| au.policy-fb.com/support/disagree-decision/ | 107.180.114.159 | 200 OK | 584 B |
URL User Request GET HTTP/2au.policy-fb.com/support/disagree-decision/ IP107.180.114.159:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
CertificateIssuerLet's Encrypt Subjectau.policy-fb.com FingerprintC8:E7:72:51:B5:45:E9:C9:2C:70:2C:B6:59:09:8E:07:B1:BC:B8:D3 ValidityWed, 24 Apr 2024 00:34:42 GMT - Tue, 23 Jul 2024 00:34:41 GMT
File typeHTML document, ASCII text, with very long lines (1575), with no line terminators Hash0d0ddc1080c381516a031e64570e15d3 d38e8acf2be209a9642d325883e28ae0714bdd9d f1fe1a4ae4ed7b7c4930898c70447ab9df96852c4010e7ab4c68431d434c4ace
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook | OpenPhish | phishing | Facebook, Inc. | PhishTank | phishing | Facebook |
GET /support/disagree-decision/ HTTP/1.1
Host: au.policy-fb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 10:30:10 GMT
etag: "15c0045-452-616d527b0b080-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 584
content-type: text/html
date: Wed, 24 Apr 2024 16:01:36 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| img1.wsimg.com/traffic-assets/js/tccl.min.js | 23.36.79.43 | 301 Moved Permanently | 0 B |
URL GET HTTP/2img1.wsimg.com/traffic-assets/js/tccl.min.js IP23.36.79.43:443 ASN#20940 Akamai International B.V.
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerStarfield Technologies, Inc. Subject*.wsimg.com FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-length: 0
location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 16:01:36 GMT
date: Wed, 24 Apr 2024 16:01:36 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js | 23.36.79.43 | 200 OK | 20 kB |
URL GET HTTP/2img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js IP23.36.79.43:443 ASN#20940 Akamai International B.V.
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerStarfield Technologies, Inc. Subject*.wsimg.com FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashfdf3f3c180ae2aa6864f9c46a83a37a9 59f698af339af479bc5447e5da54778d909c7068 e301943f5f3cb3486ab3f4c75c0315e96891268a76b8663b6a490324e39d1664
GET /signals/js/clients/scc-c2/scc-c2.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://au.policy-fb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: HyXAvSj7EC14E9pYublP3xb3ZXNmUpbI7rsYmZVew08Imkac/1BCul1w8UzhfJgSpBBLfb+ME1g=
x-amz-request-id: VZW7NMR39CXK5MKS
last-modified: Fri, 22 Mar 2024 13:06:20 GMT
etag: "fdf3f3c180ae2aa6864f9c46a83a37a9"
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.2.5
x-amz-version-id: NUbpk_ypfZoRQFFJE7rB4qpj7fMsB7r1
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1800
expires: Wed, 24 Apr 2024 16:31:36 GMT
date: Wed, 24 Apr 2024 16:01:36 GMT
content-length: 20488
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| au.policy-fb.com/support/disagree-decision/static/css/main.c3b41b8e.css | 107.180.114.159 | 200 OK | 33 kB |
URL GET HTTP/2au.policy-fb.com/support/disagree-decision/static/css/main.c3b41b8e.css IP107.180.114.159:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerLet's Encrypt Subjectau.policy-fb.com FingerprintC8:E7:72:51:B5:45:E9:C9:2C:70:2C:B6:59:09:8E:07:B1:BC:B8:D3 ValidityWed, 24 Apr 2024 00:34:42 GMT - Tue, 23 Jul 2024 00:34:41 GMT
File typeASCII text, with very long lines (58732) Hash40008e1a75c40fc7db08bed94c613aae 6ffe07948f0564fa066d695888a04fdda5cf0885 c41a2b75d5dc01d25612e7bf87a32a320cbcd356acf647dfac13b0edc3764d4d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
GET /support/disagree-decision/static/css/main.c3b41b8e.css HTTP/1.1
Host: au.policy-fb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/support/disagree-decision/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 10:30:10 GMT
etag: "15c004d-2653c-616d527b0b080-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 32809
content-type: text/css
date: Wed, 24 Apr 2024 16:01:36 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| au.policy-fb.com/support/disagree-decision/static/js/main.94f6ac25.js | 107.180.114.159 | 200 OK | 110 kB |
URL GET HTTP/2au.policy-fb.com/support/disagree-decision/static/js/main.94f6ac25.js IP107.180.114.159:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerLet's Encrypt Subjectau.policy-fb.com FingerprintC8:E7:72:51:B5:45:E9:C9:2C:70:2C:B6:59:09:8E:07:B1:BC:B8:D3 ValidityWed, 24 Apr 2024 00:34:42 GMT - Tue, 23 Jul 2024 00:34:41 GMT
File typeJavaScript source, ASCII text, with very long lines (65465) Size110 kB (110281 bytes) Hash8947f8119e1bab399e1a0ddb6e46932a 2ea9dc53aa867bce712112739ab4545f3c985863 263e255a86d1366555a43112751ec434eb1462df3baf091cc05bd61e6ffbabf2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
GET /support/disagree-decision/static/js/main.94f6ac25.js HTTP/1.1
Host: au.policy-fb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/support/disagree-decision/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 10:30:10 GMT
etag: "15c008c-58609-616d527b0b080-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 110281
content-type: text/javascript
date: Wed, 24 Apr 2024 16:01:36 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| events.api.secureserver.net/t/1/tl/event?dh=au.policy-fb.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&client_name=scc-c2&cv=0.2.5&vg=f195355b-d853-4035-992e-4ed0c381661b&vtg=f195355b-d853-4035-992e-4ed0c381661b&dp=%2Fsupport%2Fdisagree-decision&trace_id=b7ab678adab34e83ad7c1f97561fa4fd&cts=2024-04-24T16%3A01%3A37.559Z&hit_id=6713a261-f97b-4553-b685-b7c3d3e98527&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl505279%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229852824%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=226405316&z=569933467&tce=1713974496509&tcs=1713974496050&tdc=1713974497553&tdclee=1713974497552&tdcles=1713974497548&tdi=1713974497326&tdl=1713974496807&tdle=1713974496050&tdls=1713974496050&tfs=1713974496049&tns=1713974496029&trqs=1713974496510&tre=1713974496659&trps=1713974496659&tles=1713974497553&tlee=0&nt=navigate&nav_type=hard | 104.69.222.195 | 200 OK | 43 B |
URL GET HTTP/2events.api.secureserver.net/t/1/tl/event?dh=au.policy-fb.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&client_name=scc-c2&cv=0.2.5&vg=f195355b-d853-4035-992e-4ed0c381661b&vtg=f195355b-d853-4035-992e-4ed0c381661b&dp=%2Fsupport%2Fdisagree-decision&trace_id=b7ab678adab34e83ad7c1f97561fa4fd&cts=2024-04-24T16%3A01%3A37.559Z&hit_id=6713a261-f97b-4553-b685-b7c3d3e98527&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl505279%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229852824%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=226405316&z=569933467&tce=1713974496509&tcs=1713974496050&tdc=1713974497553&tdclee=1713974497552&tdcles=1713974497548&tdi=1713974497326&tdl=1713974496807&tdle=1713974496050&tdls=1713974496050&tfs=1713974496049&tns=1713974496029&trqs=1713974496510&tre=1713974496659&trps=1713974496659&tles=1713974497553&tlee=0&nt=navigate&nav_type=hard IP104.69.222.195:443 ASN#20940 Akamai International B.V.
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerStarfield Technologies, Inc. Subject*.api.secureserver.net Fingerprint86:0A:54:3C:14:92:76:57:19:E1:8B:86:AE:B6:C7:06:3C:C8:7A:58 ValidityMon, 10 Jul 2023 19:26:59 GMT - Sat, 10 Aug 2024 19:26:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hash325472601571f31e1bf00674c368d335 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?dh=au.policy-fb.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&client_name=scc-c2&cv=0.2.5&vg=f195355b-d853-4035-992e-4ed0c381661b&vtg=f195355b-d853-4035-992e-4ed0c381661b&dp=%2Fsupport%2Fdisagree-decision&trace_id=b7ab678adab34e83ad7c1f97561fa4fd&cts=2024-04-24T16%3A01%3A37.559Z&hit_id=6713a261-f97b-4553-b685-b7c3d3e98527&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl505279%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229852824%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=226405316&z=569933467&tce=1713974496509&tcs=1713974496050&tdc=1713974497553&tdclee=1713974497552&tdcles=1713974497548&tdi=1713974497326&tdl=1713974496807&tdle=1713974496050&tdls=1713974496050&tfs=1713974496049&tns=1713974496029&trqs=1713974496510&tre=1713974496659&trps=1713974496659&tles=1713974497553&tlee=0&nt=navigate&nav_type=hard HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://au.policy-fb.com
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://au.policy-fb.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 24 Apr 2024 16:01:37 GMT
X-Firefox-Spdy: h2
|
|
| events.api.secureserver.net/t/1/tl/event?dh=au.policy-fb.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&client_name=scc-c2&cv=0.2.5&vg=f195355b-d853-4035-992e-4ed0c381661b&vtg=f195355b-d853-4035-992e-4ed0c381661b&dp=%2Fsupport%2Fdisagree-decision&trace_id=b7ab678adab34e83ad7c1f97561fa4fd&cts=2024-04-24T16%3A01%3A37.326Z&hit_id=883f993e-92eb-48fc-9d16-1f88f2fe74e5&ht=pageview&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl505279%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229852824%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=226405316&z=505051676 | 104.69.222.195 | 200 OK | 43 B |
URL GET HTTP/2events.api.secureserver.net/t/1/tl/event?dh=au.policy-fb.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&client_name=scc-c2&cv=0.2.5&vg=f195355b-d853-4035-992e-4ed0c381661b&vtg=f195355b-d853-4035-992e-4ed0c381661b&dp=%2Fsupport%2Fdisagree-decision&trace_id=b7ab678adab34e83ad7c1f97561fa4fd&cts=2024-04-24T16%3A01%3A37.326Z&hit_id=883f993e-92eb-48fc-9d16-1f88f2fe74e5&ht=pageview&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl505279%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229852824%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=226405316&z=505051676 IP104.69.222.195:443 ASN#20940 Akamai International B.V.
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerStarfield Technologies, Inc. Subject*.api.secureserver.net Fingerprint86:0A:54:3C:14:92:76:57:19:E1:8B:86:AE:B6:C7:06:3C:C8:7A:58 ValidityMon, 10 Jul 2023 19:26:59 GMT - Sat, 10 Aug 2024 19:26:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hash325472601571f31e1bf00674c368d335 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?dh=au.policy-fb.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&client_name=scc-c2&cv=0.2.5&vg=f195355b-d853-4035-992e-4ed0c381661b&vtg=f195355b-d853-4035-992e-4ed0c381661b&dp=%2Fsupport%2Fdisagree-decision&trace_id=b7ab678adab34e83ad7c1f97561fa4fd&cts=2024-04-24T16%3A01%3A37.326Z&hit_id=883f993e-92eb-48fc-9d16-1f88f2fe74e5&ht=pageview&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl505279%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229852824%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=226405316&z=505051676 HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://au.policy-fb.com
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://au.policy-fb.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 24 Apr 2024 16:01:37 GMT
X-Firefox-Spdy: h2
|
|
| csp.secureserver.net/eventbus | 104.110.14.92 | 202 Accepted | 0 B |
URL POST HTTP/1.1csp.secureserver.net/eventbus IP104.110.14.92:443
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerStarfield Technologies, Inc. Subject*.secureserver.net FingerprintB6:20:47:6F:3C:E3:DC:99:70:44:2D:CB:6A:E0:1C:12:A4:A5:A0:5C ValidityTue, 10 Oct 2023 22:44:19 GMT - Sun, 10 Nov 2024 22:44:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /eventbus HTTP/1.1
Host: csp.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://au.policy-fb.com/
Origin: https://au.policy-fb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 0
x-amzn-requestid: c06b2e93-c360-4988-aa3a-0ddd9a2e7f75
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type,authorization
x-amz-apigw-id: WvPzWGhooAMEDlg=
Access-Control-Allow-Methods: OPTIONS,POST
x-amzn-trace-id: Root=1-66292ce1-7ca6a5096ff30d386f1c266c
x-envoy-upstream-service-time: 8
Expires: Wed, 24 Apr 2024 16:01:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 24 Apr 2024 16:01:37 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
|
|
| csp.secureserver.net/eventbus | 104.110.14.92 | 202 Accepted | 0 B |
URL POST HTTP/1.1csp.secureserver.net/eventbus IP104.110.14.92:443
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerStarfield Technologies, Inc. Subject*.secureserver.net FingerprintB6:20:47:6F:3C:E3:DC:99:70:44:2D:CB:6A:E0:1C:12:A4:A5:A0:5C ValidityTue, 10 Oct 2023 22:44:19 GMT - Sun, 10 Nov 2024 22:44:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eventbus HTTP/1.1
Host: csp.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: api-key 8da2217409854bee82e12dc4ca0b39fb
Content-Type: application/json
Content-Length: 1837
Origin: https://au.policy-fb.com
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: 0
x-amzn-requestid: 92f8f2c7-efe4-45a2-9095-d9d165c2b898
Access-Control-Allow-Origin: *
x-amz-apigw-id: WvPzXExUoAMEVJg=
x-amzn-trace-id: Root=1-66292ce2-29fd4ef97c4f0a802e4b843f
x-envoy-upstream-service-time: 101
Expires: Wed, 24 Apr 2024 16:01:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 24 Apr 2024 16:01:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
|
|
| au.policy-fb.com/support/disagree-decision/apple-touch-icon.png | 107.180.114.159 | 200 OK | 3.9 kB |
URL GET HTTP/2au.policy-fb.com/support/disagree-decision/apple-touch-icon.png IP107.180.114.159:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerLet's Encrypt Subjectau.policy-fb.com FingerprintC8:E7:72:51:B5:45:E9:C9:2C:70:2C:B6:59:09:8E:07:B1:BC:B8:D3 ValidityWed, 24 Apr 2024 00:34:42 GMT - Tue, 23 Jul 2024 00:34:41 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3e9533e36b37b665d85d920c8a58283d 7c0b7cd6fa47ca73ee7c7971f84c6728a5db811f 16161eafeb5ffaa11292d6defea260b5ab286329ea801f6e924a8feab65840eb
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
GET /support/disagree-decision/apple-touch-icon.png HTTP/1.1
Host: au.policy-fb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/support/disagree-decision/
Cookie: _tccl_visitor=f195355b-d853-4035-992e-4ed0c381661b; _tccl_visit=f195355b-d853-4035-992e-4ed0c381661b; _scc_session=pc=1&C_TOUCH=2024-04-24T16:01:37.326Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 10:29:58 GMT
etag: "15c0044-f4f-616d526f99580"
accept-ranges: bytes
content-length: 3919
content-type: image/png
date: Wed, 24 Apr 2024 16:01:38 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| au.policy-fb.com/support/disagree-decision/favicon-16x16.png | 107.180.114.159 | 200 OK | 822 B |
URL GET HTTP/2au.policy-fb.com/support/disagree-decision/favicon-16x16.png IP107.180.114.159:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerLet's Encrypt Subjectau.policy-fb.com FingerprintC8:E7:72:51:B5:45:E9:C9:2C:70:2C:B6:59:09:8E:07:B1:BC:B8:D3 ValidityWed, 24 Apr 2024 00:34:42 GMT - Tue, 23 Jul 2024 00:34:41 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashbe9b2c044c6f5e1706f07c040da977e7 ed7227409e617008c554bd89f92d42ce74b2fb2a 95d92c83de08c2a0cd4b4c4c564debf02db09b1bcfc6957e9f63d2344e866bd4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
GET /support/disagree-decision/favicon-16x16.png HTTP/1.1
Host: au.policy-fb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/support/disagree-decision/
Cookie: _tccl_visitor=f195355b-d853-4035-992e-4ed0c381661b; _tccl_visit=f195355b-d853-4035-992e-4ed0c381661b; _scc_session=pc=1&C_TOUCH=2024-04-24T16:01:37.326Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 10:29:58 GMT
etag: "15c0040-336-616d526f99580"
accept-ranges: bytes
content-length: 822
content-type: image/png
date: Wed, 24 Apr 2024 16:01:38 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| csp.secureserver.net/eventbus | 104.110.14.92 | 202 Accepted | 0 B |
URL POST HTTP/1.1csp.secureserver.net/eventbus IP104.110.14.92:443
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerStarfield Technologies, Inc. Subject*.secureserver.net FingerprintB6:20:47:6F:3C:E3:DC:99:70:44:2D:CB:6A:E0:1C:12:A4:A5:A0:5C ValidityTue, 10 Oct 2023 22:44:19 GMT - Sun, 10 Nov 2024 22:44:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /eventbus HTTP/1.1
Host: csp.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://au.policy-fb.com/
Origin: https://au.policy-fb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 0
x-amzn-requestid: fb09e72d-2282-4f61-8def-1e0125db3285
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type,authorization
x-amz-apigw-id: WvPzcGCjoAMEScA=
Access-Control-Allow-Methods: OPTIONS,POST
x-amzn-trace-id: Root=1-66292ce2-54bdeea23bff00de6b076cbf
x-envoy-upstream-service-time: 7
Expires: Wed, 24 Apr 2024 16:01:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 24 Apr 2024 16:01:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
|
|
| csp.secureserver.net/eventbus | 104.110.14.92 | 202 Accepted | 0 B |
URL POST HTTP/1.1csp.secureserver.net/eventbus IP104.110.14.92:443
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerStarfield Technologies, Inc. Subject*.secureserver.net FingerprintB6:20:47:6F:3C:E3:DC:99:70:44:2D:CB:6A:E0:1C:12:A4:A5:A0:5C ValidityTue, 10 Oct 2023 22:44:19 GMT - Sun, 10 Nov 2024 22:44:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eventbus HTTP/1.1
Host: csp.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: api-key b18ef4f046435b64a469b32c3c1c20a3
Content-Type: application/json
Content-Length: 1106
Origin: https://au.policy-fb.com
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: 0
x-amzn-requestid: 740444ce-fb06-440d-805e-ee741fe7cdae
Access-Control-Allow-Origin: *
x-amz-apigw-id: WvPzeEEpoAMEIhg=
x-amzn-trace-id: Root=1-66292ce2-155e0e610723484b38f4cff7
x-envoy-upstream-service-time: 100
Expires: Wed, 24 Apr 2024 16:01:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 24 Apr 2024 16:01:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
|
|
| top.anotherlevel.app/api/activity/shadow | 146.70.81.214 | 200 OK | 2 B |
URL OPTIONS HTTP/1.1top.anotherlevel.app/api/activity/shadow IP146.70.81.214:443
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerLet's Encrypt Subjecttop.anotherlevel.app Fingerprint97:3E:5A:E4:F2:E9:28:A6:4E:FB:25:58:A3:E0:AF:24:9A:6F:EB:61 ValidityFri, 12 Apr 2024 12:56:31 GMT - Thu, 11 Jul 2024 12:56:30 GMT
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /api/activity/shadow HTTP/1.1
Host: top.anotherlevel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://au.policy-fb.com/
Origin: https://au.policy-fb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Wed, 24 Apr 2024 16:01:40 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
vary: Origin
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: https://au.policy-fb.com
access-control-allow-headers: content-type
|
|
| top.anotherlevel.app/api/activity/shadow | 146.70.81.214 | 200 OK | 85 B |
URL OPTIONS HTTP/1.1top.anotherlevel.app/api/activity/shadow IP146.70.81.214:443
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerLet's Encrypt Subjecttop.anotherlevel.app Fingerprint97:3E:5A:E4:F2:E9:28:A6:4E:FB:25:58:A3:E0:AF:24:9A:6F:EB:61 ValidityFri, 12 Apr 2024 12:56:31 GMT - Thu, 11 Jul 2024 12:56:30 GMT
Hash09992d46ca1266fe7a2d1a86e7680954 234ac709243c39d74e48ddc45a6de589336ad724 5bca00413d504d784b3974bb8d78ec197273152c0e4ce073d51250e69e8ee53c
POST /api/activity/shadow HTTP/1.1
Host: top.anotherlevel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 105
Origin: https://au.policy-fb.com
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Wed, 24 Apr 2024 16:01:40 GMT
Content-Type: application/json
Content-Length: 85
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-credentials: true
|
|
| au.policy-fb.com/support/disagree-decision/static/media/fb-ypnhlzaiancpcrxa.b1cfbf0dc49d882cc320.svg | 107.180.114.159 | 200 OK | 1.1 kB |
URL GET HTTP/2au.policy-fb.com/support/disagree-decision/static/media/fb-ypnhlzaiancpcrxa.b1cfbf0dc49d882cc320.svg IP107.180.114.159:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerLet's Encrypt Subjectau.policy-fb.com FingerprintC8:E7:72:51:B5:45:E9:C9:2C:70:2C:B6:59:09:8E:07:B1:BC:B8:D3 ValidityWed, 24 Apr 2024 00:34:42 GMT - Tue, 23 Jul 2024 00:34:41 GMT
File typeSVG Scalable Vector Graphics image Hash665dd80e557128ca83c069e756e8a687 25684ac0c8c748a9c6fdc9cf2b74b1f197ff061b be1a79177f078daadb07a28bed64ce33c1a143fb1e2dc21865482f9b504528e2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
GET /support/disagree-decision/static/media/fb-ypnhlzaiancpcrxa.b1cfbf0dc49d882cc320.svg HTTP/1.1
Host: au.policy-fb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/support/disagree-decision/
Cookie: _tccl_visitor=f195355b-d853-4035-992e-4ed0c381661b; _tccl_visit=f195355b-d853-4035-992e-4ed0c381661b; _scc_session=pc=1&C_TOUCH=2024-04-24T16:01:37.326Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 10:30:10 GMT
etag: "15c005a-9f0-616d527b0b080-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1082
content-type: image/svg+xml
date: Wed, 24 Apr 2024 16:01:40 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| top.anotherlevel.app/api/set_status/null/login | 146.70.81.214 | 200 OK | 36 B |
URL GET HTTP/1.1top.anotherlevel.app/api/set_status/null/login IP146.70.81.214:443
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerLet's Encrypt Subjecttop.anotherlevel.app Fingerprint97:3E:5A:E4:F2:E9:28:A6:4E:FB:25:58:A3:E0:AF:24:9A:6F:EB:61 ValidityFri, 12 Apr 2024 12:56:31 GMT - Thu, 11 Jul 2024 12:56:30 GMT
Hash765920e039936e6a4efcef8bf71b17ee 752c679ee557891cae4eefd593c77913f7372dc2 3a81f99aaef5363691cb6067c2fe3c2b5eea5da386a7f80fcf7eafdd42e90de1
GET /api/set_status/null/login HTTP/1.1
Host: top.anotherlevel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://au.policy-fb.com
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Wed, 24 Apr 2024 16:01:40 GMT
Content-Type: application/json
Content-Length: 36
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-credentials: true
|
|
| top.anotherlevel.app/stealth | 146.70.81.214 | | 0 B |
URL top.anotherlevel.app/stealth IP146.70.81.214:0
CertificateIssuerLet's Encrypt Subjecttop.anotherlevel.app Fingerprint97:3E:5A:E4:F2:E9:28:A6:4E:FB:25:58:A3:E0:AF:24:9A:6F:EB:61 ValidityFri, 12 Apr 2024 12:56:31 GMT - Thu, 11 Jul 2024 12:56:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stealth HTTP/1.1
Host: top.anotherlevel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://au.policy-fb.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8ku8fBeHZKeyBrFTDJznFg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.22.1
Date: Wed, 24 Apr 2024 16:01:41 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QqriUTMgVrJqCVVSu9zyVmgFVnc=
Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=12
|
|
| fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap | 142.250.74.106 | 200 OK | 4.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap IP142.250.74.106:443
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hashf83f4024bfeea095aef570ead4b0bc03 441b04997c122d02b8abb2c038413daff4ed5a71 cd878940b73e4b2b2a3ace16d320e01ccb1a65d0f3134b10e7f970184ed78d09
GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 16:01:37 GMT
date: Wed, 24 Apr 2024 16:01:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ipapi.co/json// | 104.26.8.44 | 200 OK | 9.8 kB |
IP104.26.8.44:443
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerLet's Encrypt Subjectipapi.co FingerprintF4:65:F9:9B:26:CD:26:53:C7:F0:24:4D:F3:3B:E2:8E:8F:8F:60:D7 ValiditySat, 09 Mar 2024 17:29:09 GMT - Fri, 07 Jun 2024 17:29:08 GMT
Hash3ea894357e15788b101c2525a13d7ced e75b69db5ebe486b46035f39fc9c8c4374aec970 1f97c1464ed28eaafaf0cdfe7bff7aa3ede2a10054dbd8c2d3c98fcd3281c035
GET /json// HTTP/1.1
Host: ipapi.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://au.policy-fb.com
DNT: 1
Connection: keep-alive
Referer: https://au.policy-fb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 16:01:41 GMT
content-type: application/json
allow: GET, HEAD, POST, OPTIONS, OPTIONS
x-frame-options: DENY
vary: Host, origin
access-control-allow-origin: https://au.policy-fb.com
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BomZOJq5qKZ8VTNndyLYbtGtGcUH%2BKxoYdUc7uhY%2Fq8PUTVQ4hWwyjY6c9gDJMfRfZRxQpHDXD2s%2Bq2Y4dB3mGj26UlO9AAGRSnozGEXJCM1D%2FOFcwPY3eZ%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879750380f7f7129-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| top.anotherlevel.app/stealth | 146.70.81.214 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1top.anotherlevel.app/stealth IP146.70.81.214:443
Requested byhttps://au.policy-fb.com/support/disagree-decision/ CertificateIssuerLet's Encrypt Subjecttop.anotherlevel.app Fingerprint97:3E:5A:E4:F2:E9:28:A6:4E:FB:25:58:A3:E0:AF:24:9A:6F:EB:61 ValidityFri, 12 Apr 2024 12:56:31 GMT - Thu, 11 Jul 2024 12:56:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stealth HTTP/1.1
Host: top.anotherlevel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://au.policy-fb.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8ku8fBeHZKeyBrFTDJznFg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.22.1
Date: Wed, 24 Apr 2024 16:01:41 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QqriUTMgVrJqCVVSu9zyVmgFVnc=
Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=12
|
|