10 GMT
Date: Wed, 09 Nov 2022 05:51:31 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: caseid100615086501986510269.firebaseapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         199.36.158.100
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: max-age=3600
content-encoding: br
etag: "c7e747395889628d093dbe844e9b389c1852dc62a82747c76f52644e5d18ae22-br"
last-modified: Mon, 07 Nov 2022 18:26:58 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Wed, 09 Nov 2022 05:51:31 GMT
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667973091.054835,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 138
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   138
Md5:    52314e33aa285f3ffb4d0aa64c31714f
Sha1:   1a9c37c8f2ec81043137e6de57939d16ba205025
Sha256: 89b6b30f1e590d69b146dc8d1172c700db6371a0567f4bd42222d319a2adb3ee

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 8AjovnWGAvwKHkR5cizoqvcxUc/ldD2d5uSi5suq0Pzde6Z0kavaDx3bVdFT0fofByfJHQKVm1w=
x-amz-request-id: Y8ZTSK8310C9KBZ4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 05:11:36 GMT
age: 2395
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 09 Nov 2022 05:51:31 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /s/gts1d4int/xv7Q07ZM-NY HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 05:51:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "E5E368D9457316A4E696EE2FF57B350A36CC8C0874EA59439F2A3A8C2E17FC38"
Last-Modified: Mon, 07 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 09 Nov 2022 11:51:31 GMT
Date: Wed, 09 Nov 2022 05:51:31 GMT
Connection: keep-alive

                                        
                                            GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=767446ed6e150b59 HTTP/1.1 
Host: fbcaseid.100347856345073495.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fbcaseid.100347856345073495.com/?fbclid=1008541241204247520
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.178.26
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 09 Nov 2022 05:51:31 GMT
content-length: 42
last-modified: Tue, 08 Nov 2022 13:16:22 GMT
etag: "636a56a6-2a"
server: cloudflare
cf-ray: 767446eefec40b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 09 Nov 2022 07:51:31 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "E5E368D9457316A4E696EE2FF57B350A36CC8C0874EA59439F2A3A8C2E17FC38"
Last-Modified: Mon, 07 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 09 Nov 2022 11:51:31 GMT
Date: Wed, 09 Nov 2022 05:51:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4917
Cache-Control: max-age=103032
Date: Wed, 09 Nov 2022 05:51:31 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:28:43 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MdxPMpZkgp8hH1M9HzhihQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.82.48.240
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: w/EF0Crk0SaT2OqlxBTHoOXVWXk=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 843
Cache-Control: max-age=93941
Date: Wed, 09 Nov 2022 05:51:33 GMT
Etag: "636a088f-1d7"
Expires: Thu, 10 Nov 2022 07:57:14 GMT
Last-Modified: Tue, 08 Nov 2022 07:43:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /npm/bootstrap@4.4.1/dist/css/bootstrap.min.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fbcaseid.100347856345073495.com
Connection: keep-alive
Referer: https://fbcaseid.100347856345073495.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.4.1
x-jsd-version-type: version
etag: W/"26f1b-0wURD7eRE6lhOUtDPYUaNBA0K4w"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 05:51:33 GMT
age: 13928378
x-served-by: cache-fra19134-FRA, cache-bma1637-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23674
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65324)
Size:   23674
Md5:    31797921718705c3da1d6a8861211ab6
Sha1:   458e8d45976fd543e7933c24157a6675dfa0610d
Sha256: 57f3cf211e044d6778aac4aec7f690adfa7dc6a20001a4bec166859d9e184129
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 05:51:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fbcaseid.100347856345073495.com
Connection: keep-alive
Referer: https://fbcaseid.100347856345073495.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 05:51:33 GMT
age: 20119448
x-served-by: cache-fra19122-FRA, cache-bma1637-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22442
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65299)
Size:   22442
Md5:    84e585e508257b149cf52b5ba65dafba
Sha1:   141cd4a3560a4dd2b4fdf9e961079c300f494030
Sha256: 1a00d92371bb1b61d8fdce1473af8c69798eaa34ee7941f58babd75c8283d56d
                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fbcaseid.100347856345073495.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.138
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 09:16:48 GMT
expires: Fri, 03 Nov 2023 09:16:48 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
age: 506085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   31017
Md5:    7808e0e4b7a714230373852158500533
Sha1:   4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
Sha256: 8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 05:51:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "80390807D99A0F5A2E1EF2CED03A534D5E25DEB8"
Expires: Wed, 09 Nov 2022 16:00:00 GMT
Last-Modified: Wed, 09 Nov 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2170
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767446f7bec7b515-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    bc0eee3dc180cb27f2860d92c3de88c1
Sha1:   c8c8b45e613b0c4baab8fb1a7484ae1f461dd0a0
Sha256: 434d47f259e03bf5afcab3b7331f4ae75c6d76c4bedd198f089cea6b604cf4d5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 05:51:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5942
Cache-Control: max-age=122085
Date: Wed, 09 Nov 2022 05:51:33 GMT
Etag: "636a6294-117"
Expires: Thu, 10 Nov 2022 15:46:18 GMT
Last-Modified: Tue, 08 Nov 2022 14:07:16 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5942
Cache-Control: max-age=122085
Date: Wed, 09 Nov 2022 05:51:33 GMT
Etag: "636a6294-117"
Expires: Thu, 10 Nov 2022 15:46:18 GMT
Last-Modified: Tue, 08 Nov 2022 14:07:16 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2608
Cache-Control: max-age=118751
Date: Wed, 09 Nov 2022 05:51:33 GMT
Etag: "636a6294-117"
Expires: Thu, 10 Nov 2022 14:50:44 GMT
Last-Modified: Tue, 08 Nov 2022 14:07:16 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5942
Cache-Control: max-age=122085
Date: Wed, 09 Nov 2022 05:51:33 GMT
Etag: "636a6294-117"
Expires: Thu, 10 Nov 2022 15:46:18 GMT
Last-Modified: Tue, 08 Nov 2022 14:07:16 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5942
Cache-Control: max-age=122085
Date: Wed, 09 Nov 2022 05:51:33 GMT
Etag: "636a6294-117"
Expires: Thu, 10 Nov 2022 15:46:18 GMT
Last-Modified: Tue, 08 Nov 2022 14:07:16 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1252
Cache-Control: max-age=104391
Date: Wed, 09 Nov 2022 05:51:33 GMT
Etag: "636a2fc8-118"
Expires: Thu, 10 Nov 2022 10:51:24 GMT
Last-Modified: Tue, 08 Nov 2022 10:30:32 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /releases/v6.2.0/webfonts/free-fa-solid-900.woff2 HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fbcaseid.100347856345073495.com
Connection: keep-alive
Referer: https://fbcaseid.100347856345073495.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.203.28
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Wed, 09 Nov 2022 05:51:33 GMT
content-length: 150456
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:15:00 GMT
etag: "822fa3f2f51f169c970f713b88158737"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 d32d70ba49809b2292cca689969507a0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: KpuhAYUkuDjhGw2HxeuFbV7Fb7OLVPZE_A5Ha6ZhqYcMcZ8qUxhHug==
age: 10668
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa9OQ1x3EkIxLela8ExI88TfRLqO%2B%2BWpUMHQcs5mLv5e8%2BXMYrea4jduD9CRmvYMXRgGHB4AL40tDgRK98hvGjzoJs1OehfNIv%2FzAtiiEM9vequo44OCORDN2vmBDIJBXM%2F3lgvnUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767446fa7a4d72fc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 150456, version 770.256\012- data
Size:   150456
Md5:    822fa3f2f51f169c970f713b88158737
Sha1:   74b5ddde927a0f84883fed55a65ffbb6ada11761
Sha256: ad28ece0bf48b1488c82aaf700201d7f6b56a62e11b5b6a0a12481780c8a3417
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Wed, 09 Nov 2022 08:30:54 GMT
Date: Wed, 09 Nov 2022 05:51:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Wed, 09 Nov 2022 08:30:54 GMT
Date: Wed, 09 Nov 2022 05:51:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Wed, 09 Nov 2022 08:30:54 GMT
Date: Wed, 09 Nov 2022 05:51:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Wed, 09 Nov 2022 08:30:54 GMT
Date: Wed, 09 Nov 2022 05:51:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Wed, 09 Nov 2022 08:30:54 GMT
Date: Wed, 09 Nov 2022 05:51:33 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3916060e-035b-48ef-a0bc-a1a576044b3f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9643
x-amzn-requestid: 6e80479a-3819-4a7e-98b1-99f44f45c5bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTUhGNyIAMFVlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1c-5eb7853c191277c436bad941;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3Xsxt0yJh-v_RL3WturGvjl4T1Vc15RXpPUUKxq8WxePS0UDTHy9A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:44:13 GMT
etag: "d54538f8ecf22b03d58589a1bb76a4b292c3072f"
age: 29240
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9643
Md5:    e9c81b1a820a09138444dd6a55e6bcf6
Sha1:   d54538f8ecf22b03d58589a1bb76a4b292c3072f
Sha256: 2a3f0de4886061792d159e72f7608b27a9e1071486cbbfc3b0900fc2cd229a44
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5sq7XRYInS334VVDEtCJNlf_O9FTHn2G4u-WAIygFZ-SALN0flMwew==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:14 GMT
age: 28159
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8154
Md5:    c69b19d2273c3ade32fd0797921c0459
Sha1:   8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
Sha256: d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6272
x-amzn-requestid: 7287a2fe-853d-497f-a63e-1d521dd5326e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3dSGEIIAMF7Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2bb-4c6803ad2d4ea46e68abd386;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EkLfQ2GJ8U9Zm5lJlAv3cCtg-5hbjNCd_8BViMjpzvNHo8tJjQ3ZbA==
via: 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:36:18 GMT
age: 72915
etag: "16f1e048895ed1ee0c0c071e3939e741113e4969"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6272
Md5:    11ef1d34ac2d42662fe53fc58c882fdf
Sha1:   16f1e048895ed1ee0c0c071e3939e741113e4969
Sha256: 61c42bae12654cf9bd1e7ca0f616164ff4139dc470fb6c1033176374444d6bda
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F279f7462-fb18-450d-9aa4-9167af2f9e3a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13684
x-amzn-requestid: 014aff7c-c59a-43ef-bd22-aa09f24c514d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bA1h3EtKoAMFpGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6363693e-2dfb305543140ca8031b2b0d;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 07:09:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vx2TzHAu1i_ssXsmaDhTnmWI3ZggvRUZgY3SOqDd44nMcihgj9U-Yw==
via: 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 00:22:21 GMT
age: 19752
etag: "a75c5224b4918c2b0db2cf8bddcb509bbc7909ba"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13684
Md5:    72636ec65cb199dbc4efa2b7eda450cb
Sha1:   a75c5224b4918c2b0db2cf8bddcb509bbc7909ba
Sha256: dd2b43d2189ac8dd0369a32cad3c3c746a282f06783ca2666eab350ce7bcffbe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 84212
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10462
Md5:    4e2853cc6ec6223160471401e6871f4b
Sha1:   f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
Sha256: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12510
x-amzn-requestid: ad966326-25a8-44df-880a-608572bf2538
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTuExNIAMFilA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-4eaa4fda178720702d9a9583;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xombu_yzlbxHa6C2uPHFwR_ufnmPaEMna2B1rkj71iyxBe8J5QJQ5g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "1105130523fb346dbab9ad2bb8d71c3f505425ce"
age: 29282
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12510
Md5:    e3d20f900a883cec8e0cab687df8a251
Sha1:   1105130523fb346dbab9ad2bb8d71c3f505425ce
Sha256: b5ade9b1302479c4589eb659125d0111c55bb4520d72501cc47b295fd65e8a6e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 05:51:33 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 06 Nov 2022 09:46:08 GMT
Expires: Sun, 13 Nov 2022 09:46:07 GMT
Etag: "9dd3aaf28a79d9b2508f159fa5fadf9038d3bb0b"
Cache-Control: max-age=359073,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767446fb8ea8b50b-OSL

                                        
                                            GET /?format=json HTTP/1.1 
Host: api.ipify.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fbcaseid.100347856345073495.com
Connection: keep-alive
Referer: https://fbcaseid.100347856345073495.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.91.59.199
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://fbcaseid.100347856345073495.com
Vary: Origin
Date: Wed, 09 Nov 2022 05:51:33 GMT
Content-Length: 21
Via: 1.1 vegur


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   21
Md5:    7d69c71af0f191e9a72db6153f8018d1
Sha1:   f67c5f2887bc05654b47f76e9621e53a4091aed1
Sha256: 5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: fbcaseid.100347856345073495.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fbcaseid.100347856345073495.com/?fbclid=1008541241204247520
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.178.26
HTTP/2 404 Not Found
content-type: text/html
                                        
date: Wed, 09 Nov 2022 05:51:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KiG6ZAY0u4A4yWK7ugNKIqT0eeL9RmcYNLrHupEeXRY14Enm9CuHPzqgpnSzsZoAEyZXxDUxw9G4c0HVPTW1HoV%2BPKsSZFqLTekc0hYE%2FUN%2BgVVEqTxVRY3ZDTEP6X9BR16Gn%2B8m7kp0hwNsinbkHk2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767446eeae920b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /83fd8385f7.js HTTP/1.1 
Host: kit.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fbcaseid.100347856345073495.com
Connection: keep-alive
Referer: https://fbcaseid.100347856345073495.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.18.23.52
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 09 Nov 2022 05:51:33 GMT
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyVoKgPlTRUxiP0FQpMh
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 767446f78bc10afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v6.2.0/css/free-v4-shims.min.css?token=83fd8385f7 HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fbcaseid.100347856345073495.com/
Origin: https://fbcaseid.100347856345073495.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.203.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 09 Nov 2022 05:51:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"58dea8f45bf2685132179a837507637a"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15c672a1a96e298467d88307b9c85a7a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: AotS_K_9E1zJ_CVmUXo0e6J8LdHjikDWq3YOtG3diu6TnzJaapyBgA==
age: 10668
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esexkNDk%2FWWyh7Sed9CkzYkN29Sio8ntxYQkhW2voKqCrKqKWeqifRdT8du6Cq5xlJCCFUW88RcuwoTg%2BXBlYUAAgL04SkMk4%2FH46PDWEATkixuValpdWMXEjnlAiEH5T%2F0pCrD1tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767446f999da72fc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v6.2.0/css/free-v4-font-face.min.css?token=83fd8385f7 HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fbcaseid.100347856345073495.com/
Origin: https://fbcaseid.100347856345073495.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.203.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 09 Nov 2022 05:51:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"a0adfe3c7bd1fa905b7f3b5ecea27889"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0b7c0b1558a44a398a2a995ce531093a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: Lqmbae0kzHTf9y0ALf0-37q4mMd6WYxBI_GPmOSafTMa8_VBrihjhA==
age: 10668
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwnx%2BnR1QypdhjrbihHbD%2BuhMLqU9Hlret0Zk1xCN9vnJHKfT9OsGxBiInN6xV9EwSqgU%2Fru1xNZIKafya7z3fiA7oFlKamkHQ4fpg%2FwCfZN1gRptoGMapzBsyjWiCBiotwmCtkCDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767446f9a9e672fc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /json/ HTTP/1.1 
Host: ipapi.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fbcaseid.100347856345073495.com
Connection: keep-alive
Referer: https://fbcaseid.100347856345073495.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.26.8.44
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 09 Nov 2022 05:51:33 GMT
allow: GET, POST, OPTIONS, OPTIONS, HEAD
x-frame-options: DENY
vary: Host, Origin
access-control-allow-origin: https://fbcaseid.100347856345073495.com
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnDiJwPBbL7OAXe6eJYQorqpAPN3wal4Lcjrf14ILckCERo1%2BVufN%2Fdg4N%2B1Vz07n3tlF%2Bpx3uN1%2FCWO2eGxcR8RslrR725aFrFguvhvXg3g5k%2FK4PGkiwrf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767446fa2c68b529-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?fbclid=1008541241204247520 HTTP/1.1 
Host: fbcaseid.100347856345073495.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.67.178.26
HTTP/2 503 Service Unavailable
content-type: text/html; charset=UTF-8
                                        
date: Wed, 09 Nov 2022 05:51:31 GMT
x-frame-options: SAMEORIGIN
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFFFHMfd%2Fya4zJsKg3rvBI2s60CiYtctBCOVh6WgP0qJXY5dsPHFg%2FHY%2FndtAiu6dqeCuvfXOTXu8goTUrXIL0wrSecOr5Ag79GB%2B6ZVDt%2FOiocWqhWvMct3u1ZLmnaCSNHlFiNkSmTRepuyx7JVzTUm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767446ed6e150b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn-cgi/styles/challenges.css HTTP/1.1 
Host: fbcaseid.100347856345073495.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fbcaseid.100347856345073495.com/?fbclid=1008541241204247520
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.178.26
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 09 Nov 2022 05:51:31 GMT
last-modified: Tue, 08 Nov 2022 13:16:22 GMT
etag: W/"636a56a6-1896"
server: cloudflare
cf-ray: 767446eeae8f0b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 09 Nov 2022 07:51:31 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=767446ed6e150b59 HTTP/1.1 
Host: fbcaseid.100347856345073495.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fbcaseid.100347856345073495.com/?fbclid=1008541241204247520&__cf_chl_rt_tk=pVmMW4f7HqDPXY800aw7KmlfHv3er2czok_Wy0HecK8-1667973091-0-gaNycGzNCD0
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.178.26
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 09 Nov 2022 05:51:31 GMT
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TG9d%2BUKF%2FTw1tkc1mpZLv%2F0%2FBEX0nS%2Fv73qj3SgKYUdhYY0OqnHM7QX5Fe94veS9Z0YpY%2BhNN%2BJDpIQfM0%2F1L0aDHW%2Fb%2FmMrbwT0Vt7ATfrCTlAg6bqUnHI1cG%2FaQxm80frRSalm8uLNZErNj8xSM3e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767446ef0ed50b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /releases/v6.2.0/css/free.min.css?token=83fd8385f7 HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fbcaseid.100347856345073495.com/
Origin: https://fbcaseid.100347856345073495.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.203.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 09 Nov 2022 05:51:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"0fb4e5b70c498af98f246511192b899d"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: PB9OD_6QO6hsMMzR_6_2H8v8IlVc3aFRKHMQtoHrPGXu3OjmSdVgWw==
age: 10668
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqfLNnd9rCttE1f2R922J7FDhGq1sGKcJUdrqye4Nug6Gorjx58pIS0a6qiC6Q0Gmz6LxnyxINaXmxvUG6aDs08XfAerWNjvJFSNtIxHsnHp4OqAWppT2DNNjRwpArDf4Q%2BBnDiYJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767446f989d472fc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v6.2.0/css/free-v5-font-face.min.css?token=83fd8385f7 HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fbcaseid.100347856345073495.com/
Origin: https://fbcaseid.100347856345073495.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.203.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 09 Nov 2022 05:51:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"e2e288c32f411dc30c0c399302a30654"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 1a90e35556d32f8d77b4627833b2e76c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: IkaskS1VKC4NomEGY_OhkcwtnwHoGaeSqtZVIYAm4GXFnwfJ79hjwQ==
age: 10668
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9Esb68bAg6JUmLxlwNJRF%2B2ALNzg7sAcNHoAnQ%2BFyuYghd%2Bmgy6nDBHPt6Y4NBCpLmKRcFZkyCoCLYYGAuKc178wP9RK0gwLrPdCJuB2fO1vdFWS0zfxbHi%2Fz7WsOARf9ScbJnH4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767446f999d972fc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---