URL: https://confirmation-75588058950.cf/
Submission: On December 20 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 81 HTTP transactions. The main IP is 200.69.23.153, located in United States and belongs to A2HOSTING, US. The main domain is confirmation-75588058950.cf.
TLS certificate: Issued by R3 on December 20th 2022. Valid for: 3 months.
This is the only time confirmation-75588058950.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
77 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 832
scontent-sin6-1.xx.fbcdn.net — Cisco Umbrella Rank: 25313
751 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
static.facebook.com — Cisco Umbrella Rank: 53793
4 KB
2 confirmation-75588058950.cf
confirmation-75588058950.cf
108 KB
81 3
Domain Requested by
71 static.xx.fbcdn.net confirmation-75588058950.cf
static.xx.fbcdn.net
6 scontent-sin6-1.xx.fbcdn.net confirmation-75588058950.cf
2 confirmation-75588058950.cf static.xx.fbcdn.net
1 static.facebook.com www.facebook.com
1 www.facebook.com confirmation-75588058950.cf
81 5
Subject Issuer Validity Valid
confirmation-75588058950.cf
R3
2022-12-20 -
2023-03-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-09-28 -
2022-12-27
3 months crt.sh

This page contains 2 frames:

Primary Page: https://confirmation-75588058950.cf/
Frame ID: 6C3AF111F96EC4A68E119129DF015F41
Requests: 79 HTTP requests in this frame

Frame: https://www.facebook.com/cms/video/?id=850337606335586&height=360&width=640&loop=0&ext=1668758615&hash=AcpRYlUhidu-SB1CHd8
Frame ID: 5FBDD262382AF8044A93C46BA0D7436E
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Facebook Community Standards | Transparency Centre

Page Statistics

81
Requests

100 %
HTTPS

80 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

863 kB
Transfer

2715 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
confirmation-75588058950.cf/
107 KB
108 KB
Document
General
Full URL
https://confirmation-75588058950.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.69.23.153 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.nagrup.com
Software
Apache /
Resource Hash
3fc5da902d47f8ea9cc1f47500fd6b81fba7dc1bf526f5f89b7b3bb135cf4b53
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Dec 2022 13:18:17 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
u83_ohtCP2r.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/
4 KB
2 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/u83_ohtCP2r.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3872e577132a069aa93bea46deb354aa6a3204d9a86b9fc8ae36b809b948faa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
usdwu9IUiOTsiYMQX4p8iA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1476
x-fb-rlafr
0
x-fb-debug
iJabtqCxT8pNbrJo5x2G4ZSIHPBzJ/8u5p0P7NvYTskNKmb8965Bq42ITP6hR6GiC//rZsSxdboPSa7bO6JXtw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 03:40:22 GMT
yQQ13V5zJWt.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/
3 KB
1 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/yQQ13V5zJWt.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a49d50ccdc5073fc38d911733204f3e191202b0c1d05cbf9005ab351f78b190a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5Gi4aQoc/gq0Znkk9QrMbA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
991
x-fb-rlafr
0
x-fb-debug
ZhKyC9Zr9BLjsqh2OrVcVrwldF3wUtFjGBJ+Fb7kB1ONSdtYZoZgMMbjGnmjn5AEL90d4tp4Lp2AClWyAUwzPw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 16 Dec 2023 13:29:55 GMT
50aJ2vkbF5m.css
static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/
6 KB
2 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/50aJ2vkbF5m.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
259906ac13e20936cbd0efc5afbb4d222f1361be99df8f1b2e2b80e21a9c9ba9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
h9IzvF6Jfg1FLHY6cYLcXA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1693
x-fb-rlafr
0
x-fb-debug
B+1OagkVS3k7UoJBm8VIXHhoFxb94rCgvBWapCAIYyWAmA2vRtZGqxCmKP76XoM6GfLjf1Ekd0lnIHNo59lnCg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 15 Dec 2023 15:16:24 GMT
kheAk8fKFyT.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/
24 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d6d4cac9d72189dd53aba9353b63f69cadcfcb41860fa90c9c72495b7194380
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Es5n5C9FJRw43qvDtiZbwg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5236
x-fb-rlafr
0
x-fb-debug
54/Dag5rv3izBioJo8F8H8CDKg0sbbRdknOCIr1t2r0Jj2XRcqG0XwbFot2XdSPa7nZy566ejwCuJZWUcCme8g==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 18 Dec 2023 16:10:52 GMT
cRyZe_eSwIK.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/
46 KB
9 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/cRyZe_eSwIK.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
007a4a2b26d7e5973fb511f72d2efc04260c2c2c21fcc280cd542883913cfdd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
sNzMRalvbgYAuAFIVigqYA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9445
x-fb-rlafr
0
x-fb-debug
FlAXSZHQWystvTAWsKx35BQYEst/x1rj09IxvhdYVroZSFyxhEgJzW0uMJXINX0tc2dFCkXtMguB2X4w+SvaqQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Dec 2023 16:10:52 GMT
b5ew4tO0URb.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/
15 KB
4 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/b5ew4tO0URb.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2919cc592e82235e95e442e632d36280e2701dce52870484e80072749e3c6435
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dQqar1IVff+2iIAENFAfow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3725
x-fb-rlafr
0
x-fb-debug
R+v1MaUSsb1hna+4T0Vmyjb3BFIyJmd6eQbMwl8iRq85PmDN4X1+NPPyBsiMuE3ZnaBfjof73tGdb0ceKP2Egw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 17 Dec 2023 13:24:51 GMT
RVjsND1HVQk.css
static.xx.fbcdn.net/rsrc.php/v3/yj/l/0,cross/
2 KB
992 B
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/l/0,cross/RVjsND1HVQk.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
61a08e6f0045ee93e87eac6ae7352b9d11257a42bfa104c3ea909354cec613bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cz+n4MAlRBTcj8XZqC484w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
544
x-fb-rlafr
0
x-fb-debug
1H88OtUu8w1L6bcr2TRtrjGOurs0iocPRAHbotNC7CkvTmi0R6JZeEJ7GNInjAWJg4/y8zy9CU+ZJtQG1huO+Q==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 14:28:42 GMT
-FRYHVLhlJu.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/
21 KB
4 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/-FRYHVLhlJu.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e14840a78dbc7516e1108dffee6fc47e4d109973a25cc2a3db148194b916c01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mbeaQ3BlX+aTVedfFKd1Og==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3743
x-fb-rlafr
0
x-fb-debug
YumwagTiEM+FMR5n0sOcYkIwDDs+Md6VYRjPidB+nah7WnfJe4D3HvN+p9jjd16TXGAztoWyJVw+mGW9gImFWA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 16 Dec 2023 19:49:55 GMT
972KKXsxsnm.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/
47 KB
11 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/972KKXsxsnm.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6123e8e6e18d4585d63756dcb47ee2fdc03c59205e5be59b2bc4a5ba72f672dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G1Snmnud1j+M0afztvnpUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10746
x-fb-rlafr
0
x-fb-debug
/AvyuKeZ37jRJhj1qOE1wkqiFDdR4iky0+MbmqjyieT4P326sBGjtWMZ/LC++6Ekyj9c97bU5ihHg8fH4fk09Q==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 18 Dec 2023 04:16:09 GMT
Yu3Cn4f-afF.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/
9 KB
3 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/Yu3Cn4f-afF.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bdfdb5e27c64bbef61c200fd7797a32a5e39e6f5fc81edc94128fd88a825d5fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
B4ITjjadoEi7vADKHK/K3w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2940
x-fb-rlafr
0
x-fb-debug
qJBLCRXceeeH/K4L2wUwi0Yta4Cl+BtogCURigpP2BC+23raeQSgbi1fOu9ODF1oweZ3PXjNR1bOsScslUk7Ww==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 15:46:09 GMT
otcswrbuum7.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/
12 KB
3 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/otcswrbuum7.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d17d5b353de17f11dcbfdd85c71d3cfc8677a7e460d19b0ed1c703ff2dc8599
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
WCwycoBuUeXzU4o2xvR1pA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3248
x-fb-rlafr
0
x-fb-debug
d22a//FLTEfw4kNVPS7lLfoCj0UlVI2FQyn5kuGv8yJt/vZKC3hv+HXKlKaBJDv/e07E7akNGhTAIbDHy7nPCA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 15 Dec 2023 14:28:42 GMT
FjYGyG2hqno.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/
7 KB
2 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/FjYGyG2hqno.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
622a0df1f84f7c3881853cd5eb61509f3a8fe07d0cfe988a4c5f3b7d29e4ed7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ti1wzlpmAWTlJl0L+cG6sQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1944
x-fb-rlafr
0
x-fb-debug
9yEym1lx5ojQQlzZ56MKEKT5QkUkJ5fuqorwd2GEYY8jZVQx6nCNcRNqKxbPGl/VcMrKHmcjttbFS3ZvMXiyoA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Dec 2023 16:10:52 GMT
dXxCfWsLdRu.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/
6 KB
2 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/dXxCfWsLdRu.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
61ae90419dda32a8789908a2c2b3df2161fe53022ae8e6c852ab69fafc15abd5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
F5z+YjeXN0zNsbi6eKWXbw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1677
x-fb-rlafr
0
x-fb-debug
9nGuYzChewYw271mNVz2D84VfFfZNRogC/bZeoEVv4p/514jE/FApV8i1Twk6pObO7fThk9IjldCVIz7co7rIw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 07:49:40 GMT
HagX_PYPHlH.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/
3 KB
859 B
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/HagX_PYPHlH.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e54567185c6d98242effed2d0f12474db0c51154f10b23ee90f010be7110e5e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
aj/PARDbZYNRFEBR3Be2EA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
666
x-fb-rlafr
0
x-fb-debug
tNHi1iyWHhuqOn6HHMUQWaxp4IN0OxwKs9WGGEPU41GYczxX4TjoVskHEgsoCSyqCqI/AYrgyz5bk8JxgkUr/w==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 14 Dec 2023 21:54:05 GMT
S3Rs0hddVm9.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/
333 KB
90 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/S3Rs0hddVm9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe01bc5fa59ad7e33391a42cfb097b6ad99bae873af5fd42ba1ab40629593f9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
u63EuPi49MGSNBtBShgdvw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
91404
x-fb-rlafr
0
x-fb-debug
prSTCmfSkQ8GCaou7lcWaa3PPq0FfH2rt71NjC7BWAsO6zl410AaWxjw6ixpmP4Yo+X2LER0lbupYiWl7UDQtA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 09 Dec 2023 03:47:25 GMT
255484386_291141566250612_3255458060865995134_n.svg
scontent-sin6-1.xx.fbcdn.net/v/t39.2365-6/
21 B
21 B
Image
General
Full URL
https://scontent-sin6-1.xx.fbcdn.net/v/t39.2365-6/255484386_291141566250612_3255458060865995134_n.svg?_nc_cat=1&ccb=1-7&_nc_sid=ad8a9d&_nc_ohc=TJpdS50MjJcAX96Xpma&_nc_ht=scontent-sin6-1.xx&oh=00_AfB51U3rbAWtYlmQL5LDJVqT38kRGcSD_5St65D38ZXaGA&oe=637C9044
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
x-fb-trip-id
548340344
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
proxy-status
http_request_error; e_clientaddr="AcKHyYCpYdSkDhZmGeLLD6Caug2dKt3P_Jlh7Sxb9CAhfEecqKy0P3bMkZK9KkxqHidzKw8vNRsVrN6hRDY5LD5aFMmZUg"; e_fb_vipaddr="AcL-AHUf-HkwyJ6zwTeGkp_PbZqJRcKQb0gGjA-ExXTSavvPoydRsYKQNvbxzAWGv0FNsmVcFecbhQ0762-2hRmrY5wzEr3UYQ"; e_fb_shivip="AcIGgIZ2WEyP0YXZTj6UdyjQ0GttqStcSHIlrkUHfKhjOL2ZBiX0zOFYMpy1Q-YtQCo3lk2uNynE7iGebJf7R5uxti94zBJg5Wk"; e_fb_builduser="AcIlR_GNpJokU8FZYQuhspvPCwGoo7UvVuhgyGRxLc4sIPyO1MYvpVozsCl1HQS7sQw"; e_fb_binaryversion="AcICYv1eUcbyfQ1oYNXxZhwLGPcOROWCsUp85qQ9liHxL1E7UwKZi2H9RMYEG_mThM2P2PrBWOwDbCrdYo0gz3Tc3vh5WSeMaC0"; e_proxy="AcLjI_8U1b-JoBva3hbMK0usGZlJtiOo9h48ALVFYCajHEa9wHQGYZiE2CTiR3mkJTIH71ccKbTClIyj"
n6O8cXiaIZP.svg
static.xx.fbcdn.net/rsrc.php/yB/r/
433 B
418 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/yB/r/n6O8cXiaIZP.svg
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
adc52f1bf2e930abae7b50754df6379f59ae885b7be07483e7a5966955f7edc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Z5Nqy0GTGPyeDfnEQWfMlw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
214
x-fb-rlafr
0
x-fb-debug
dD+dNuCLNaaihLCEc1uilJoYda2HEO2ebWOjIzdqdFFChf21+dquO6JbZPpq79Huok3bh9qdw5BGjfP2q059vw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 01:59:15 GMT
jfwoHaS3i0K.woff2
static.xx.fbcdn.net/rsrc.php/yL/r/
22 KB
22 KB
Font
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/yL/r/jfwoHaS3i0K.woff2
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5151051ce7058cc95f7a2a2348d9c5ed37265a49cc601d1877449eb8b96d3997
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
Origin
https://confirmation-75588058950.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
x-content-type-options
nosniff
content-md5
JnK9qapYgIlUdZtbb3yvlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22860
x-fb-rlafr
0
x-fb-debug
rhWf42+EtiQ4Dam/DhLFGAyooqZnZb/JbtNmmZv4RFT5dNp59kAY3aEjbmSVbFV4KMmJgH7G6hzD9LEBQ6FdsQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=0
expires
Fri, 15 Dec 2023 04:14:21 GMT
G4CvqQXT71s.woff2
static.xx.fbcdn.net/rsrc.php/yJ/r/
22 KB
22 KB
Font
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/yJ/r/G4CvqQXT71s.woff2
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0458fa5b5e1f90f7584b794c7ddbdcfea71d5f33f71911aeec7aa1eb75b243f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
Origin
https://confirmation-75588058950.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
x-content-type-options
nosniff
content-md5
U+0N0FYX3/l8Qon5zxTjVw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22328
x-fb-rlafr
0
x-fb-debug
+ATEdA6aPg9QLQkkKNASi5MRMVhoy7+VXeBTMnIfYSRPfD6WyTTbC86mWv1rstveq9wKwgIqUX6edOXPFbRGvA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 01:39:22 GMT
WF8VhTuShVE.woff2
static.xx.fbcdn.net/rsrc.php/y8/r/
23 KB
23 KB
Font
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/y8/r/WF8VhTuShVE.woff2
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
09ff58fb8643e8203a8b2c3e60d8179921b25ac5b1cbd1c46bd9a53779184c45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
Origin
https://confirmation-75588058950.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
x-content-type-options
nosniff
content-md5
oa8kbg8tXqN8QaRSXvswfA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23488
x-fb-rlafr
0
x-fb-debug
PYA8qfBq+iSaMTEpKVASVKljgLcxKtjvYz+fCh1kry/+Su7NEnsl9NW4W7UTmmDUOkJst1rEV/H6q598PhX1cA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 01:15:25 GMT
vu9QUYy2ngT.woff2
static.xx.fbcdn.net/rsrc.php/yd/r/
22 KB
22 KB
Font
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/yd/r/vu9QUYy2ngT.woff2
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
613329222e6752e356f5eeb3133a1e5fcdf5e46f900ea4880dd7bc602e02a081
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/kheAk8fKFyT.css?_nc_x=Ij3Wp8lg5Kz
Origin
https://confirmation-75588058950.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
x-content-type-options
nosniff
content-md5
A38aM5qiYnf8odmWlxbZKw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22576
x-fb-rlafr
0
x-fb-debug
UPSPRUOv3Z7wrinUdRLjEiJ3US1Li3m+KFawwH7jnB4JrNFLY73E1ssA2g5n3maTc78ogH8tRX8TacTV8QPNXw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Dec 2023 05:57:36 GMT
OPwWf9DfGY-.svg
static.xx.fbcdn.net/rsrc.php/yX/r/
322 B
236 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/yX/r/OPwWf9DfGY-.svg
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5c1382c52b35c90972aa59cce85f9f8317fcb6104846c73e5a4bff694ad01ae4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iCKCwN4daUuXDx1dLMuNUA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
180
x-fb-rlafr
0
x-fb-debug
KN1WRS1s2klpx4vl3XvtRxo9pVTjabqRbRaM5RhNImtn7m1AhwdyCA6GoncugFeF8AvI4BFHA/rjQB4KAh9u1A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Dec 2023 07:00:56 GMT
6YirsaXqsap.woff2
static.xx.fbcdn.net/rsrc.php/y2/r/
22 KB
22 KB
Font
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/y2/r/6YirsaXqsap.woff2
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/HagX_PYPHlH.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
613329222e6752e356f5eeb3133a1e5fcdf5e46f900ea4880dd7bc602e02a081
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/HagX_PYPHlH.css?_nc_x=Ij3Wp8lg5Kz
Origin
https://confirmation-75588058950.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
x-content-type-options
nosniff
content-md5
A38aM5qiYnf8odmWlxbZKw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22576
x-fb-rlafr
0
x-fb-debug
7YgeD78KL87IVCeneuY8aQhnuVM2iidwR4asvNAfWukPruH0N6sKFvd72zSGzNQCQ9MoAcj7U6c2DPWJdXfY5g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=0
expires
Fri, 08 Dec 2023 03:32:55 GMT
/
www.facebook.com/cms/video/ Frame 5FBD
2 KB
3 KB
Document
General
Full URL
https://www.facebook.com/cms/video/?id=850337606335586&height=360&width=640&loop=0&ext=1668758615&hash=AcpRYlUhidu-SB1CHd8
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b3a75ae46ceffc8bcc5a358796f08abf7d5097c66caeaa2f856a43abca17b5e
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://confirmation-75588058950.cf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-length
743
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Tue, 20 Dec 2022 13:18:19 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
m0C9TN3Pk966N8k7lnxSAozZFxTnEa4FaASHwqbNLLMu2ADLqpIwj4YjASPma2mqLtsMf/KHGU+omRw/6uM1qA==
x-fb-rlafr
0
x-xss-protection
0
136893606_849918935579882_213472362566516880_n.jpg
scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/
21 B
21 B
Image
General
Full URL
https://scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/136893606_849918935579882_213472362566516880_n.jpg?_nc_cat=1&ccb=1-7&_nc_sid=6825c5&_nc_ohc=2p_-dstwwYYAX_hlugv&_nc_ht=scontent-sin6-1.xx&oh=00_AfC_Fewh3NTmJ3KP0FCWQUh0agvb7ACxqqGEKdegTZ7Zwg&oe=637C398F
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
x-fb-trip-id
548340344
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
proxy-status
http_request_error; e_clientaddr="AcJyT0NQfepjVKkj4iHzBPFEk1CZ-8E8Okxo6dSirS02nUXkcpSYc8e42gfNYriOFa6OdTsOA0nuexBjlg6JMoIau_ZXyA"; e_fb_vipaddr="AcKG_N_hhMSc615myOXx1SZwC2Xb2REdU9w5XBmKHmorCcUKEzeoFo-WBlZIyCuSSFKJsQC_WooQbp-cKOr2-prejgizv5nrQA"; e_fb_shivip="AcLdPstmf4csrr5SCl87dMKwf7nd3WGt1O0_4-OXuTN933xQiCU3heYscRn0pfiwyZxe5Nh3GtE2P7Fks9e7bJe-Cqm6b5spqvQ"; e_fb_builduser="AcI0RHic6LUh-mV8CfnNJtdrOnaDRrM_lVcZsb7sJ-3XR467D6ejpF1p5yoWg9imXCE"; e_fb_binaryversion="AcIxpiCdzkiH9U96sQOLNF3FxXQDMBFyJZxdLCTwu31RQk10VCT2AgN6UzxQ2o6FOZS9uCvfSa7EZ63eQfkMjoD1SYE9jUHvUHA"; e_proxy="AcJaFfgaQyKGbx03L2hMWYc6mQxC_VQH6ZyYRugaJVQVsraSFaZzDgUylNx_jDcB13CtUZWnUjvrhUEj"
137256059_2800543870233431_455035967167740410_n.jpg
scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/
21 B
21 B
Image
General
Full URL
https://scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/137256059_2800543870233431_455035967167740410_n.jpg?_nc_cat=1&ccb=1-7&_nc_sid=6825c5&_nc_ohc=RXr5OofV5AsAX8dvxL5&_nc_ht=scontent-sin6-1.xx&oh=00_AfB-vzg57MCVJJiYTwQwVEbm5WbEGc169yHiomfF61xJKw&oe=637C30FE
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
x-fb-trip-id
548340344
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
proxy-status
http_request_error; e_clientaddr="AcL9n2quHtCwAqIlwssiiKqvZWmwnucB-vKqmfXDgpKwfJWtmBnritsrgS-7NNPa0sDUF7AOrBdu2Ga0Vw5AyDZnqejEKg"; e_fb_vipaddr="AcLMZ2iw4AqeOpt-2FnfczeGOQGOYBd2M4vZnBbl4xgPx1hFcEtH1GACpzUT13EnHh8VGDzIYGhiHfJ5OzINJsxwJLNqQK8JdA"; e_fb_shivip="AcLlEueKI0AqeNe1WV_VWFjCfuWCW46QVjMObnu7Qz9gXSgUZaVzYbFS_r9sHX1m5Snx528pDE2AwVQusr4XfOAwCOCJ_03KDo0"; e_fb_builduser="AcLEIxW7AidMpFDITZpsHwsL2FanvNNYNFaaOITWpLWu6YSNedPMLW2TDUSXos-a704"; e_fb_binaryversion="AcIz-DPF2mVkQ3lNudYlXQ6HnZiS-OQj2V9Gabm8kwke5qT0nlIysxtsz3xPUuZDTjiRT1aci3MMRQNRvwL2bcDRDZZAWUyKiXo"; e_proxy="AcKoR8N-qaviJwvd8KlGUV_x-GGBr_IEiMFbnQLplxZ8qZpyYzmTKX0QcwDcqJ18dYX2gvJE4rbqIM-d"
137145103_308994903869841_4708570808613729754_n.jpg
scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/
21 B
21 B
Image
General
Full URL
https://scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/137145103_308994903869841_4708570808613729754_n.jpg?_nc_cat=1&ccb=1-7&_nc_sid=6825c5&_nc_ohc=KX6AGTZzs6AAX9aK7MM&_nc_ht=scontent-sin6-1.xx&oh=00_AfCOZW_CrbxtT9gvuEEl47vqWfilJ2R83JBkFiB_mHo_SA&oe=637C5ACC
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
x-fb-trip-id
548340344
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
proxy-status
http_request_error; e_clientaddr="AcJe-776bp2pb8l2TovXYYjyB808playt9GPT_Jz-PijCIGlz7TCxxsM47hWERqOUgG0m-EgHppP-S7MOmBBt4Doc6HfSA"; e_fb_vipaddr="AcKfT44diuseCbK1LoxtVnTwY8oOHu3INLoEncFOEDG1eUg67bJdPtbjwzhY44qBW2HLodGOf9inH0Qu-Zbfkbv4S8b-Da7KMA"; e_fb_shivip="AcL8kDXQxQW6r3bbLoJT8004VF4XLAqx3cyhE4bRboVh0qTNGS0aXWPGwwNzju24yk3XpzGYMmmK0DLFVte6u_sOUrWqvBnU3Io"; e_fb_builduser="AcL6RqdeVzxIkKsUSQxsVUdiSMSVGNO-Ti8WoZ37KLipPD-AWZICV8oJf_fm-mf3B6w"; e_fb_binaryversion="AcJvK-8VoDfY6mClMTPqQLbzbRy7khesJxlIqWdMYtQt4BTrqkAI5F2yE2kPOrKtNf4i-_4n6ydKCFlgYg-hCU9LB2_qyJYDntw"; e_proxy="AcLGJRtplISB9VbBT8L4wgrqC9tj6-frkWPx0Irwop5xOdcz9KN-cC_D0TOt7SOYXdUv7AuTfyjZ7OhP"
137151366_203760844736656_1882032595123025998_n.jpg
scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/
21 B
21 B
Image
General
Full URL
https://scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/137151366_203760844736656_1882032595123025998_n.jpg?_nc_cat=1&ccb=1-7&_nc_sid=6825c5&_nc_ohc=lzxsu1wyKf0AX9Hvzwu&_nc_ht=scontent-sin6-1.xx&oh=00_AfC-_l7Sdq4eYji6I7eM1UluHHfyw87zTvkA9FzPMYWkIg&oe=637D15CB
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
x-fb-trip-id
548340344
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
proxy-status
http_request_error; e_clientaddr="AcKXL9nAFoPQjT4nR83iZrTGBFmxozIvoSRT7VkLBb8asq49Dbh0RH2m34CoFKeV13TltgaION6QIIZ6S8Q1c0meoQR7RA"; e_fb_vipaddr="AcKXYddrUjzaAn6IXCnJJWBA2Ku5COeGjlW2c7PjG1OfCiyTJ3xPuGur4PrHVYGdY0_oHtXmqNcTmifjnPLycwItw3T9Gmbcnw"; e_fb_shivip="AcJKl4tZ0bTw0Za8AcNXuq7lGMdxucumerkAStilShcOHDfS2vjIlP6K_PfuF8i8Pq__YV9yCyv5K2rupPpcej9D01BDRc1FQcM"; e_fb_builduser="AcKR3UxclQRGAVgoqZCBL7oIht4FUvNIb8Ulp0QO4kQeTOWf9XSdMSCurYlwv5l7BFc"; e_fb_binaryversion="AcJYwAlRf7RQDC3ZqYUVJaHIsfxOK1VyNfz5_BTErEuTFbI5sJ_1ByW-bB07nWG6Iy8qNdi7IlfGt6NhBHb7fufS22Azmim0cjs"; e_proxy="AcIQfHmsuG7MheINfK6GNxWByC9bUlAX723wqaW40388lGk4opgfwwjExDT9leQ_qwEWhtDJBs9X0G2A"
255377001_4621720147908828_3636063384019207836_n.svg
scontent-sin6-1.xx.fbcdn.net/v/t39.2365-6/
21 B
21 B
Image
General
Full URL
https://scontent-sin6-1.xx.fbcdn.net/v/t39.2365-6/255377001_4621720147908828_3636063384019207836_n.svg?_nc_cat=1&ccb=1-7&_nc_sid=ad8a9d&_nc_ohc=GBwWVkRledYAX-rPyvZ&_nc_ht=scontent-sin6-1.xx&oh=00_AfAzmhJ_X8-nV14hD1ua7Op00c_rM6AhHVWpCIMoL3_6tw&oe=637C7AAE
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
x-fb-trip-id
548340344
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
proxy-status
http_request_error; e_clientaddr="AcI82d_oNrYDx06gJ-UjxukrdP4eRgFsD5bMRZMhZ_ogfJD5GuZlGsFO50UBScxHJOl8Czpj0Zxiyo5QCEp_UjMmkNK5og"; e_fb_vipaddr="AcJZmEwXNLQT8oXjieO8eJ0D47CVkVKbHWqqFq3TOc-KQqcqYk1MR0K60SUfa3ibqSgTc5UDC1G-StvhOuEczfS9BlBOuvPZSQ"; e_fb_shivip="AcLaBS_RY5YW9vgLWguI1CpkD2woY2TM6d6x2APs3bA7TEgaHVINMstY0BcCMijIOT_1wkIqGWm3ivLTRqlaHAH7qNvJO0izbWo"; e_fb_builduser="AcK_zIQcoN4yODxYzQBO7_s5Op6l4SPVa_0rsBENLA1Tk4n1h1kzCUT8aH2TtncGhbo"; e_fb_binaryversion="AcJvyxHzd7JoSmtmvmiN3iXHic-auGnNGHK5MtDznY9abOPm6pp8BScpB5PFTwOS854sEZn-aHRggW4jOw5_YBn345ZFebDxx_I"; e_proxy="AcL6tavloe2wCJrszNRB0-Hmurfl9f9LZiBYzJYF1Tp51th4rp_68NtVdTrm43I0HPZh1Dun39Q7LQ5O"
facebook_2x.png
static.facebook.com/images/logos/ Frame 5FBD
457 B
909 B
Image
General
Full URL
https://static.facebook.com/images/logos/facebook_2x.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/cms/video/?id=850337606335586&height=360&width=640&loop=0&ext=1668758615&hash=AcpRYlUhidu-SB1CHd8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
356de5a8c31ac5a5988272e5b94f7c36cf51a1fce5e33cbb76763f088c3a0013
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 20 Dec 2022 13:18:19 GMT
x-content-type-options
nosniff
content-md5
AL2DA4BcYPp2pydM/hpDKg==
document-policy
force-load-at-top
edge-control
cache-maxage=86400s
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
457
x-fb-rlafr
0
x-fb-debug
NJnVI1svjy4Hj6tShcyGyy+qsV3WqEiO62qrZbWSlDnn7e55ILpWVPdVGtLpY7zzewQRVwUaltMyQMr04RvpKQ==
cross-origin-opener-policy
same-origin-allow-popups
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=86400
timing-allow-origin
*
priority
u=3,i
expires
Wed, 21 Dec 2022 13:18:19 GMT
vfvPd8gFF1R.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/
88 KB
26 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/vfvPd8gFF1R.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a5208daac4385fc4a4794ac3e6825644a765a3bbad76747d5c2ed6135b886bfc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tFi/sXeh0aCVv0nQqsCXMA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27045
x-fb-rlafr
0
x-fb-debug
++pFAjN/HilyY16zGJJvhIox5Qy3WlftJ+XsbsxedZH3YcVRgACcxMdVgUKbBU7mb8JbDOxFeiFeNb1G/vlLfA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Dec 2023 06:35:26 GMT
f0S5lmbYhnW.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/
40 KB
12 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/f0S5lmbYhnW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
89c5763b1ac4aa57dda08f58469e8db8dec8c04bbae64aa2004e681ce771091c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
I51Rk58l1pgWPJKoUOeRTg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12263
x-fb-rlafr
0
x-fb-debug
aLRPiuKAaMEYfYF9g+49rSMy6aEHgQViCli7VNkUI+sjTsWiOR9U0lxhr7nw3DJTAN6hV4e4nhPy7s9WHk6NlQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 11:33:30 GMT
nI-5UMN6lXD.js
static.xx.fbcdn.net/rsrc.php/v3irXO4/yk/l/en_GB/
15 KB
5 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irXO4/yk/l/en_GB/nI-5UMN6lXD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
15e4e7078c9e85f7005ab1655592c3aff140895a91ab843dfdb681c97f72c071
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
psaHaFY12wVNARk88Au8ew==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4618
x-fb-rlafr
0
x-fb-debug
K4KoWL83sQWp2YDqN693RGZ0PD2ZNAC+7HGQmD87eDa+0CCqm4mHNDxzD/J2m4TMXsrr0cTFWTj9TaLXP3Dx0g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Dec 2023 16:10:53 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/
507 B
347 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
Snc+8KfrKVkb9H/XXqi/mdcxVLXOxRDIRPQO8+xnO0fhwAxYKqp+Obg77a14nDviBgk9YofE8TXDeaVUSYpnvg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 14:07:58 GMT
CuBpSLsR6_K.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/
7 KB
3 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/CuBpSLsR6_K.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
639a591af3f5f0cf5fee1dc796a42e8e7aeb813814ba5273b9f0c4d26588d301
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
k7OhvN3TXpPZYyK/Jm3CfQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2537
x-fb-rlafr
0
x-fb-debug
C6G6yMyHnxJUd6IFWftdjm+qDIGprv0jksq8eItc8TCLdQoUf4t++yL1AaRL4tMlbDTFcGPSHHE2KQpPcO70Jg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 14 Dec 2023 23:52:31 GMT
rBB-U5ySzo9.js
static.xx.fbcdn.net/rsrc.php/v3/yL/r/
10 KB
4 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/rBB-U5ySzo9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a5c007fdaca29d2d670427522d290a085cbc42bdac548e64a7ab4e03c9bda67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ixtX+zvLfU7zLs6dACXUVg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3712
x-fb-rlafr
0
x-fb-debug
s0uDgr6ZRkse8PYpXnppD3LptlsfBxKpl4vfgOD+Y4Q8itlSkrgcdJ3LEs660Tb1H/DK2yd4bJhAvWoUbat9SA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 19 Dec 2023 20:42:28 GMT
B-9yBF3-E1L.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/
2 KB
953 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/B-9yBF3-E1L.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6b508237d74dc1b04eeca11b9f4afedeb5d19f0806561ab3342b0bf2855d6a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AFR6xJMl5+B668C/iRcVMw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
899
x-fb-rlafr
0
x-fb-debug
Q+ONoao2mFrPAHie/FiT0CCiXpBXsa0CgGDD+OgT+HAqF5kkNU03Fyn/NLR9uCUA/qAIVK4w7891TneN+NCwUA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 18 Dec 2023 16:17:12 GMT
EKwmV8fAj1M.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/
5 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/EKwmV8fAj1M.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a73dc7536509127760d351d9369088e2aedb8faa2bb85aec2ae0c2d26d379516
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fQGdyp2MDPnDDNBUzppSzg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1763
x-fb-rlafr
0
x-fb-debug
qNgmJXS5RDZRJpVS/IVGhWitEL02nSSxiWkPl7p3ghpZ5qVlTCFpiK5cQywbIyFNh2LqLgG/ECOsBq7xwWlydQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 05:01:20 GMT
qJItWn24Qd9.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/
4 KB
1 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/qJItWn24Qd9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a1a74914205aad868866a96e483808ce5392ab4cf90215d1058f5dd738be7978
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8EklHuS08uayriyiLtD+kA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1348
x-fb-rlafr
0
x-fb-debug
Bn/hCNfJJuqa3NegRhot8Fm/Bq+t9s88q1Qk9xzJgZltdtYscfFe+EXvllEgEvTj2zdAJD0VYsif49gSb3FTfA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 15:16:26 GMT
yg8-qUkdcz_.js
static.xx.fbcdn.net/rsrc.php/v3itDX4/yQ/l/en_GB/
34 KB
10 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3itDX4/yQ/l/en_GB/yg8-qUkdcz_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e45e61b699cdfab87fe71dc9324c5c254150c15e5ceeb3ed1ad6baea643f713
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xi7BgkVBROLNQIapfv+SrA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10119
x-fb-rlafr
0
x-fb-debug
5nZ1+5gbQdzvEwXRSUuOG8Y674bFPlud9rmjjfNGbPTONOsk2xIAp4a4ivS4aqyWeavvxkF37MFBU67a5mwRZg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Dec 2023 16:10:54 GMT
tmLQUjI8ULx.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/
47 KB
13 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/tmLQUjI8ULx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7518899318112c5bbd1cf937c5d3e02bc88c95a84578676ecdeda73864929c9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lqQqRLvArSidpxFzAcWPTg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13384
x-fb-rlafr
0
x-fb-debug
ZU2KAdg9FCvAoWhH+s4iMurUiNoylvkCnPYKEUF+3JIz1x3hy3b4BIKIjkUiOpIYbO6movuB/iHRPEXr/xMttg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 18 Dec 2023 16:17:12 GMT
PdPo7l7_b_0.js
static.xx.fbcdn.net/rsrc.php/v3iFe24/yG/l/en_GB/
14 KB
5 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iFe24/yG/l/en_GB/PdPo7l7_b_0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dbe170094b3a98d6dd0ef229d2b84e07e95f888eaaece57a8a9185da43f6e44c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mr7Q/+fRY1xo28mSAJE0gw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4638
x-fb-rlafr
0
x-fb-debug
wNwwoe4fmjom7aojhcYDTKMsT/XZCt7jb6O863rP7pYVWQVo05FlHUL6lU4B7R2nQEa9TJt2CHL6+zSV9CyB/g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 15 Dec 2023 22:03:51 GMT
yhT7a4ryY6x.js
static.xx.fbcdn.net/rsrc.php/v3i4lr4/yf/l/en_GB/
66 KB
17 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i4lr4/yf/l/en_GB/yhT7a4ryY6x.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec57b7f042e06dfdbdd35dcf46fe0c296d4fc3507b64f0b1b2d638d8c932f00c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ha8IVFGVCkw7m5VEAgLdyw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17670
x-fb-rlafr
0
x-fb-debug
9yq7MZtjSFoSXAXNdNzaFvjv63XRyiVQqTtxxA7HGhwPTfsd/OnvLzwX4U+Bb63IQIC+cj+ICe2e7Dq3S2iQ8g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 02:06:30 GMT
KRMQ9v3OjOs.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/
3 KB
1 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/KRMQ9v3OjOs.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
403fecb3e12942cb8391ec4afb73be18b66a6a48138f7f9047bb6fd4ecf61fc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3iXt5zdG62WM8MnVOYHWbw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1167
x-fb-rlafr
0
x-fb-debug
q3ykLpt9dco1VpPp2S5Lc6UBBLRUd5mD/oIOqexTx66sUJlMpeT26WvexsUR70xU9Y6wnqRPWqARau22jj6s/Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 18 Dec 2023 16:10:54 GMT
ZCCjRy_ZSY0.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/
474 KB
110 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/ZCCjRy_ZSY0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e365c1e398e190faa4baa0deebf1ea18277dbd3475387c0ca331c37c6133f97d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3goM+uOpgXKV8Mbo6FM89g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
112813
x-fb-rlafr
0
x-fb-debug
ErS3+1oo3INlmrH6RREuYaueRkLQorno6P7DWhibGnf49UU7DvyE3IQcgN2PDyExLU2H8wIhnkIO7ilACPcNjg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 16 Dec 2023 00:31:06 GMT
d1w_cnH711Z.js
static.xx.fbcdn.net/rsrc.php/v3ij9m4/yx/l/en_GB/
60 KB
15 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yx/l/en_GB/d1w_cnH711Z.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3f4113b63eb8febc7a1d6c98491604578622b91909d2b0b364091bdec1c578f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
16Cz4aU8x8FgX6CfqYbZcg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15460
x-fb-rlafr
0
x-fb-debug
EuEARJ2ayl0vaNeb+sPH6WUGWraW6EKoRl1p6RMmgx0i37pigMt8cgkTtTXD+efkPXZKVATBe8I9WYs4HlQshA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 18 Dec 2023 16:17:12 GMT
n40-MU9cuyK.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/
68 KB
15 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/n40-MU9cuyK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f4bd8ac5374fb6c36afbb423fc8920b33e47fe86870fb2165b2bf24e59a54476
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SJ6qFZW6cwbrAqxdeYy1qg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15544
x-fb-rlafr
0
x-fb-debug
eqOwWtk/znWSdZhiL8kPoUTih5BZFpcEMrxDwRrJLXOFJ/vySFGLLUbIsW9vzx2K/W/A0ETjOyXk48oPKSZnSA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Dec 2023 16:10:55 GMT
dGi083kjC_x.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/
17 KB
6 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/dGi083kjC_x.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bcb29087fc3b1d251047ae218ec03d1e0c5dbcc1f6fd3f73bf07f837d9202cbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TJIkmKtWvfOfvf2r6gvRkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5615
x-fb-rlafr
0
x-fb-debug
EhQtZ+Ly3lM3dCx7J6xD3vvVw0TI8xQNGRC9GqQBS/VUEx8mOIGhnVjUDAxVnD1cRvUMedbZFmFnLC747eJEFg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 15 Dec 2023 03:03:34 GMT
3Y6LtkySzSJ.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/
36 KB
7 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/3Y6LtkySzSJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
065ebbce14b9464ad5ff99996f839641e8ac03ecb1d41ac6814bad85c1279d4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SFEZ/YxArfuNHM1eNXqszw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7091
x-fb-rlafr
0
x-fb-debug
aUBo8xuc5NHCDFw20ZCLm5H9qoTRGicCczca8TbNTDVjdCW/PK9DzWhE1Y/J/Mgr2TdRPOk2D/WNFEnsjRAY8g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 15 Dec 2023 17:21:03 GMT
lYejkzyV906.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/
723 B
444 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/lYejkzyV906.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
naOE1m8tmTZ0fVAYNsTRiA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
387
x-fb-rlafr
0
x-fb-debug
ZCZ6VHvlSa5dY+9RtHK2SrT26ZELE8COvZahjzhjCklF9kSiA0vmxo7+l7Ea5xF7ldBo1JtpSGe27hBUssCVKQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 00:08:58 GMT
EIcLNQSrYL8.js
static.xx.fbcdn.net/rsrc.php/v3/y1/r/
7 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/EIcLNQSrYL8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
40bea06fb41ddfde4364bad6f26fd5bd0c932fc0389eaa0765a16062c72e9570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2w5l2HGIvvJCDvOVJe77qw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1971
x-fb-rlafr
0
x-fb-debug
E1Bc//Q/WORl9NhLTg4pyiLkKkTIseMpjh84G7Rpgt4l+D4D/I75A7eAgRQsyXk1pEyb3jR22MynvmbViPXiAw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 11:33:30 GMT
4dqjKJRLoJ0.js
static.xx.fbcdn.net/rsrc.php/v3/yN/r/
44 KB
11 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/4dqjKJRLoJ0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8ef9d5103b676a6d6c623e6211e9baea020d1e49d1fcf91a0607a3791d490627
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YtWPGXxf5cBNQg3t+J7EXw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11400
x-fb-rlafr
0
x-fb-debug
Ad+KtSu9YpKJykiBcqwVIwrkVELs3g7SgDr0icFNv4VEnZ6ZSWbW3gO6bAY2C7UlOrMpBX0SbvW8ajKKSOzxmg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 04:20:10 GMT
LiuC7Wr9P-I.js
static.xx.fbcdn.net/rsrc.php/v3iH_P4/y4/l/en_GB/
37 KB
11 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iH_P4/y4/l/en_GB/LiuC7Wr9P-I.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e97f603789794c44ae4f0632c04124e63a7e4346b40bc10d4e0922667860f57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cbX2g/1ba4IXyL6xUpZ2nw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11293
x-fb-rlafr
0
x-fb-debug
X8ijPB/Db1z2Q/+e7+FjdjVDsspxZv/JkH/2/XZQxA7tD9BDdWSjPhpgXWK/UHSbcolJ/tKtX6SWioLshvgk3g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 11 Dec 2023 04:16:06 GMT
yW5JmiukRKO.js
static.xx.fbcdn.net/rsrc.php/v3ikpZ4/yk/l/en_GB/
39 KB
10 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ikpZ4/yk/l/en_GB/yW5JmiukRKO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44a01e08c121b49232f05115f9346159c72c242c720e5875fa314c228b202ed0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5bTwN5729lofAk97oSrNAQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10574
x-fb-rlafr
0
x-fb-debug
wLh9mOccg4TYFrJ/DJgfrZNGcNfOGcku44sgpuWviAzL1hsS+ZkEDkmOunjbat/3wZwP7DB/4KaJAHt+eSxdHg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 14 Dec 2023 23:32:34 GMT
qydxwu9W1_3.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/
9 KB
3 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/qydxwu9W1_3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
edc1689a0e5faa8469f895287788aa7f31fe7e9d12f6ec75bb5b7e1b0baeda7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KCIqyKVTLaG+/3nihDNXhg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2783
x-fb-rlafr
0
x-fb-debug
Zjw2dql/hEfpNFcKttuSRSZaRjE5FF01Zs4ueGLSBUmt2dSXnEnv1h44HL+iK1cKYZ4zvBoB0N5TreUOlMSLow==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 16 Dec 2023 15:23:53 GMT
9XzMnxbnxB9.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/
21 KB
7 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/9XzMnxbnxB9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
104e323d4e5e0b54da70fd64bd91f20884aec70d18980ab3819000c37f43d462
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TZFvl9UPRczJ9HfX36AA6g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7017
x-fb-rlafr
0
x-fb-debug
bcOJ0wVxcu5XRkLkUWMboNT/wMrjP77GIJV7iMTi6NJznuaj/w64T8MtDWJXNkKbNvIyFXjer98HFCQfQkVeyw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 18 Dec 2023 16:10:55 GMT
Xk-jgLj7X0I.js
static.xx.fbcdn.net/rsrc.php/v3imlR4/yd/l/en_GB/
52 KB
13 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3imlR4/yd/l/en_GB/Xk-jgLj7X0I.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39cc9e72c90111e0ae9945aff73a82ee89a9d84bf22dbfdf884cfb846c69c5d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
n5EPF6bloglvieM6JK5tiQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13144
x-fb-rlafr
0
x-fb-debug
smUWzGTt35zG/Y3rUVbdgaIWIIiUZ5Sga8z5rCNwWMTzORfQHI1cKjpqxX2WfxMqSaoB8JObXNdRbjL2PaN1ig==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 22:03:51 GMT
kBhuHt_K_1F.js
static.xx.fbcdn.net/rsrc.php/v3iugo4/yz/l/en_GB/
44 KB
11 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iugo4/yz/l/en_GB/kBhuHt_K_1F.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6f4fde0509c5ac0086d02cbcd56db900a82166e5df0c9ce907fe774c5f8b31f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kR7M6nfuXKnDy10WunVhFA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11466
x-fb-rlafr
0
x-fb-debug
aL/2yxajPixFrB5IjR/pJsmjL7qCsLkO7yyLZx4bldwDokPlVVStZ8d8rgqr1otr/oSy5dJhQkqBVLAns3ZvPw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 15 Dec 2023 16:01:06 GMT
v3KFIamVEi-.js
static.xx.fbcdn.net/rsrc.php/v3/y3/r/
11 KB
4 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/v3KFIamVEi-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a33ef38a81df61999d3f6f806c705dabdbf24a3220a011c8e76886f41473bc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
BQsuyZMTCIyOKIpwMBZTcQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3899
x-fb-rlafr
0
x-fb-debug
65rRcyVKKZhVGuLKj9GFEaz3W+vV25PgmyfL0PwYgt92DokEJ6/4H/CAOcjDekc5q/bt81gfvm9geSJH535yoA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 22:03:51 GMT
biXfH6vBnfx.js
static.xx.fbcdn.net/rsrc.php/v3/yE/r/
12 KB
4 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/biXfH6vBnfx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b59cf3b76712f11c87bd1f4e31dff6def617344ec186c514255a65591c77831
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
1e5EBhA4svYmbNJV9tqpFw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3904
x-fb-rlafr
0
x-fb-debug
x+lQYdk1EqqT7qDyJOZAnb6Kdr8cGgl5bGNG4enS0dX/rSvQpKx6de6B61lXSrfDbBvJqPXDz+4t/4qLheYOhg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 18 Dec 2023 16:10:55 GMT
rrJJYdL63V6.js
static.xx.fbcdn.net/rsrc.php/v3i2Bb4/yC/l/en_GB/
222 KB
43 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i2Bb4/yC/l/en_GB/rrJJYdL63V6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e6a54c42931a2ff0bbeacda13bf88e90dc1da1e4f85770adbb7952cda9775117
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YYhEalm2RyDrMLJqnkT4mw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
44449
x-fb-rlafr
0
x-fb-debug
L7rCgBiom2B15u/Rvl/2g9f0MTVkKd9DdoSQaM9136G0a4lziVrDnT4BhB8IEjxx7eKosyjmaxO1ekzO3BS63w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Dec 2023 16:10:55 GMT
x4Eyp9nQ1uk.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/
4 KB
1 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/x4Eyp9nQ1uk.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e089904ffc32f8714ec2006e67b7a2579a15060e288c10e61087c18a8dbebe7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uNWAZcqkpff5Tf+YX4z9jg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1197
x-fb-rlafr
0
x-fb-debug
HW509fHyiiOnFHLnfh9+9dJD9Oa+hwLgZ1yhKaX6hJG6UQX5n44St2atbw2t97eQRQCpWXwbG+nvKflccjsg2w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 15 Dec 2023 15:18:03 GMT
sczXDyPA0UL.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/
435 B
302 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/sczXDyPA0UL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cbe8e912060b0300cd170d38bb42cfe769d53c26d03efa5ebd7f1e2a10ad2a80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
deEYtMH8qV1Puux5Kpgb0Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
239
x-fb-rlafr
0
x-fb-debug
1wUa5GG+3i35qbRDUplFPtT+Ld6NiSezeUecuM9tz9KLk/UJqrMELRyEKhkzQPaB5xY8paP/snXguKIs0fQRbg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 15:10:52 GMT
Xhw3zNMQ6xI.js
static.xx.fbcdn.net/rsrc.php/v3/yb/r/
179 B
238 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/Xhw3zNMQ6xI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dbf1a97c9ffe07e0755fbc5fefa34cbc01d1b4623bd4ad00f5323eebfb49617a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
x-content-type-options
nosniff
content-md5
NdDiCtFBNEOTlOdvhbo90w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
179
x-fb-rlafr
0
x-fb-debug
SrAkQIWWCRFx5iXQ14S5GRtgFL/iFBV41UPQw/IGoYDEODN4kwjUFd+pzPCDmm8WrW+rLIEe/RMIWtvFsW8V6Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 08 Dec 2023 07:00:58 GMT
HpYTbZSPuh3.js
static.xx.fbcdn.net/rsrc.php/v3iNig4/y4/l/en_GB/
8 KB
3 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iNig4/y4/l/en_GB/HpYTbZSPuh3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c47b7684b61251943e3b8aae5c764c72f50265d5097eea5bf3009f0ba8128ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Eh3I4R2m+3vmKjQuLRf0og==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2575
x-fb-rlafr
0
x-fb-debug
liBMmikj2guj+UsfY38HFsJR/ONVHY4vPoqq3zck9WL5Gpel9zzdipshDC+ZZI+yB7nbWId5LlUfIIU32pRofA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 14 Dec 2023 07:56:12 GMT
HcGO15D5iae.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/
8 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/HcGO15D5iae.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ff755645a3d11b3ebdaf2df71fa8c9d299d5cee2c67c5db5332566127b1fff5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
EzIB8V1rvxwL44iFMaXarg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2245
x-fb-rlafr
0
x-fb-debug
7GItpXEMqoWVELjpIiJy2qKBOfTBhI4xLzrz7cHZeCGGshjt65H4bVw+v4Dy43go2ou4uyM3pvniPdeCw4Qdrg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Dec 2023 16:17:12 GMT
6BI_l0ABI6c.js
static.xx.fbcdn.net/rsrc.php/v3iFVC4/ym/l/en_GB/
110 KB
17 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iFVC4/ym/l/en_GB/6BI_l0ABI6c.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
08ced88403f2c9a060168501e129e5d6704d9a81a9427c0847375a5f17f13e21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dfUV9Imq+bXEc34G1nvxRA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17626
x-fb-rlafr
0
x-fb-debug
cbvcYBi9hy9fLfPVha4DQ7PM63e1r1/fYrjCKgrIBK0rje7RXrYCPmCOPyPRcfm9xC2ZMvYUXWsvCclZhidroA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 18 Dec 2023 16:17:12 GMT
rF0NDMiyLfE.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/
14 KB
3 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/rF0NDMiyLfE.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e6168984e7d17c1185f80fa4da24ff022d4f1504e7e8b757f83bbc64b6ce4f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QC5ODM8HU/7hVCq2lV/PpQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3321
x-fb-rlafr
0
x-fb-debug
UDgWKAK4Hu5XmLtOqyivX31Aiy55KGb/nsbcCqnKPP253bmpGFEJdyiMb0epwOpPM0dZAhmcWI2dKewPD4YF4A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 22:03:49 GMT
_ffTZnMuBYY.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/
13 KB
4 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/_ffTZnMuBYY.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f08e4639de6d8817b10a957ce7c0d6f1327fb340710ede213a0e8beb67dff2d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LoiqxYLMyZdCb5Asx/c6DQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4482
x-fb-rlafr
0
x-fb-debug
+36IV4hF+ASQ1b8yoD8Sc4DUH0LehdJzGIDHsk6tZ+b6vAy1GYDg0CnHz/s/pV3izD+wABm3n1K0i/wqqnXV4w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Dec 2023 06:35:26 GMT
-jY7SqbZSzy.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/
399 B
310 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/-jY7SqbZSzy.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
443bf177699a726513f37d405816c8bac90c9abe783dbb04aeaa6dda42667129
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6enyO0uyzV1hQSZBZCLscg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
247
x-fb-rlafr
0
x-fb-debug
A6QqsE57NP1OvkCO0R6gFvYeGyw6MmEqzc1u6RUDiiH3zxxnOreAQK9GNYWn4OY4M4QvBalV9pq7XJjknn5FWA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 14 Dec 2023 23:29:54 GMT
kryIEA04RHR.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/
160 KB
47 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/kryIEA04RHR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: confirmation-75588058950.cf
URL: https://confirmation-75588058950.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fa64b3242ecd33de91440c8b658abcf06f6e4e7d2e631c89b94d181f98a24512
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/qL/RzQyNmkP9DGQy4OxyQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47807
x-fb-rlafr
0
x-fb-debug
MQ5dzsni016cK8StaU777myIoWlNI1ZoQwZDBQ9VfNP5xvrKotepsUTc/MVMzLZLprmx7QWAN/v9kNZNxDecGg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 13:55:04 GMT
dfeGNCn3i3g.js
static.xx.fbcdn.net/rsrc.php/v3iffz4/y3/l/en_GB/
33 KB
10 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iffz4/y3/l/en_GB/dfeGNCn3i3g.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/S3Rs0hddVm9.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a300d0a32974365db46128e31e29a0862d95890f844f5cdedbdb453eb46d5116
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5T0/zorTPsP4QgREG34IdA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9727
x-fb-rlafr
0
x-fb-debug
V048PkkOwGsw5lgO79clVj20CWohHgZvYUUwXty/AOPt1F3GHZ7sXdeja4O3Gmjd+1nCZ4fgdn4E/gJrQdRW/Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Dec 2023 16:10:56 GMT
njEGMlH3ejq.js
static.xx.fbcdn.net/rsrc.php/v3i8_K4/yp/l/en_GB/
43 KB
13 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i8_K4/yp/l/en_GB/njEGMlH3ejq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/S3Rs0hddVm9.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
323031a1e9589076d97d2eb64e094fc8deba9242c83c9bef2b87e73a34d726eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
e/QOvxWxsowHDvenRXHeVg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13360
x-fb-rlafr
0
x-fb-debug
e/OoGe/nxrFmoVAX22FIy7VG0VTFA15ALEA6RmsbBumF362zgOBZw8ClfnIQNqFT69hRWgt3AhBKpB0W9DR1JA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Dec 2023 16:17:13 GMT
0QNgSFXFI0C.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/
12 KB
4 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/0QNgSFXFI0C.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/S3Rs0hddVm9.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b4f4b3f3716aa82509cc38b1f5e7460737c04e3e2605bf366a208473cf53c764
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
r7WHH6rZe4I4Ael+X711pg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3898
x-fb-rlafr
0
x-fb-debug
u2cOp9c1kQX0kan1toiMR3FPOb7KmEy5BPbNbJ/YCN0e6xQViQfQsY6TY/5sDsqtkJG7kyhhSF5VdoFR+jI8GQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 15 Dec 2023 16:01:08 GMT
N1Pmo7GelkH.js
static.xx.fbcdn.net/rsrc.php/v3iCwx4/y7/l/en_GB/
15 KB
5 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iCwx4/y7/l/en_GB/N1Pmo7GelkH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/S3Rs0hddVm9.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
da22c73703d9e37e70d6ad2a6ffeebc833777c1d045fd2c34a7fca66beadf40e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iYp81i4KxgM3N3kbKA1NRw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5545
x-fb-rlafr
0
x-fb-debug
WjFIDFPMuGfWjs/hYhNjB6S9kAZgVjpVEDLqIWygeqggPSEMoYcNJRjMxSf31ENziaOfzQFixHRSaxdYKDaTPw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 15 Dec 2023 16:06:05 GMT
RW511c32bJp.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/
7 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/RW511c32bJp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/S3Rs0hddVm9.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
47c7c1a1fb4130ac5bae60866d9050b071a1be116fa8963c78344d11f1eb6cd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
V3w+8z2Xe4tPufbnOzEsjg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2222
x-fb-rlafr
0
x-fb-debug
//vpjsQ39bEYXbzIM5rOpCpVECZ/yze+ndkJKp4HruAplmbuyG841lrH1P1GjsS2VsK39R6oikUhta6JzgjN9w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 15 Dec 2023 14:53:55 GMT
SZ027T49Sw5.js
static.xx.fbcdn.net/rsrc.php/v3iX3c4/yO/l/en_GB/
36 KB
11 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iX3c4/yO/l/en_GB/SZ027T49Sw5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/S3Rs0hddVm9.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8ff4cd5d1bef434f19968b7581aa61f215ce44bfd577267f01ec0b4193fcb1ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yD3am0FSFGct28QZSM1wAw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11589
x-fb-rlafr
0
x-fb-debug
SESLpRvyWumbBAe0aOGoDuT2rZmm95mvOwnBrS+ldl6Ia1vCC+Z4l53/m0RJ4ZhvW4DO2efwsQerZndfJ8VSiQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 19 Dec 2023 00:49:19 GMT
C3CnmLDYuAn.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/
3 KB
1 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/C3CnmLDYuAn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/S3Rs0hddVm9.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e620f089ef52fff2fbf8f89489be6c94359148d967369ad10b991f4d3a870387
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kor8Z17k9IvBwEdlwWYwPQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1078
x-fb-rlafr
0
x-fb-debug
a0I89vNF0/LIWxCmaR+SybDVEYOPOJ0TiJeTPwhNzmAKGbbdFZKFh8xj+SvVDuAfbCakl9aGw7LjQAkLgrs9oA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 14 Dec 2023 22:36:03 GMT
XRBIW2_mxwG.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/
3 KB
1 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/XRBIW2_mxwG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/S3Rs0hddVm9.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
57f2d65916a9f1c1198b08137fad5c967c107439b493e3951129f4b73c8a78e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://confirmation-75588058950.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pJ4hwM7479Xq0wNvdQSXGg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1107
x-fb-rlafr
0
x-fb-debug
+CTnVIOWHti2yf54BJFltF7YLd5FoSAG9IjmBnLDz9Hecvr+pPBx33zCeyzvr+Rd/+UOp/XRkS/Eeaz7dht49A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 15 Dec 2023 08:24:34 GMT
bz
confirmation-75588058950.cf/ajax/
315 B
641 B
XHR
General
Full URL
https://confirmation-75588058950.cf/ajax/bz?__a=1&__ccg=GOOD&__comet_req=0&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXw5ux60Vo1upE4W0OE2WxO0FE2aw7BKdwnU1e42C220qu0SU2swdq0Ho2ewnE3fw6iw4vwbS1Lw4Cw&__hs=19314.BP%3ADEFAULT.2.0.0.0.0&__hsi=7167263420558151788&__req=1&__rev=1006628136&__s=iixhrh%3Aliq5xh%3Ap42fj6&__spin_b=trunk&__spin_r=1006628136&__spin_t=1668758555&__user=0&dpr=1&jazoest=21862&lsd=rSNVLa8Zbvb0A45E0qrjYo
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/vfvPd8gFF1R.js?_nc_x=Ij3Wp8lg5Kz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.69.23.153 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.nagrup.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://confirmation-75588058950.cf/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryw0oO3DEZowCyn9oF

Response headers

Date
Tue, 20 Dec 2022 13:18:21 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| envFlush object| Env number| __DEV__ function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy object| __onBeforeModuleFactory object| __onAfterModuleFactory function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe object| onunloadhooks object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| __FB_STORE object| onbeforeunloadhooks function| AsyncRequest function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_rmode function| intl_set_locale object| onleavehooks object| PageTransitions boolean| domready object| onafterunloadhooks boolean| loaded

0 Cookies

8 Console Messages

Source Level URL
Text
network error URL: https://www.facebook.com/cms/video/?id=850337606335586&height=360&width=640&loop=0&ext=1668758615&hash=AcpRYlUhidu-SB1CHd8
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://scontent-sin6-1.xx.fbcdn.net/v/t39.2365-6/255484386_291141566250612_3255458060865995134_n.svg?_nc_cat=1&ccb=1-7&_nc_sid=ad8a9d&_nc_ohc=TJpdS50MjJcAX96Xpma&_nc_ht=scontent-sin6-1.xx&oh=00_AfB51U3rbAWtYlmQL5LDJVqT38kRGcSD_5St65D38ZXaGA&oe=637C9044
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/136893606_849918935579882_213472362566516880_n.jpg?_nc_cat=1&ccb=1-7&_nc_sid=6825c5&_nc_ohc=2p_-dstwwYYAX_hlugv&_nc_ht=scontent-sin6-1.xx&oh=00_AfC_Fewh3NTmJ3KP0FCWQUh0agvb7ACxqqGEKdegTZ7Zwg&oe=637C398F
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/137256059_2800543870233431_455035967167740410_n.jpg?_nc_cat=1&ccb=1-7&_nc_sid=6825c5&_nc_ohc=RXr5OofV5AsAX8dvxL5&_nc_ht=scontent-sin6-1.xx&oh=00_AfB-vzg57MCVJJiYTwQwVEbm5WbEGc169yHiomfF61xJKw&oe=637C30FE
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/137145103_308994903869841_4708570808613729754_n.jpg?_nc_cat=1&ccb=1-7&_nc_sid=6825c5&_nc_ohc=KX6AGTZzs6AAX9aK7MM&_nc_ht=scontent-sin6-1.xx&oh=00_AfCOZW_CrbxtT9gvuEEl47vqWfilJ2R83JBkFiB_mHo_SA&oe=637C5ACC
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-sin6-1.xx.fbcdn.net/v/t39.8562-6/137151366_203760844736656_1882032595123025998_n.jpg?_nc_cat=1&ccb=1-7&_nc_sid=6825c5&_nc_ohc=lzxsu1wyKf0AX9Hvzwu&_nc_ht=scontent-sin6-1.xx&oh=00_AfC-_l7Sdq4eYji6I7eM1UluHHfyw87zTvkA9FzPMYWkIg&oe=637D15CB
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-sin6-1.xx.fbcdn.net/v/t39.2365-6/255377001_4621720147908828_3636063384019207836_n.svg?_nc_cat=1&ccb=1-7&_nc_sid=ad8a9d&_nc_ohc=GBwWVkRledYAX-rPyvZ&_nc_ht=scontent-sin6-1.xx&oh=00_AfAzmhJ_X8-nV14hD1ua7Op00c_rM6AhHVWpCIMoL3_6tw&oe=637C7AAE
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://confirmation-75588058950.cf/ajax/bz?__a=1&__ccg=GOOD&__comet_req=0&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXw5ux60Vo1upE4W0OE2WxO0FE2aw7BKdwnU1e42C220qu0SU2swdq0Ho2ewnE3fw6iw4vwbS1Lw4Cw&__hs=19314.BP%3ADEFAULT.2.0.0.0.0&__hsi=7167263420558151788&__req=1&__rev=1006628136&__s=iixhrh%3Aliq5xh%3Ap42fj6&__spin_b=trunk&__spin_r=1006628136&__spin_t=1668758555&__user=0&dpr=1&jazoest=21862&lsd=rSNVLa8Zbvb0A45E0qrjYo
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

confirmation-75588058950.cf
scontent-sin6-1.xx.fbcdn.net
static.facebook.com
static.xx.fbcdn.net
www.facebook.com
200.69.23.153
2a03:2880:f00c:19:face:b00c:0:3
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
007a4a2b26d7e5973fb511f72d2efc04260c2c2c21fcc280cd542883913cfdd6
0458fa5b5e1f90f7584b794c7ddbdcfea71d5f33f71911aeec7aa1eb75b243f2
065ebbce14b9464ad5ff99996f839641e8ac03ecb1d41ac6814bad85c1279d4b
08ced88403f2c9a060168501e129e5d6704d9a81a9427c0847375a5f17f13e21
09ff58fb8643e8203a8b2c3e60d8179921b25ac5b1cbd1c46bd9a53779184c45
0e45e61b699cdfab87fe71dc9324c5c254150c15e5ceeb3ed1ad6baea643f713
0ff755645a3d11b3ebdaf2df71fa8c9d299d5cee2c67c5db5332566127b1fff5
104e323d4e5e0b54da70fd64bd91f20884aec70d18980ab3819000c37f43d462
15e4e7078c9e85f7005ab1655592c3aff140895a91ab843dfdb681c97f72c071
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
1e6168984e7d17c1185f80fa4da24ff022d4f1504e7e8b757f83bbc64b6ce4f5
259906ac13e20936cbd0efc5afbb4d222f1361be99df8f1b2e2b80e21a9c9ba9
2919cc592e82235e95e442e632d36280e2701dce52870484e80072749e3c6435
2a33ef38a81df61999d3f6f806c705dabdbf24a3220a011c8e76886f41473bc0
2d17d5b353de17f11dcbfdd85c71d3cfc8677a7e460d19b0ed1c703ff2dc8599
323031a1e9589076d97d2eb64e094fc8deba9242c83c9bef2b87e73a34d726eb
356de5a8c31ac5a5988272e5b94f7c36cf51a1fce5e33cbb76763f088c3a0013
39cc9e72c90111e0ae9945aff73a82ee89a9d84bf22dbfdf884cfb846c69c5d9
3e089904ffc32f8714ec2006e67b7a2579a15060e288c10e61087c18a8dbebe7
3e97f603789794c44ae4f0632c04124e63a7e4346b40bc10d4e0922667860f57
3f4113b63eb8febc7a1d6c98491604578622b91909d2b0b364091bdec1c578f4
3fc5da902d47f8ea9cc1f47500fd6b81fba7dc1bf526f5f89b7b3bb135cf4b53
403fecb3e12942cb8391ec4afb73be18b66a6a48138f7f9047bb6fd4ecf61fc0
40bea06fb41ddfde4364bad6f26fd5bd0c932fc0389eaa0765a16062c72e9570
443bf177699a726513f37d405816c8bac90c9abe783dbb04aeaa6dda42667129
44a01e08c121b49232f05115f9346159c72c242c720e5875fa314c228b202ed0
47c7c1a1fb4130ac5bae60866d9050b071a1be116fa8963c78344d11f1eb6cd7
4a5c007fdaca29d2d670427522d290a085cbc42bdac548e64a7ab4e03c9bda67
4b3a75ae46ceffc8bcc5a358796f08abf7d5097c66caeaa2f856a43abca17b5e
4c47b7684b61251943e3b8aae5c764c72f50265d5097eea5bf3009f0ba8128ec
5151051ce7058cc95f7a2a2348d9c5ed37265a49cc601d1877449eb8b96d3997
57f2d65916a9f1c1198b08137fad5c967c107439b493e3951129f4b73c8a78e0
5c1382c52b35c90972aa59cce85f9f8317fcb6104846c73e5a4bff694ad01ae4
5e14840a78dbc7516e1108dffee6fc47e4d109973a25cc2a3db148194b916c01
5f08e4639de6d8817b10a957ce7c0d6f1327fb340710ede213a0e8beb67dff2d
6123e8e6e18d4585d63756dcb47ee2fdc03c59205e5be59b2bc4a5ba72f672dc
613329222e6752e356f5eeb3133a1e5fcdf5e46f900ea4880dd7bc602e02a081
61a08e6f0045ee93e87eac6ae7352b9d11257a42bfa104c3ea909354cec613bd
61ae90419dda32a8789908a2c2b3df2161fe53022ae8e6c852ab69fafc15abd5
622a0df1f84f7c3881853cd5eb61509f3a8fe07d0cfe988a4c5f3b7d29e4ed7f
639a591af3f5f0cf5fee1dc796a42e8e7aeb813814ba5273b9f0c4d26588d301
6d6d4cac9d72189dd53aba9353b63f69cadcfcb41860fa90c9c72495b7194380
6f4fde0509c5ac0086d02cbcd56db900a82166e5df0c9ce907fe774c5f8b31f4
7518899318112c5bbd1cf937c5d3e02bc88c95a84578676ecdeda73864929c9b
89c5763b1ac4aa57dda08f58469e8db8dec8c04bbae64aa2004e681ce771091c
8ef9d5103b676a6d6c623e6211e9baea020d1e49d1fcf91a0607a3791d490627
8ff4cd5d1bef434f19968b7581aa61f215ce44bfd577267f01ec0b4193fcb1ea
9b59cf3b76712f11c87bd1f4e31dff6def617344ec186c514255a65591c77831
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a1a74914205aad868866a96e483808ce5392ab4cf90215d1058f5dd738be7978
a300d0a32974365db46128e31e29a0862d95890f844f5cdedbdb453eb46d5116
a49d50ccdc5073fc38d911733204f3e191202b0c1d05cbf9005ab351f78b190a
a5208daac4385fc4a4794ac3e6825644a765a3bbad76747d5c2ed6135b886bfc
a73dc7536509127760d351d9369088e2aedb8faa2bb85aec2ae0c2d26d379516
adc52f1bf2e930abae7b50754df6379f59ae885b7be07483e7a5966955f7edc9
b3872e577132a069aa93bea46deb354aa6a3204d9a86b9fc8ae36b809b948faa
b4f4b3f3716aa82509cc38b1f5e7460737c04e3e2605bf366a208473cf53c764
b6b508237d74dc1b04eeca11b9f4afedeb5d19f0806561ab3342b0bf2855d6a1
bcb29087fc3b1d251047ae218ec03d1e0c5dbcc1f6fd3f73bf07f837d9202cbb
bdfdb5e27c64bbef61c200fd7797a32a5e39e6f5fc81edc94128fd88a825d5fb
cbe8e912060b0300cd170d38bb42cfe769d53c26d03efa5ebd7f1e2a10ad2a80
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
da22c73703d9e37e70d6ad2a6ffeebc833777c1d045fd2c34a7fca66beadf40e
dbe170094b3a98d6dd0ef229d2b84e07e95f888eaaece57a8a9185da43f6e44c
dbf1a97c9ffe07e0755fbc5fefa34cbc01d1b4623bd4ad00f5323eebfb49617a
e365c1e398e190faa4baa0deebf1ea18277dbd3475387c0ca331c37c6133f97d
e54567185c6d98242effed2d0f12474db0c51154f10b23ee90f010be7110e5e3
e620f089ef52fff2fbf8f89489be6c94359148d967369ad10b991f4d3a870387
e6a54c42931a2ff0bbeacda13bf88e90dc1da1e4f85770adbb7952cda9775117
ec57b7f042e06dfdbdd35dcf46fe0c296d4fc3507b64f0b1b2d638d8c932f00c
edc1689a0e5faa8469f895287788aa7f31fe7e9d12f6ec75bb5b7e1b0baeda7a
f4bd8ac5374fb6c36afbb423fc8920b33e47fe86870fb2165b2bf24e59a54476
fa64b3242ecd33de91440c8b658abcf06f6e4e7d2e631c89b94d181f98a24512
fe01bc5fa59ad7e33391a42cfb097b6ad99bae873af5fd42ba1ab40629593f9e
ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5