Overview

URLsecure.theawakeningofanangel.com/login.php?aa32459a0a44cebd6f1bdd82a51ed874=
IP 203.26.41.132 (Australia)
ASN#38719 Dreamscape Networks Limited
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2023-01-25 15:55:54 UTC
StatusLoading report..
IDS alerts0
Blocklist alert6
urlquery alerts No alerts detected
Tags None

Domain Summary (10)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2023-01-25 04:09:39 UTC 35.241.9.150
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2023-01-25 04:09:41 UTC 34.117.237.239
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2023-01-25 11:19:42 UTC 93.184.220.29
static.xx.fbcdn.net (8) 661 2012-12-01 13:12:13 UTC 2023-01-24 17:13:56 UTC 31.13.72.12
img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2023-01-25 04:09:34 UTC 34.120.237.76
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2023-01-25 04:09:15 UTC 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2023-01-25 04:09:50 UTC 34.160.144.191
secure.theawakeningofanangel.com (3) 0 2023-01-21 02:17:18 UTC 2023-01-25 04:27:41 UTC 203.26.41.132 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2023-01-25 04:10:25 UTC 52.39.57.61
facebook.com (1) 17 2012-05-21 17:10:05 UTC 2023-01-24 17:20:58 UTC 31.13.72.36

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2023-01-21 2 secure.theawakeningofanangel.com/ Facebook, Inc.
2023-01-21 2 secure.theawakeningofanangel.com/ Facebook, Inc.
2023-01-21 2 secure.theawakeningofanangel.com/ Facebook, Inc.

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2023-01-25 2 secure.theawakeningofanangel.com/login.php?aa32459a0a44cebd6f1bdd82a51ed874= Phishing
2023-01-25 2 secure.theawakeningofanangel.com/login.php?ec0b5d387ac402b510e353358c7858f8 Phishing
2023-01-25 2 secure.theawakeningofanangel.com/app.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected

ThreatFox
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 203.26.41.132
Date UQ / IDS / BL URL IP
2023-02-03 00:40:00 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?0c (...) 203.26.41.132
2023-02-03 00:28:16 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?13 (...) 203.26.41.132
2023-02-02 23:40:27 +0000 0 - 0 - 6 secure.theawakeningofanangel.com/login.php?3b (...) 203.26.41.132
2023-02-02 23:40:07 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?c6 (...) 203.26.41.132
2023-02-02 23:27:56 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?77 (...) 203.26.41.132


Last 5 reports on ASN: Dreamscape Networks Limited
Date UQ / IDS / BL URL IP
2023-02-05 23:50:54 +0000 0 - 0 - 2 trcomputing.com.au/otp2.html 203.28.48.8
2023-02-05 23:50:33 +0000 0 - 0 - 4 trcomputing.com.au/personal.html 203.28.48.8
2023-02-05 22:13:52 +0000 121 - 0 - 115 lisellepowell.com/wp-admin/americanexpress.co (...) 116.0.21.223
2023-02-05 21:39:35 +0000 1 - 1 - 6 gleesoncivil.com.au/mtbd/M&T/login.php?online (...) 116.0.23.225
2023-02-05 18:38:03 +0000 1 - 1 - 6 gleesoncivil.com.au/mtbd/M&T/login.php?online (...) 116.0.23.225


Last 5 reports on domain: theawakeningofanangel.com
Date UQ / IDS / BL URL IP
2023-02-03 00:40:00 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?0c (...) 203.26.41.132
2023-02-03 00:28:16 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?13 (...) 203.26.41.132
2023-02-02 23:40:27 +0000 0 - 0 - 6 secure.theawakeningofanangel.com/login.php?3b (...) 203.26.41.132
2023-02-02 23:40:07 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?c6 (...) 203.26.41.132
2023-02-02 23:27:56 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?77 (...) 203.26.41.132


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-03 00:40:00 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?0c (...) 203.26.41.132
2023-02-03 00:28:16 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?13 (...) 203.26.41.132
2023-02-02 23:40:27 +0000 0 - 0 - 6 secure.theawakeningofanangel.com/login.php?3b (...) 203.26.41.132
2023-02-02 23:40:07 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?c6 (...) 203.26.41.132
2023-02-02 23:27:56 +0000 0 - 0 - 8 secure.theawakeningofanangel.com/login.php?77 (...) 203.26.41.132

JavaScript

Executed Scripts (29)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (34)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11327
Expires: Wed, 25 Jan 2023 19:04:30 GMT
Date: Wed, 25 Jan 2023 15:55:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8890
Expires: Wed, 25 Jan 2023 18:23:53 GMT
Date: Wed, 25 Jan 2023 15:55:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6878
Expires: Wed, 25 Jan 2023 17:50:21 GMT
Date: Wed, 25 Jan 2023 15:55:43 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 15:42:49 GMT
age: 774
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    bf0c602d32b3c14606f22a86183b5e3c
Sha1:   6eabd8d83475eba731968abe1a05a8bfd272f160
Sha256: 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: M2paPEFfoXkzSJs2SJsJW4neN46rZcvYHMB6Iaw8ZMRPP2eNkAvRyYFNWMWJyLue+c85gOnslmM=
x-amz-request-id: V93NY7PSDGXGQXJQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 15:19:43 GMT
age: 2160
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    7b922915ebf1fa3639b333f994c74f24
Sha1:   144a3f80b98fd0652d4614f24cf6cbbee40f8938
Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 25 Jan 2023 15:55:43 GMT
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 15:48:59 GMT
age: 405
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /login.php?aa32459a0a44cebd6f1bdd82a51ed874= HTTP/1.1 
Host: secure.theawakeningofanangel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         203.26.41.132
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 25 Jan 2023 15:55:43 GMT
Server: Apache
X-Powered-By: PHP/8.1.13
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=a1n6f0rhgo2mbo3rn93ofl8g2k; path=/
location: ./index.php
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14014), with CRLF line terminators
Size:   14046
Md5:    94ebc8b170de149bd7eaa3eb0f408aec
Sha1:   5895d165698f2017327383868774b47319455650
Sha256: f65335ee2e201eccf3909766e4e4fddbb6fc0704913e2a017a3d91627bc4c6ea

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10742
Expires: Wed, 25 Jan 2023 18:54:46 GMT
Date: Wed, 25 Jan 2023 15:55:44 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: q2opPR8kOlXz1ho5dGP6xg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.39.57.61
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kI541BovOhmKqEcR/XHSKVE9RGo=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6067
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 15:55:44 GMT
Last-Modified: Wed, 25 Jan 2023 14:14:37 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6018
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 15:55:44 GMT
Last-Modified: Wed, 25 Jan 2023 14:15:26 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3055
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 15:55:44 GMT
Last-Modified: Wed, 25 Jan 2023 15:04:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5721
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 15:55:44 GMT
Last-Modified: Wed, 25 Jan 2023 14:20:23 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /rsrc.php/v3/y6/l/0,cross/6HqFJ_mvGlc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://secure.theawakeningofanangel.com
Connection: keep-alive
Referer: http://secure.theawakeningofanangel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 404 Not Found
content-type: text/html; charset="utf-8"
                                        
x-fatal-request: static.xx.fbcdn.net
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-security-policy: default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: +4BPMK8/F5Xj34EVa25fXmQykXtHdNAk66zB5H82OdyKfVTFYjgjcdjwTq323nmiphMd0ICt7oc0PPUnNMUAzg==
content-length: 0
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 15:55:44 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /rsrc.php/v3/yM/l/0,cross/Ob1hW9agRko.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://secure.theawakeningofanangel.com
Connection: keep-alive
Referer: http://secure.theawakeningofanangel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 404 Not Found
content-type: text/html; charset="utf-8"
                                        
x-fatal-request: static.xx.fbcdn.net
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-security-policy: default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: +AtgJkdgN5Mr7baP0BV/bMwa2wxGOGct8fRo1yW5/1LjXAF8fBi+SXEMB9TjR9gZ/Y+REy4PfiFgY7SApNNhng==
content-length: 0
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 15:55:44 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /rsrc.php/v3/yR/l/0,cross/HyevcVUY84l.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://secure.theawakeningofanangel.com
Connection: keep-alive
Referer: http://secure.theawakeningofanangel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 21 Jan 2024 04:24:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 7we1/LTAHzNbxsQLPKcnPQ==
x-fb-debug: TFGIGTFX1+iqw1RK+uKq/io5U0Ab3CqGwtW2UymhFR3smgf63x1zDWZu8IUtcSVYVOplfJBrh5FCqLyei1sPdA==
priority: u=3,i
content-length: 3703
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 15:55:44 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6914)
Size:   3703
Md5:    ef07b5fcb4c01f335bc6c40b3ca7273d
Sha1:   37edd4be453e4b1e52c485b73f25302fae1b978f
Sha256: 6b0076d222ded684b2c5ecbd3cfce3cd261beca84591dfd11caa638116a6c6d8
                                        
                                            GET /rsrc.php/v3/y4/r/S1xQXFvWjSZ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://secure.theawakeningofanangel.com
Connection: keep-alive
Referer: http://secure.theawakeningofanangel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 23 Jan 2024 13:26:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: YANpQRGyS6Ug//iRxiDpdg==
x-fb-debug: WlV273+rPJGx8wvfJTRwqe3+1BY6gJYnnsd1rLRR6DnD04jJlFVy1ck9DgJ/nSd6/pUZKebM7+jcTNajID93EQ==
content-length: 72932
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 15:55:44 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18610)
Size:   72932
Md5:    6003694111b24ba520fff891c620e976
Sha1:   d4ef5dfb357b7fb5667e66c99701374c7ca28eb1
Sha256: e3d8a0fb64d7e58489988f91a43992a96f740a4e32ee108e28c05292bf7b0186
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6067
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 15:55:44 GMT
Last-Modified: Wed, 25 Jan 2023 14:14:37 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /rsrc.php/v3imlz4/yp/l/en_GB/akRKc9jHqhM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://secure.theawakeningofanangel.com
Connection: keep-alive
Referer: http://secure.theawakeningofanangel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 404 Not Found
content-type: text/html; charset="utf-8"
                                        
x-fatal-request: static.xx.fbcdn.net
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-security-policy: default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: TifDVguLOpoA7HkIelBoVuie/gCNPhbd+NORbNt/yFHC0AFxQVG8CH28wm5pq3qvFYF3HPpYfW3FnuDGUtAcHQ==
priority: u=3,i
content-length: 0
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 15:55:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /rsrc.php/v3/yT/r/-BTMjazDHfN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://secure.theawakeningofanangel.com
Connection: keep-alive
Referer: http://secure.theawakeningofanangel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 24 Jan 2024 17:31:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 2N6KmLVfDQErGSjzhR4CXw==
x-fb-debug: kU3D8yzipJ1qjXQQeXFF//pKNVCw7WCqv5rfDMX+ULgmEFr4sbbvx5xMmsNdI3NbS4RuBVqc0sY6SaEvK4U3yA==
content-length: 11674
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 15:55:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5830)
Size:   11674
Md5:    d8de8a98b55f0d012b1928f3851e025f
Sha1:   c7ecb3b16db60540e5aa3dbd662bcd857144904e
Sha256: bb3f950866a4834c528848b769e1690990f3e88fdc6589bb858be68b81ce4dac
                                        
                                            GET /rsrc.php/v3/yb/r/5KKKu7biskN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://secure.theawakeningofanangel.com
Connection: keep-alive
Referer: http://secure.theawakeningofanangel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 16 Jan 2024 07:38:28 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 9//UI+JxeOcc4rqKOUs0+w==
x-fb-debug: sUkgxEdso7Wuegmx6jA5NDnnoXaTBPG00NHECmDkrupUlSrPi/xSy2YNCFHBtAOqMrZTH+C1d8a84X85Mzzz7g==
priority: u=3,i
content-length: 10690
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 15:55:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7854)
Size:   10690
Md5:    f7ffd423e27178e71ce2ba8a394b34fb
Sha1:   8d0f449c1ebd2257365efc0c7408c0fb5cbdfd64
Sha256: 07e97d926f3cb8039f39412914642e03a714d4d5d4125e74273a17d04b2fd8da
                                        
                                            GET /rsrc.php/v3/yi/r/ohs53z_4AL7.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://secure.theawakeningofanangel.com
Connection: keep-alive
Referer: http://secure.theawakeningofanangel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 04:17:52 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: fAOoF9+0aoiGDVIthlREGA==
x-fb-debug: JZVaMINLVhLb8uBDu8KhAzBd8TGfOkgcBMgvHrogw82q/SOkZQON/vFhPK4FGWyMuO4EcQap5N9MvPbQA9cp0Q==
content-length: 7358
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 15:55:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (7258)
Size:   7358
Md5:    7c03a817dfb46a88860d522d86544418
Sha1:   f0b6a8daf8bfdc1307edb75f6e69722870742d81
Sha256: e043a53ffc98f11a23d74efbacc76570701e55807d78e0ec0b6f913c270c0d29
                                        
                                            GET /login.php?ec0b5d387ac402b510e353358c7858f8 HTTP/1.1 
Host: secure.theawakeningofanangel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=a1n6f0rhgo2mbo3rn93ofl8g2k
Upgrade-Insecure-Requests: 1

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 25 Jan 2023 15:55:44 GMT
Server: Apache
X-Powered-By: PHP/8.1.13
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26286), with CRLF line terminators
Size:   53921
Md5:    08a1c97c0cc4c29ff785a6bc82b002b5
Sha1:   013d83aee92938e6f7c32c50542e818dc8a7c3fb
Sha256: d9bf1ed694f571015d62652288b689f439187748cf24d4bb777f9b085df9228d

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /app.js HTTP/1.1 
Host: secure.theawakeningofanangel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://secure.theawakeningofanangel.com/login.php?ec0b5d387ac402b510e353358c7858f8
Connection: keep-alive
Cookie: PHPSESSID=a1n6f0rhgo2mbo3rn93ofl8g2k

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 25 Jan 2023 15:55:45 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2022 08:32:38 GMT
Accept-Ranges: bytes
Content-Length: 130
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   130
Md5:    0f34112765ef9705db6c8798ba660d91
Sha1:   a49143fae0ca04bb9bc7297578acd806583b6a91
Sha256: 20f82e6a4d5f43dd74573e158ba1cc6106ab8956522b7cf662caa338263bc4c4

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2740
Expires: Wed, 25 Jan 2023 16:41:26 GMT
Date: Wed, 25 Jan 2023 15:55:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2740
Expires: Wed, 25 Jan 2023 16:41:26 GMT
Date: Wed, 25 Jan 2023 15:55:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2740
Expires: Wed, 25 Jan 2023 16:41:26 GMT
Date: Wed, 25 Jan 2023 15:55:46 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:59:15 GMT
age: 64591
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8308
Md5:    91b2e12a39dc4f63b9d52e8800cce1f2
Sha1:   42d5b4b4a091778d98c351f0002d8656449d0243
Sha256: d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:14:35 GMT
age: 38471
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12758
Md5:    7458f7a9b2070055df6f1d496794e43e
Sha1:   0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
Sha256: 373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:57:09 GMT
age: 28717
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10921
Md5:    1d76c1b1126a3e1b51dcca652cb6727b
Sha1:   b199a381ccac4628f2bfa626b44c71954713ca98
Sha256: 3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6026
x-amzn-requestid: 4b05d7f7-783f-4a79-9eed-bbbeb53bc677
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRQ-QHmZIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d061f4-721f473c5c8dadd163ca7689;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 22:55:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -GQ5kEZvbltzLlBeml1PxYH3ufTrSMApVjDyR_NkR-6-vXfuJHOb0g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 23:09:45 GMT
age: 60361
etag: "7596b783e0da5fba63c49374933eccffc223d729"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6026
Md5:    bb6c1403a1d3c878c08ccaf17f8b3d0a
Sha1:   7596b783e0da5fba63c49374933eccffc223d729
Sha256: 1524dbef51237950d4a14a0e2e053fad933dd92ee0831e2de5c45513122f1d58
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8252
x-amzn-requestid: a5a39d22-de0e-4b2e-b3e2-aad1d0090881
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtiHo7oAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-0cd78ff23e91baf668276053;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s8JWGyQ0pTWcaGk0n2PQOpAhjKLuNlbI4wCZAidzoBR5RQreO2rh9g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:15:35 GMT
age: 38411
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8252
Md5:    d10114508bd40d76f497fc5b9c064350
Sha1:   c9b86b2b27063e0a58b0f237d451f9cf05b2122d
Sha256: a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
                                        
                                            GET /security/hsts-pixel.gif HTTP/1.1 
Host: facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure.theawakeningofanangel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: image/gif
                                        
vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-fb-debug: fCWJt5nh24yJnaCYGMeOy81k73VO+VZuaVn7Vrupop7uZb7iJlOyHNnSjSv01T1CFtJQf/gbh8mEOpeshlWhEg==
date: Wed, 25 Jan 2023 15:55:45 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   9694
Md5:    60808661452e2251f7342ff227c66498
Sha1:   2116dd64d03c95d56034b98b7f8c7e6a3a39716a
Sha256: 8ec4ec7672e861f804fa2e117a38e0e02f5f6663cf0d156a32d6dd874dd36b0e