r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd2bda30513692aa11a672c6a599935d
a944c3aa26b461063194a4bb95ce427d23a32d03
d975d1eab40c9fe4986ae0675d79e4f982eb9c0e2f503ca72b3bdf0ec9e7dfdc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D975D1EAB40C9FE4986AE0675D79E4F982EB9C0E2F503CA72B3BDF0EC9E7DFDC"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3804
Expires: Wed, 28 Dec 2022 19:15:18 GMT
Date: Wed, 28 Dec 2022 18:11:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 259d3eba2ac4ea32f0410a59bd01c18a
ab02cd69e6c04e3842ad1778fb0daa6d0e86fddc
0d6ec941dac6d97a0b24c0cf00a5642a4edda68ae5ec8b3019d1ec05f40d2281
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D6EC941DAC6D97A0B24C0CF00A5642A4EDDA68AE5EC8B3019D1EC05F40D2281"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10305
Expires: Wed, 28 Dec 2022 21:03:39 GMT
Date: Wed, 28 Dec 2022 18:11:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b2d59bdbb1ca6324590988ec031cf1fc
bfd4e25af37dcde4bac38d9b178c5ac8e50f8834
cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4483
Expires: Wed, 28 Dec 2022 19:26:37 GMT
Date: Wed, 28 Dec 2022 18:11:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 28 Dec 2022 17:46:47 GMT
content-type: application/json
age: 1507
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: T6b8t3fuF49SIaOYyFdKyQMGEHPYXSllrgHJNPtnp5/vRnPdrdtbiqozlsBmOYUabRlRpIT1c3c=
x-amz-request-id: 9F3KK5K9RYH7R05D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Dec 2022 17:58:25 GMT
age: 809
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Dec 2022 18:11:54 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 40228c3870ceeb7093a2772f3060e216
f7959164a408f6a17910910208902ac159195015
b28d77a026f3d0062bb8b391e115e5b5ba6af458773b914de0e13d6026b7846a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B28D77A026F3D0062BB8B391E115E5B5BA6AF458773B914DE0E13D6026B7846A"
Last-Modified: Wed, 28 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Thu, 29 Dec 2022 00:11:25 GMT
Date: Wed, 28 Dec 2022 18:11:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 28 Dec 2022 18:08:08 GMT
age: 226
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 125553386d49a0b56facb82deab9bd9f
1a7480b79f4aada477fb5919794f6efd6d44921e
6f3f4223d3c994dd4754df67a11298d736e16f888f301ad2838d0b4db1ac01d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 512
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:11:55 GMT
Last-Modified: Wed, 28 Dec 2022 18:03:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RqzIspjCI/Y+vaMfUOuijg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NgbNvilCmqiM4GCmXAQrS3PVAEQ=
www.support-facebook.me/
200 OK 13 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10587), with CRLF, LF line terminators
Hash aee1728c7468ab62e989019be896755d
6570126d3373ec88eb561e2da74c8365d39662bd
8e62774afdbfebfbfc01cc9f8de765977f8b88b715e11c4b8b9a0871b4fc4fdd
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 18:11:55 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.support-facebook.me
language=en; expires=Wed, 11-Jan-2023 18:11:55 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"0e7ca9ec995ed5af221af093066e585e-gzip"
Content-Encoding: gzip
X-Host: grn22.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 13083
Keep-Alive: timeout=10, max=61
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/css/sites.css?buildTime=1671221571
200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1671221571
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1671221571 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 16 Dec 2022 19:54:14 GMT
etag: W/"639ccce6-347ac"
expires: Fri, 30 Dec 2022 20:15:50 GMT
cache-control: max-age=1209600
x-host: blu25.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:11:55 GMT
age: 1029365
x-served-by: cache-sjc10036-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 41, 851
x-timer: S1672251116.644067,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29746
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Lato/font.css?2
200 OK 365 B URL HTTP/2 cdn2.editmysite.com/fonts/Lato/font.css?2
IP
Hash f6aec8855300407d88c732db5b97c3cf
a6a4c862f86744cbf3f5477e830c9f80ab986eaf
6f00c364d20ef3193c0b008183501117dec28fe7a538ccebdc4492f5c9b281d3
GET /fonts/Lato/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 12 Dec 2022 18:45:57 GMT
etag: "639776e5-a0c"
expires: Thu, 29 Dec 2022 18:06:26 GMT
cache-control: max-age=1209600
x-host: blu142.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:11:55 GMT
age: 1123528
x-served-by: cache-sjc10040-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 58, 14
x-timer: S1672251116.644234,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 365
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/jquery-1.8.3.min.js
200 OK 34 kB URL HTTP/2 cdn2.editmysite.com/js/jquery-1.8.3.min.js
IP
File type ASCII text, with very long lines (65483)
Hash 67a5a77f65f13559b3d723829f2e0108
5e861ec7c2993abffc3591d6132c47bc7cdc3e98
ac4ffabaed7382810a3829d812e1a45c77984a1dbfaf7d172c8bc19b3cf68ca6
GET /js/jquery-1.8.3.min.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 16 Dec 2022 19:54:04 GMT
etag: "639cccdc-16dc4"
expires: Tue, 10 Jan 2023 23:08:14 GMT
cache-control: max-age=1209600
x-host: grn127.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:11:55 GMT
age: 68621
x-served-by: cache-sjc10032-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 19, 446
x-timer: S1672251116.644535,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1671221571&
200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1671221571&
IP
File type ASCII text, with very long lines (65024)
Hash 58a9c1c02a5743ff2107715d041d28b7
619d9394e8b3afce9f9cc066b924ddb5d3265265
98b8090e2292b69bb8ad0ef4082f55458b891130ee6b3d9c6fce5075eec64dbf
GET /js/lang/en/stl.js?buildTime=1671221571& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 16 Dec 2022 19:53:10 GMT
etag: "639ccca6-2c22a"
expires: Fri, 30 Dec 2022 20:13:42 GMT
cache-control: max-age=1209600
x-host: grn43.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:11:55 GMT
age: 1029493
x-served-by: cache-sjc10058-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 40, 368
x-timer: S1672251116.644728,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32800
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/fancybox.css?1671221571
200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1671221571
IP
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1671221571 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 16 Dec 2022 19:54:20 GMT
etag: "639cccec-f47"
expires: Fri, 30 Dec 2022 20:13:50 GMT
cache-control: max-age=1209600
x-host: blu87.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:11:55 GMT
age: 1029486
x-served-by: cache-sjc10059-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 53, 733
x-timer: S1672251116.652665,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/social-icons.css?buildtime=1671221571
200 OK 1.6 kB URL HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1671221571
IP
File type ASCII text, with very long lines (13080)
Hash 03f309e96ce0dd83ba8f7754ff3cf854
778de49f4961a2b63912c3aebc2f45444df76b63
6f5dfae580d7ee9bb236fca05f0562f1e6a5fa5362c6607a0aab3e1c2d483192
GET /css/social-icons.css?buildtime=1671221571 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 16 Dec 2022 19:54:14 GMT
etag: W/"639ccce6-3319"
expires: Fri, 30 Dec 2022 20:13:42 GMT
cache-control: max-age=1209600
x-host: grn146.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:11:55 GMT
age: 1029493
x-served-by: cache-sjc10046-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 73, 655
x-timer: S1672251116.653438,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1638
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Roboto_Slab/font.css?2
200 OK 304 B URL HTTP/2 cdn2.editmysite.com/fonts/Roboto_Slab/font.css?2
IP
Hash 003d5d93370166e86a9572666ccd51a3
d89367a46675b3f14642b743d5f235521b15ed2c
7df9d52bddfc6f86bc6d1281f22de2a1d9c3a798dccd39228edef8238911b367
GET /fonts/Roboto_Slab/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 12 Dec 2022 18:45:57 GMT
etag: "639776e5-4ff"
expires: Thu, 29 Dec 2022 11:29:04 GMT
cache-control: max-age=1209600
x-host: grn97.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:11:55 GMT
age: 1147372
x-served-by: cache-sjc10074-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-timer: S1672251116.655892,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 304
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Montserrat/font.css?2
200 OK 276 B URL HTTP/2 cdn2.editmysite.com/fonts/Montserrat/font.css?2
IP
Hash 559eefb63fcae2a3f85471dd3903016a
5e4a9f5b529f2f6d2ee1de511231f856e673066c
09110f0d179c52677e2caf24d4bad70e5d717acb2eff2887ac36dbc1d9583fae
GET /fonts/Montserrat/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 12 Dec 2022 18:45:57 GMT
etag: "639776e5-354"
expires: Thu, 29 Dec 2022 18:07:57 GMT
cache-control: max-age=1209600
x-host: blu20.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:11:55 GMT
age: 1123439
x-served-by: cache-sjc10070-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 15, 379
x-timer: S1672251116.659627,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 276
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1671221571
200 OK 146 kB URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1671221571
IP
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1671221571 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 16 Dec 2022 19:54:38 GMT
etag: "639cccfe-74804"
expires: Fri, 30 Dec 2022 20:15:50 GMT
cache-control: max-age=1209600
x-host: blu13.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:11:55 GMT
age: 1029365
x-served-by: cache-sjc10073-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 43, 3
x-timer: S1672251116.645009,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP
Hash 1ea9ecc642f77aa2915c170008cc1842
ca06f1cd864cad23a74b48c9cbcfca9abf74b7e2
dd489d4ef214be423d2a42a5e36b0328b1aa81b09c5c3eec25c95b3173704194
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 18:11:55 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "031D51415D2F22CB1B3A0131FC6131DC6D4A3819"
Expires: Thu, 29 Dec 2022 05:00:00 GMT
Last-Modified: Wed, 28 Dec 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3241
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 780c42e15ffa0b55-OSL
www.support-facebook.me/files/main_style.css?1672124484
200 OK 9.7 kB URL HTTP/1.1 www.support-facebook.me/files/main_style.css?1672124484
IP
File type ASCII text, with very long lines (658)
Hash 23eb26282fe99234d206b3d138d073e3
a1fdbdfb3aaf5fe4db6267698faf12611c9f8106
035c8c3123ead5e84c01d5b14f86fc65b7ae8cb3aee7bdd88b911739ba7bd7a4
GET /files/main_style.css?1672124484 HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu49.sf2p.intern.weebly.net
Content-Encoding: gzip
www.support-facebook.me/files/theme/plugins.js?1620848883
200 OK 16 kB URL HTTP/1.1 www.support-facebook.me/files/theme/plugins.js?1620848883
IP
Hash 43e6b0bb6eb6524188831a282f7656d7
44e73fe367fc1fb8efee7eefac557b7d76ef0f44
9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/plugins.js?1620848883 HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001b6b5e9-0062847b2f-b9fbc63-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: blu81.sf2p.intern.weebly.net
Content-Encoding: gzip
www.support-facebook.me/files/theme/custom.js?1620848883
200 OK 4.7 kB URL HTTP/1.1 www.support-facebook.me/files/theme/custom.js?1620848883
IP
Hash 30320af4f4bb41ca587e30e14a7a3ec9
fb7642d04eca677c52af436a435296babc5b8d7b
5d62fb6d4d16a02fd186fa6de15ba066e1c08fbefbb4ed5e27b34a2d1db5071e
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/custom.js?1620848883 HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 17 Feb 2021 21:38:17 GMT
x-rgw-object-type: Normal
ETag: W/"4ce038724a40ec81eb18052a42ac3a14"
x-amz-request-id: tx0000000000000019f01fa-0061a7c004-a9f41e7-sfo1
X-Storage-Bucket: zd0bf
X-Storage-Object: d0bf460e9dd7055f37aa91f8337e25a2027aaceac8c200169560da44c107e229
X-Host: grn73.sf2p.intern.weebly.net
Content-Encoding: gzip
www.support-facebook.me/files/theme/debounce.js?1620848883
200 OK 634 B URL HTTP/1.1 www.support-facebook.me/files/theme/debounce.js?1620848883
IP
Hash e33bebf8099afdfb9bbf5b507ad3ebc0
cdb2f7f1c6a4d06125f3597fbf6497f84e74f5e9
7216242f8c517b165607eeaaebfa4cc1cd7883db96f7f61e71cc66e58c586092
GET /files/theme/debounce.js?1620848883 HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: application/javascript
Content-Length: 634
Connection: keep-alive
Last-Modified: Wed, 17 Feb 2021 21:38:17 GMT
x-rgw-object-type: Normal
ETag: "e33bebf8099afdfb9bbf5b507ad3ebc0"
x-amz-request-id: tx000000000000002509d38-00628501bb-b9fbc29-sfo1
X-Storage-Bucket: z7216
X-Storage-Object: 7216242f8c517b165607eeaaebfa4cc1cd7883db96f7f61e71cc66e58c586092
X-Host: grn14.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/files/templateArtifacts.js?1672124484
200 OK 1.6 kB URL HTTP/1.1 www.support-facebook.me/files/templateArtifacts.js?1672124484
IP
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
GET /files/templateArtifacts.js?1672124484 HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn141.sf2p.intern.weebly.net
Content-Encoding: gzip
www.support-facebook.me/files/theme/jquery.pxuMenu.js?1620848883
200 OK 3.6 kB URL HTTP/1.1 www.support-facebook.me/files/theme/jquery.pxuMenu.js?1620848883
IP
File type HTML document, ASCII text
Hash 5b4646438d633556595e8756bf1f0e50
df53158986d51373d8552cf584c04a378a1b1f3c
8443559dc67ae697aa7d66951e6d2f360eb01ce75b4323925bc695a84a8c6004
GET /files/theme/jquery.pxuMenu.js?1620848883 HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: application/javascript
Content-Length: 3583
Connection: keep-alive
Last-Modified: Wed, 17 Feb 2021 21:38:17 GMT
x-rgw-object-type: Normal
ETag: "5b4646438d633556595e8756bf1f0e50"
x-amz-request-id: tx00000000000000257d084-006285076a-b9fbc64-sfo1
X-Storage-Bucket: z8443
X-Storage-Object: 8443559dc67ae697aa7d66951e6d2f360eb01ce75b4323925bc695a84a8c6004
X-Host: blu81.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/files/theme/jquery.revealer.js?1620848883
200 OK 2.8 kB URL HTTP/1.1 www.support-facebook.me/files/theme/jquery.revealer.js?1620848883
IP
Hash c22ab67199a33d876512504cda4ff55b
36e96eae4644b6028532974fe5186a072792cb37
c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/jquery.revealer.js?1620848883 HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: application/javascript
Content-Length: 2828
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 13:57:33 GMT
x-rgw-object-type: Normal
ETag: "c22ab67199a33d876512504cda4ff55b"
x-amz-request-id: tx000000000000001e5af42-006284ac15-b9fbc64-sfo1
X-Storage-Bucket: zc4cd
X-Storage-Object: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
X-Host: grn14.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/div_2_orig.jpg
200 OK 647 B URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/div_2_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 96x7, components 3\012- data
Hash bf2df85a61abcae14325fa0976ff8d51
dca85e6da5e7ad379656b637176706fa8d6699a4
78226f5ba35569950673a39809a4705635442ad887cd1f44934ac0ac43787749
GET /uploads/1/4/4/2/144264509/div_2_orig.jpg HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/jpeg
Content-Length: 647
Connection: keep-alive
Last-Modified: Wed, 14 Oct 2020 23:45:20 GMT
x-rgw-object-type: Normal
ETag: "bf2df85a61abcae14325fa0976ff8d51"
x-amz-request-id: tx00000000000001f147c8d-0062f26533-c03521c-sfo1
X-Storage-Bucket: z7822
X-Storage-Object: 78226f5ba35569950673a39809a4705635442ad887cd1f44934ac0ac43787749
X-Host: blu61.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/div_3_orig.jpg
200 OK 647 B URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/div_3_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 96x7, components 3\012- data
Hash bf2df85a61abcae14325fa0976ff8d51
dca85e6da5e7ad379656b637176706fa8d6699a4
78226f5ba35569950673a39809a4705635442ad887cd1f44934ac0ac43787749
GET /uploads/1/4/4/2/144264509/div_3_orig.jpg HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/jpeg
Content-Length: 647
Connection: keep-alive
Last-Modified: Wed, 14 Oct 2020 23:45:20 GMT
x-rgw-object-type: Normal
ETag: "bf2df85a61abcae14325fa0976ff8d51"
x-amz-request-id: tx000000000000015bf2d42-0061c9f7ed-a9f6a62-sfo1
X-Storage-Bucket: z7822
X-Storage-Object: 78226f5ba35569950673a39809a4705635442ad887cd1f44934ac0ac43787749
X-Host: grn73.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/icon2_1_orig.jpg
200 OK 1.2 kB URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/icon2_1_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 45x48, components 3\012- data
Hash 54feacd1ffc55ca9ba54643174739823
f0319227c80a36c2a8b7bb929a4ac658c000b201
a0f057b5adf0c27f3e522a44cbc96b02580abf372d3e13878876214c2ea22458
GET /uploads/1/4/4/2/144264509/icon2_1_orig.jpg HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/jpeg
Content-Length: 1218
Connection: keep-alive
Last-Modified: Thu, 28 Jul 2022 12:09:36 GMT
x-rgw-object-type: Normal
ETag: "54feacd1ffc55ca9ba54643174739823"
x-amz-request-id: tx00000000000001e009a4d-006351d6ee-c696eea-sfo1
X-Storage-Bucket: za0f0
X-Storage-Object: a0f057b5adf0c27f3e522a44cbc96b02580abf372d3e13878876214c2ea22458
X-Host: grn132.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/icon3_1_orig.jpg
200 OK 1.4 kB URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/icon3_1_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 45x48, components 3\012- data
Hash 06babaea3e3f4e25ab92850992b259cd
eb5de39bef230ca38b341ed5d9b5e826b9f17979
46193dbec01f2ee976e1166b87997482358c1bfe42fb6c02d71f49ecfecb741a
GET /uploads/1/4/4/2/144264509/icon3_1_orig.jpg HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/jpeg
Content-Length: 1391
Connection: keep-alive
Last-Modified: Wed, 12 May 2021 17:22:21 GMT
x-rgw-object-type: Normal
ETag: "06babaea3e3f4e25ab92850992b259cd"
x-amz-request-id: tx00000000000002dc5ccb9-00636bf8ac-c699baa-sfo1
X-Storage-Bucket: z4619
X-Storage-Object: 46193dbec01f2ee976e1166b87997482358c1bfe42fb6c02d71f49ecfecb741a
X-Host: blu146.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/testi_1_orig.jpg
200 OK 5.5 kB URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/testi_1_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 388x68, components 3\012- data
Hash baaa584b573e2d518c3dfe0c540b0218
a6782100b8b4bdd04495db0e2b431d3732c25df9
a55170662ce072e79f8bc7e3aea40316657425dffea01160090704503318ff20
GET /uploads/1/4/4/2/144264509/testi_1_orig.jpg HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/jpeg; charset=binary
Content-Length: 5525
Connection: keep-alive
Last-Modified: Wed, 29 Jul 2020 21:37:27 GMT
x-rgw-object-type: Normal
ETag: "baaa584b573e2d518c3dfe0c540b0218"
x-amz-request-id: tx000000000000025b056ef-0062fc39e9-bfe36ba-sfo1
X-Storage-Bucket: za551
X-Storage-Object: a55170662ce072e79f8bc7e3aea40316657425dffea01160090704503318ff20
X-Host: grn141.sf2p.intern.weebly.net
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Wed, 28 Dec 2022 19:33:03 GMT
Date: Wed, 28 Dec 2022 18:11:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Wed, 28 Dec 2022 19:33:03 GMT
Date: Wed, 28 Dec 2022 18:11:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Wed, 28 Dec 2022 19:33:03 GMT
Date: Wed, 28 Dec 2022 18:11:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7efeb4a1-9d83-4fe3-bd8d-999279ed4dcd.jpeg
200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7efeb4a1-9d83-4fe3-bd8d-999279ed4dcd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae5da67479fa2f3afda50a7566b5e46e
d71de1881ea09f0aed36703f95635cc0cd552429
a67eca901c4f8436074f48a594cd9942742430c8776745152baf3f858a9c3407
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7efeb4a1-9d83-4fe3-bd8d-999279ed4dcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4443
x-amzn-requestid: 6ca832c3-dcdc-4fc3-bb60-6868d09f824b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0y_zFEOoAMF9KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab6531-0a9be43a500ea8b41200cc43;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qy-hxddkp68OmfI4OKNvNu8mRO8re9SQNxsxuPcPyP7-tqIEdl7pug==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:19 GMT
age: 73777
etag: "d71de1881ea09f0aed36703f95635cc0cd552429"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ab36b0d168174ef2d960be9810fdb2d
7c8a7415cab3ef88b5d1204af214a687b1676dda
a1d842fd02273603db0090d34c317d7a3ce3e5f00f29271d45fc4ed6d09ee21e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7817
x-amzn-requestid: 21a68509-6fec-48b3-8bce-fb2ebfab3289
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0yuCEVwIAMFUrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64c0-5e23ceec731631d93e01e2c8;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1F1os87usGl0yMWsHxFZsVnrbmjJKydPf4ZXL4xsXjHau3fAS9Nf1Q==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:44:42 GMT
age: 73634
etag: "7c8a7415cab3ef88b5d1204af214a687b1676dda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45fd5586-9fcc-4409-88f6-52a554307609.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45fd5586-9fcc-4409-88f6-52a554307609.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a022f080982dddeaf2decce39bf2f1f7
dd9cb19eb6008d3558f60332bc16c83108474f66
fe2c473fa2e8bb50ead0a1faef96024d711c765330b887e72f53219e96adaf20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45fd5586-9fcc-4409-88f6-52a554307609.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5888
x-amzn-requestid: c2212a71-2743-49ed-80fe-5319f266932a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0y_0FUgoAMF1dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab6531-05343b8c4c574b530118c293;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7a0bEDDA67CyAKgVKUqz38Elve3uoZ392Ql0t0NVsypOXBc-zgjJNw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:28 GMT
etag: "dd9cb19eb6008d3558f60332bc16c83108474f66"
content-type: image/jpeg
age: 73768
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b373925ce249ca67e6984c436f5cd2b8
ddbc25025b933587990f8e9c32e91c9773256840
7d3c992b715283efeba9bee2e5c08042267017e76074ca6aad870e1dd45b4564
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9007
x-amzn-requestid: 15b3b2e5-d493-4b54-aab4-7374bf892e83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: drrFbESxIAMFikw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7beef-37f4ab8e7738b186705bb1db;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 03:09:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Swp663gmExgpgDT8bZUFNOpLEJHZDQWrEeasO7jgP5GClXzyJUTWgw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 03:27:43 GMT
age: 53053
etag: "ddbc25025b933587990f8e9c32e91c9773256840"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8978692-1057-4721-b58a-03675b009dec.webp
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8978692-1057-4721-b58a-03675b009dec.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003be820cd1d0f0365928cab98019457
e2a5c2764e4850aa95594c8b303aa4963d33954b
098fd59f48bb33d33764f64eb15d14840467d84544c34f35a6f86bb893be516d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8978692-1057-4721-b58a-03675b009dec.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5880
x-amzn-requestid: e87391e7-c302-42a9-9cdf-0ca5a264c973
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z-4GrNoAMFYyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66c5-6b7d0f3044ed76e91a8815d7;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QB3LsKzG9hiMrLwemezbf85srVaq07WnkcbHbOpjmO-chWigBRXwxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:29 GMT
etag: "e2a5c2764e4850aa95594c8b303aa4963d33954b"
content-type: image/jpeg
age: 73767
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac8e7926-34e8-4a65-ba5a-894c252c5826.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac8e7926-34e8-4a65-ba5a-894c252c5826.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b970ffab86fbe4a36726473524096ed1
92bc9a2cc454608eae4e310456f2ec180d4ccdca
9d9377466c1d69d25cbde0092dbebb8579ba3f172a001e3068690c7d7efc779c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac8e7926-34e8-4a65-ba5a-894c252c5826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9103
x-amzn-requestid: d35b52dd-fc72-47ca-8232-00e48cd6d209
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z_EEruIAMFlQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66c6-574a052f67683ba238966de5;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ohxADRAP902PofikgbhHb6N0yLainQlafqatm4eBQ1u5DHGr1r15Fg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:30 GMT
etag: "92bc9a2cc454608eae4e310456f2ec180d4ccdca"
content-type: image/jpeg
age: 73766
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.support-facebook.me/files/theme/images/button-arrow-black.svg?1672124484
200 OK 449 B URL HTTP/1.1 www.support-facebook.me/files/theme/images/button-arrow-black.svg?1672124484
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 6d6fe469fa7e1b358d91bc7c58d7051c
4e1d64fc8b61bfc957ddd34cca2e2dc40e2d8fd0
3617e1cd058cdcc9a11b7eb81422b1d0f2be414e4b33ad4b9398c13a6d322f77
GET /files/theme/images/button-arrow-black.svg?1672124484 HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/files/main_style.css?1672124484
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/svg; charset=us-ascii
Content-Length: 449
Connection: keep-alive
Last-Modified: Thu, 15 Jul 2021 10:54:34 GMT
x-rgw-object-type: Normal
ETag: "6d6fe469fa7e1b358d91bc7c58d7051c"
x-amz-request-id: tx0000000000000011af314-0061a75f3d-a9f1b25-sfo1
X-Storage-Bucket: z3617
X-Storage-Object: 3617e1cd058cdcc9a11b7eb81422b1d0f2be414e4b33ad4b9398c13a6d322f77
X-Host: grn39.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/download-5.png
200 OK 2.9 kB URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/download-5.png
IP
File type PNG image data, 378 x 133, 8-bit colormap, non-interlaced\012- data
Hash 9c7f9659e37ed7d474b47e56f08071f5
2c7f9842c6628b9fba4aa7c95efb72be03c70903
90d12b2241ea52e8f0e16d3085aaf3271c61b488dd8aa5590072167ff72fb5e2
GET /uploads/1/4/4/2/144264509/download-5.png HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/png
Content-Length: 2936
Connection: keep-alive
Last-Modified: Thu, 03 Oct 2019 14:21:21 GMT
x-rgw-object-type: Normal
ETag: "9c7f9659e37ed7d474b47e56f08071f5"
x-amz-request-id: tx0000000000000484c93c6-006399723c-c696eea-sfo1
X-Storage-Bucket: z90d1
X-Storage-Object: 90d12b2241ea52e8f0e16d3085aaf3271c61b488dd8aa5590072167ff72fb5e2
X-Host: grn73.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/files/theme/jquery.trend.js?1620848883
200 OK 3.8 kB URL HTTP/1.1 www.support-facebook.me/files/theme/jquery.trend.js?1620848883
IP
Hash 4beccebe0a060b2b2c43de5c2d4512ef
250a779dd017877b9f360b264cf072d9e87974ff
446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/jquery.trend.js?1620848883 HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: application/javascript
Content-Length: 3775
Connection: keep-alive
Last-Modified: Thu, 10 Feb 2022 08:22:06 GMT
x-rgw-object-type: Normal
ETag: "4beccebe0a060b2b2c43de5c2d4512ef"
x-amz-request-id: tx000000000000001ab0c70-0062847889-b9fbc77-sfo1
X-Storage-Bucket: z446f
X-Storage-Object: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
X-Host: grn132.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/icon1_1_orig.jpg
200 OK 1.3 kB URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/icon1_1_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 44x48, components 3\012- data
Hash f32d75f77d54693591f036e7ecee1a83
3d5951c5afc4d7d62c89ef6192b301764a4ee24a
8a0eb72f9cec538b1b4cdefc791436e992600eaadec2227143f15275e830752c
GET /uploads/1/4/4/2/144264509/icon1_1_orig.jpg HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/jpeg
Content-Length: 1317
Connection: keep-alive
Last-Modified: Mon, 17 May 2021 13:04:04 GMT
ETag: "f32d75f77d54693591f036e7ecee1a83"
x-amz-request-id: tx0000000000000231269bd-0061646e85-a803088-sfo1
X-Storage-Bucket: z8a0e
X-Storage-Object: 8a0eb72f9cec538b1b4cdefc791436e992600eaadec2227143f15275e830752c
X-Host: grn48.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/div_1_orig.jpg
200 OK 647 B URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/div_1_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 96x7, components 3\012- data
Hash bf2df85a61abcae14325fa0976ff8d51
dca85e6da5e7ad379656b637176706fa8d6699a4
78226f5ba35569950673a39809a4705635442ad887cd1f44934ac0ac43787749
GET /uploads/1/4/4/2/144264509/div_1_orig.jpg HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/jpeg
Content-Length: 647
Connection: keep-alive
Last-Modified: Wed, 14 Oct 2020 23:45:20 GMT
x-rgw-object-type: Normal
ETag: "bf2df85a61abcae14325fa0976ff8d51"
x-amz-request-id: tx0000000000000018b5677-0061a7ad01-a9f3e81-sfo1
X-Storage-Bucket: z7822
X-Storage-Object: 78226f5ba35569950673a39809a4705635442ad887cd1f44934ac0ac43787749
X-Host: blu68.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/logo2_1.png
200 OK 4.1 kB URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/logo2_1.png
IP
File type PNG image data, 149 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 4570e989c6ea2661148b59d788b37231
ccd0735259d68b6574d8845d4f946faa75268f5e
d1c4c7b3b9f598858ac94d4cae68ab8dc95a1015d224f291d6cd35933043c88c
GET /uploads/1/4/4/2/144264509/logo2_1.png HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/png; charset=binary
Content-Length: 4123
Connection: keep-alive
Last-Modified: Wed, 29 Jul 2020 21:37:25 GMT
x-rgw-object-type: Normal
ETag: "4570e989c6ea2661148b59d788b37231"
x-amz-request-id: tx00000000000002b98a20c-00636a6266-c6aed46-sfo1
X-Storage-Bucket: zd1c4
X-Storage-Object: d1c4c7b3b9f598858ac94d4cae68ab8dc95a1015d224f291d6cd35933043c88c
X-Host: blu146.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/background-images/630572271.jpg
200 OK 111 kB URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/background-images/630572271.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, comment: "Optimized by JPEGmini 3.13.3.2TB 0x86dff657", Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=Apple, model=iPhone, xresolution=148, yresolution=156, resolutionunit=0, software=GIMP 2.8.16, datetime=2016:09:09 18:12:07], baseline, precision 8, 1660x500, components 3\012- data
Size 111 kB (111151 bytes)
Hash 82984470e202c4db2ce3d6640e209f17
05e4f01a63c35a86718750339d26da3053dd2645
0584764ba9232f7d7fbf05e6db032834dca5cf6700d16622f613f2af32000e22
GET /uploads/1/4/4/2/144264509/background-images/630572271.jpg HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/jpeg; charset=binary
Content-Length: 111151
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 00:18:08 GMT
x-rgw-object-type: Normal
ETag: "82984470e202c4db2ce3d6640e209f17"
x-amz-request-id: tx00000000000001b46722b-0062ec0a97-c03521c-sfo1
X-Storage-Bucket: z0584
X-Storage-Object: 0584764ba9232f7d7fbf05e6db032834dca5cf6700d16622f613f2af32000e22
X-Host: grn141.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
200 OK 348 B URL HTTP/1.1 www.support-facebook.me/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.support-facebook.me
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 18:11:57 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu61.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: application/json
www.support-facebook.me/uploads/1/4/4/2/144264509/background-images/725157760.jpg
200 OK 252 kB URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/background-images/725157760.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1053, components 3\012- data
Size 252 kB (252520 bytes)
Hash 86252cda472e32832c738e493e3658fe
3965a3c572b25a2a5f52e3c93a330e6f32555799
5c845a28fd9e8b6b7531b86c91f2881a50ce296087faae047186586e0effb48f
GET /uploads/1/4/4/2/144264509/background-images/725157760.jpg HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/jpeg
Content-Length: 252520
Connection: keep-alive
Last-Modified: Mon, 28 Mar 2022 13:23:28 GMT
x-rgw-object-type: Normal
ETag: "86252cda472e32832c738e493e3658fe"
x-amz-request-id: tx00000000000001ad2ff8a-0062ebaa9c-c033918-sfo1
X-Storage-Bucket: z5c84
X-Storage-Object: 5c845a28fd9e8b6b7531b86c91f2881a50ce296087faae047186586e0effb48f
X-Host: blu84.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.support-facebook.me/uploads/1/4/4/2/144264509/background-images/580061322.jpg
200 OK 238 kB URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/background-images/580061322.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=Canon, model=Canon EOS 7D, orientation=[*0*], xresolution=142, yresolution=150, resolutionunit=0, software=GIMP 2.8.16, datetime=2016:09:10 06:20:19], baseline, precision 8, 1660x550, components 3\012- data
Size 238 kB (238234 bytes)
Hash bed8fd5efc14d6e9285a83d05fd28123
ee800de7869be8085193d03db8563e11983b5455
fb5335eaf32eee89e383c8881e0ff0f7a4f4985098a42a94f1957871216aea49
GET /uploads/1/4/4/2/144264509/background-images/580061322.jpg HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/jpeg; charset=binary
Content-Length: 238234
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 00:18:07 GMT
x-rgw-object-type: Normal
ETag: "bed8fd5efc14d6e9285a83d05fd28123"
x-amz-request-id: tx000000000000033406e8c-0063768f8f-c6aed46-sfo1
X-Storage-Bucket: zfb53
X-Storage-Object: fb5335eaf32eee89e383c8881e0ff0f7a4f4985098a42a94f1957871216aea49
X-Host: blu135.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 378d68c6b11e406fa6657934a6c93082
91d85a647e4efbf1d0144441509afb6cbd5d5f61
6437e102655eda825d394c357a7f7e4508017ff8fb10e87d438757a5d2d0413a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88684
Date: Wed, 28 Dec 2022 18:11:57 GMT
Etag: "63ab2ea3-1d7"
Expires: Thu, 29 Dec 2022 18:50:01 GMT
Last-Modified: Tue, 27 Dec 2022 17:42:59 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _iBEZ0EX5Xnoh0gmUpYvf92nmdc-IXsANXp0JRmKaHiFFtPcSAPgoQ==
Age: 4022
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 378d68c6b11e406fa6657934a6c93082
91d85a647e4efbf1d0144441509afb6cbd5d5f61
6437e102655eda825d394c357a7f7e4508017ff8fb10e87d438757a5d2d0413a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Dec 2022 18:11:57 GMT
Last-Modified: Wed, 28 Dec 2022 16:24:21 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _soUwapDzItv4bSSGOFHyW6SvzdoPiTpiH3u1IHQP6svesoAyXuLRg==
Age: 6456
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b679e7c79765f76fd0c1c33a9233ee85
6542d96f6027699e6e380572c78f6b8dacc80155
3cc09b13f4ed9fc5a713b0f2f1e4b7d00259319c62189b885329afcad5bebf0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 28 Dec 2022 17:33:17 GMT
expires: Wed, 28 Dec 2022 19:33:17 GMT
cache-control: public, max-age=7200
age: 2320
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a76f9a6cacbb107da9d8d0b989936128
35f6bf4cf5d983f4f8edcb3e0db58cee5f2b552e
0a0ab2ab5964131b0bca0c63cc6ce85704e5d61b30c00555dbec6f399af6fedd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.support-facebook.me/
Origin: https://www.support-facebook.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:11:57 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.support-facebook.me
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
www.support-facebook.me/favicon.ico
200 OK 17 kB URL HTTP/1.1 www.support-facebook.me/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 4f91c5ce9a719329623ab8404585c248
e2b5a64f2feb564334e85f12df221d2a0f625876
2cbf3f1e72829fc4328556754771c35ef0c295fabca649ffe9bb9527f525f65f
GET /favicon.ico HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en; _snow_ses.356a=*; _snow_id.356a=e149c3e5-9ceb-472f-ac33-7ff5f38def08.1672251112.1.1672251112.1672251112.b86466f2-e53f-4a68-82c0-b12461ac1181
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:57 GMT
Content-Type: image/x-icon
Content-Length: 16958
Connection: keep-alive
Last-Modified: Tue, 22 Feb 2022 13:29:20 GMT
x-rgw-object-type: Normal
ETag: "4f91c5ce9a719329623ab8404585c248"
x-amz-request-id: tx00000000000004d3a00cd-0063a457ca-c6aed46-sfo1
X-Storage-Bucket: z2cbf
X-Storage-Object: 2cbf3f1e72829fc4328556754771c35ef0c295fabca649ffe9bb9527f525f65f
X-Host: grn141.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1794
Origin: https://www.support-facebook.me
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:11:57 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=916b0fe8-0660-4225-bd88-9a4a3f83d334; Expires=Thu, 28 Dec 2023 18:11:57 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.support-facebook.me
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.support-facebook.me/uploads/1/4/4/2/144264509/img1_1_orig.png
200 OK 299 kB URL HTTP/1.1 www.support-facebook.me/uploads/1/4/4/2/144264509/img1_1_orig.png
IP
File type PNG image data, 444 x 443, 8-bit/color RGBA, non-interlaced\012- data
Size 299 kB (298940 bytes)
Hash 6f4ccfad4cc9ef05bb7040a9de5d149b
1870c561458c7408ed094278e8d828c69d22d99c
b64c3d13f108d7fcf35b2f1a17136ee01fa5e1fe1d7f01aaf6bd5343ecefb941
GET /uploads/1/4/4/2/144264509/img1_1_orig.png HTTP/1.1
Host: www.support-facebook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:11:56 GMT
Content-Type: image/png
Content-Length: 298940
Connection: keep-alive
Last-Modified: Mon, 05 Oct 2020 09:15:28 GMT
x-rgw-object-type: Normal
ETag: "6f4ccfad4cc9ef05bb7040a9de5d149b"
x-amz-request-id: tx00000000000002dbce0ac-00636bee9f-c699baa-sfo1
X-Storage-Bucket: zb64c
X-Storage-Object: b64c3d13f108d7fcf35b2f1a17136ee01fa5e1fe1d7f01aaf6bd5343ecefb941
X-Host: blu146.sf2p.intern.weebly.net
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f83de5-47cd-4586-9dca-ab7c314cbd0e.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f83de5-47cd-4586-9dca-ab7c314cbd0e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9dcccae2018607dee1459081249c91e
2ecfa42f64013afc536c16fcd2250d8229f81654
41839d89192ec4771a6cd5a431617c0b7855701f93c722d025d3f056f109b552
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f83de5-47cd-4586-9dca-ab7c314cbd0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 70cc8d68-0917-472f-9d64-1d4f708791e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0yuVGkHoAMFskg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64c1-2aba103f6a75466c19ddbbd6;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lScTBikZKapio1FOewnfcSCiGyEpXxtMQztgLj-GROHqQ01VEgAnjw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:51:12 GMT
age: 73251
etag: "2ecfa42f64013afc536c16fcd2250d8229f81654"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1671221571
200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1671221571
IP
GET /js/site/main-customer-accounts-site.js?buildTime=1671221571 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.support-facebook.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 16 Dec 2022 19:54:38 GMT
etag: "639cccfe-82588"
expires: Fri, 30 Dec 2022 20:15:51 GMT
cache-control: max-age=1209600
x-host: grn64.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:11:55 GMT
age: 1029364
x-served-by: cache-sjc10062-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 10, 2
x-timer: S1672251116.646048,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 159020
X-Firefox-Spdy: h2
199.34.228.159
104.18.21.226
23.36.76.226
93.184.220.29