Network Analysis

GET /ads/manager/account_settings/account_billing HTTP/1.1 Connection: Keep-Alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1 Host: www.facebook.com User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62 sec-ch-ua: "Microsoft Edge";v="111", "Not(A:Brand";v="8", "Chromium";v="111" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" sec-ch-prefers-color-scheme: light Upgrade-Insecure-Requests: 1 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document

HTTP/1.1 302 Found Set-Cookie: sb=SaU7ZL0qQGuNdxtap981zRqw; expires=Tue, 15-Apr-2025 07:35:37 GMT; Max-Age=63072000; path=/; domain=.facebook.com; secure; httponly; SameSite=None Location: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Fads%2Fmanager%2Faccount_settings%2Faccount_billing content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com *;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: same-origin cross-origin-opener-policy: same-origin-allow-popups Pragma: no-cache Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Frame-Options: DENY origin-agent-cluster: ?0 Strict-Transport-Security: max-age=15552000; preload Content-Type: text/html; charset="utf-8" X-FB-Debug: BXsJAjKZP0jI4W1kPfSJVVoqLH1Sl4AeptYB8inamlGkpvjlMjPtP9/fi+g7H/fQrbDZCd6dEByKL2Ah2OqnDw== Date: Sun, 16 Apr 2023 07:35:37 GMT Alt-Svc: h3=":443"; ma=86400 Connection: keep-alive Content-Length: 0

GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Fads%2Fmanager%2Faccount_settings%2Faccount_billing HTTP/1.1 Connection: Keep-Alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1 Host: www.facebook.com User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62 sec-ch-ua: "Microsoft Edge";v="111", "Not(A:Brand";v="8", "Chromium";v="111" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" sec-ch-prefers-color-scheme: light Upgrade-Insecure-Requests: 1 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Cookie: sb=SaU7ZL0qQGuNdxtap981zRqw

HTTP/1.1 200 OK Vary: Accept-Encoding Set-Cookie: fr=08kOUEXYbvPF2EhUG..BkO6VJ.7X.AAA.0.0.BkO6VJ.AWX7_pJ2bwc; expires=Sat, 15-Jul-2023 07:35:36 GMT; Max-Age=7775999; path=/; domain=.facebook.com; secure; httponly; SameSite=None report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-opener-policy: unsafe-none Pragma: no-cache Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Frame-Options: DENY origin-agent-cluster: ?0 Strict-Transport-Security: max-age=15552000; preload Content-Type: text/html; charset="utf-8" X-FB-Debug: AZCz/rhD427rcAyRr3gIh5v17YlGJT6GZ5uw/N0MgvHXerb8lMOevH0O4A/W6nKsca6cwRiB9tUYGxktnNchWA== Date: Sun, 16 Apr 2023 07:35:37 GMT Transfer-Encoding: chunked Alt-Svc: h3=":443"; ma=86400 Connection: keep-alive

GET /sts/cimage.jpg HTTP/1.1 User-Agent: HTTPREAD Host: bz.bbbeioaag.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sun, 16 Apr 2023 07:35:28 GMT Content-Type: image/jpeg Content-Length: 1491660 Last-Modified: Wed, 12 Apr 2023 13:01:44 GMT Connection: keep-alive ETag: "6436abb8-16c2cc" Accept-Ranges: bytes

GET /check/safe HTTP/1.1 Connection: Keep-Alive User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62 Host: count.iiagjaggg.com

HTTP/1.1 200 OK Server: nginx Date: Sun, 16 Apr 2023 07:35:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30