Scribd
Upload
178 views

HTTP

The document contains log files detailing requests made between a web browser and Facebook servers during an attempted photo upload. It shows the browser making initial requests to upload.facebook.com and then being redirected to tagging and authorization pages on m.facebook.com before receiving a response with the uploaded photo and tagging interface. It also shows the browser performing standard safe browsing checks with Google servers during this process.

Uploaded by

One Click Login
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
178 views

HTTP

The document contains log files detailing requests made between a web browser and Facebook servers during an attempted photo upload. It shows the browser making initial requests to upload.facebook.com and then being redirected to tagging and authorization pages on m.facebook.com before receiving a response with the uploaded photo and tagging interface. It also shows the browser performing standard safe browsing checks with Google servers during this process.

Uploaded by

One Click Login
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 6

https://upload.facebook.com/_mupload_/composer/?

waterfall_id=4835636d0690adb0f6e
9d9aa0f72cc9d
POST /_mupload_/composer/?waterfall_id=4835636d0690adb0f6e9d9aa0f72cc9d HTTP/1.1
Host: upload.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://m.facebook.com/photos/upload/
Cookie: datr=gKp9U7flSrrKtkinKp9V5u2k; locale=en_US; fr=0tz1LdjVs0b4DlF0c.AWUqIy
FsElg9kGtHGHQ1hueZlU4.BTfaqV.mE.FOO.AWUIqK4Q; lu=RQVMsIJpPMKGynoHXFN0HGJg; a11y=
%7B%22sr%22%3A0%2C%22sr-ts%22%3A1401933698432%2C%22jk%22%3A0%2C%22jk-ts%22%3A140
1933698432%2C%22kb%22%3A1%2C%22kb-ts%22%3A1401933698432%2C%22hcm%22%3A0%2C%22hcm
-ts%22%3A1401933698432%2C%22like%22%3A0%2C%22like-ts%22%3A1401933698432%7D; xs=4
9%3APK57JkAb6gCj6Q%3A2%3A1401939135%3A5634; c_user=100003199749380; csm=2; s=Aa4
JHlvZkTgX0q8X.BTj-S_
Connection: keep-alive
Content-Type: multipart/form-data; boundary=---------------------------214962768
921069
Content-Length: 3883
-----------------------------214962768921069
Content-Disposition: form-data; name="fb_dtsg"
AQFHskZZz0l1
-----------------------------214962768921069
Content-Disposition: form-data; name="charset_test"
,, ,,, ,
-----------------------------214962768921069
Content-Disposition: form-data; name="file1"; filename="test.png"
Content-Type: image/png
PNG

HTTP/1.1 302 forced.302
content-security-policy: default-src *;script-src https://*.facebook.com http://
*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.google-an
alytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsa
fe-inline' 'unsafe-eval' https://*.akamaihd.net http://*.akamaihd.net *.atlassol
utions.com;style-src * 'unsafe-inline';connect-src https://*.facebook.com http:/
/*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotiloc
al.com:* https://*.akamaihd.net ws://*.facebook.com:* http://*.akamaihd.net http
s://fb.scanandcleanlocal.com:* *.atlassolutions.com http://attachment.fbsbx.com
https://attachment.fbsbx.com;
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Jun 2014 03:52:52 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://m.facebook.com/photos/tag_friends/?photo_album_id=493969844053
003&photo_count=1&photo_fbid=573191796130807&id=100003199749380&is_upload=1&retu
rn_uri=%2Fhome.php%3Fstype%3Dphs%26sk%3Dlive%26gfid%3DAQDV1MJ1vhEM4c-8&hfc&hufc&
_rdr
Pragma: no-cache
strict-transport-security: max-age=7776000
x-content-type-options: nosniff
x-xss-protection: 0
X-FB-Debug: jsnv5tFh+86bdiEg1fLPTA0CEJuCqPosOvq4y+lYXTI=

X-Firefox-Spdy: 3
---------------------------------------------------------https://m.facebook.com/photos/tag_friends/?photo_album_id=493969844053003&photo_
count=1&photo_fbid=573191796130807&id=100003199749380&is_upload=1&return_uri=%2F
home.php%3Fstype%3Dphs%26sk%3Dlive%26gfid%3DAQDV1MJ1vhEM4c-8&hfc&hufc&_rdr
GET /photos/tag_friends/?photo_album_id=493969844053003&photo_count=1&photo_fbid
=573191796130807&id=100003199749380&is_upload=1&return_uri=%2Fhome.php%3Fstype%3
Dphs%26sk%3Dlive%26gfid%3DAQDV1MJ1vhEM4c-8&hfc&hufc&_rdr HTTP/1.1
Host: m.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://m.facebook.com/photos/upload/
Cookie: datr=gKp9U7flSrrKtkinKp9V5u2k; locale=en_US; fr=0tz1LdjVs0b4DlF0c.AWUqIy
FsElg9kGtHGHQ1hueZlU4.BTfaqV.mE.FOO.AWUIqK4Q; lu=RQVMsIJpPMKGynoHXFN0HGJg; a11y=
%7B%22sr%22%3A0%2C%22sr-ts%22%3A1401933698432%2C%22jk%22%3A0%2C%22jk-ts%22%3A140
1933698432%2C%22kb%22%3A1%2C%22kb-ts%22%3A1401933698432%2C%22hcm%22%3A0%2C%22hcm
-ts%22%3A1401933698432%2C%22like%22%3A0%2C%22like-ts%22%3A1401933698432%7D; xs=4
9%3APK57JkAb6gCj6Q%3A2%3A1401939135%3A5634; c_user=100003199749380; csm=2; s=Aa4
JHlvZkTgX0q8X.BTj-S_
Connection: keep-alive
HTTP/1.1 302 forced.302
content-security-policy: default-src *;script-src https://*.facebook.com http://
*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.google-an
alytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsa
fe-inline' 'unsafe-eval' https://*.akamaihd.net http://*.akamaihd.net *.atlassol
utions.com;style-src * 'unsafe-inline';connect-src https://*.facebook.com http:/
/*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotiloc
al.com:* https://*.akamaihd.net ws://*.facebook.com:* http://*.akamaihd.net http
s://fb.scanandcleanlocal.com:* *.atlassolutions.com http://attachment.fbsbx.com
https://attachment.fbsbx.com;
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Jun 2014 03:52:53 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://m.facebook.com/tokenizer/friends/?mode=photo_upload&returnURI=
%2Fhome.php%3Fstype%3Dphs%26sk%3Dlive%26gfid%3DAQDV1MJ1vhEM4c-8&curry=%7B%22phot
o_fbid%22%3A573191796130807%2C%22id%22%3A100003199749380%2C%22photo_album_id%22%
3A493969844053003%2C%22photo_count%22%3A1%7D&_rdr
Pragma: no-cache
strict-transport-security: max-age=7776000
x-content-type-options: nosniff
x-xss-protection: 0
X-FB-Debug: ldjp/fI2fOuTSxLASWKit0nzuEZx48cw31nvOgmgrKE=
X-Firefox-Spdy: 3
---------------------------------------------------------https://m.facebook.com/tokenizer/friends/?mode=photo_upload&returnURI=%2Fhome.ph
p%3Fstype%3Dphs%26sk%3Dlive%26gfid%3DAQDV1MJ1vhEM4c-8&curry=%7B%22photo_fbid%22%
3A573191796130807%2C%22id%22%3A100003199749380%2C%22photo_album_id%22%3A49396984
4053003%2C%22photo_count%22%3A1%7D&_rdr
GET /tokenizer/friends/?mode=photo_upload&returnURI=%2Fhome.php%3Fstype%3Dphs%26
sk%3Dlive%26gfid%3DAQDV1MJ1vhEM4c-8&curry=%7B%22photo_fbid%22%3A573191796130807%
2C%22id%22%3A100003199749380%2C%22photo_album_id%22%3A493969844053003%2C%22photo
_count%22%3A1%7D&_rdr HTTP/1.1
Host: m.facebook.com

User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:29.0) Gecko/20100101 Firefox/29.0


Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://m.facebook.com/photos/upload/
Cookie: datr=gKp9U7flSrrKtkinKp9V5u2k; locale=en_US; fr=0tz1LdjVs0b4DlF0c.AWUqIy
FsElg9kGtHGHQ1hueZlU4.BTfaqV.mE.FOO.AWUIqK4Q; lu=RQVMsIJpPMKGynoHXFN0HGJg; a11y=
%7B%22sr%22%3A0%2C%22sr-ts%22%3A1401933698432%2C%22jk%22%3A0%2C%22jk-ts%22%3A140
1933698432%2C%22kb%22%3A1%2C%22kb-ts%22%3A1401933698432%2C%22hcm%22%3A0%2C%22hcm
-ts%22%3A1401933698432%2C%22like%22%3A0%2C%22like-ts%22%3A1401933698432%7D; xs=4
9%3APK57JkAb6gCj6Q%3A2%3A1401939135%3A5634; c_user=100003199749380; csm=2; s=Aa4
JHlvZkTgX0q8X.BTj-S_
Connection: keep-alive
HTTP/1.1 200 OK
content-security-policy: default-src *;script-src https://*.facebook.com http://
*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.google-an
alytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsa
fe-inline' 'unsafe-eval' https://*.akamaihd.net http://*.akamaihd.net *.atlassol
utions.com;style-src * 'unsafe-inline';connect-src https://*.facebook.com http:/
/*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotiloc
al.com:* https://*.akamaihd.net ws://*.facebook.com:* http://*.akamaihd.net http
s://fb.scanandcleanlocal.com:* *.atlassolutions.com http://attachment.fbsbx.com
https://attachment.fbsbx.com;
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Jun 2014 03:52:53 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
strict-transport-security: max-age=7776000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0
X-FB-Debug: FGNDN2u4Y/+JThpLz7zHCE7X0pddsnt4tj03YBJF0us=
X-Firefox-Spdy: 3
---------------------------------------------------------https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffo
x&appver=29.0.1&pver=2.2&key=AIzaSyD-s-mXL4mBzF7KMRkhTCIbG2RKnRGXzJc
POST /safebrowsing/downloads?client=navclient-auto-ffox&appver=29.0.1&pver=2.2&k
ey=AIzaSyD-s-mXL4mBzF7KMRkhTCIbG2RKnRGXzJc HTTP/1.1
Host: safebrowsing.google.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 103
Content-Type: text/plain
Cookie: PREF=ID=0bf83377af187da0:TM=1400818428:LM=1400818428:S=BtS5V38lDRX7nCYn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
goog-malware-shavar;a:138406-144002:s:133368-137525
goog-phish-shavar;a:322552-329912:s:165238-171074
HTTP/1.1 200 OK
Alternate-Protocol: 443:quic
Content-Length: 635

Content-Type: application/vnd.google.safebrowsing-update
Date: Thu, 05 Jun 2014 04:06:55 GMT
Server: HTTP server (unknown)
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: 3.1
---------------------------------------------------------https://safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdm
FyEAEYsbIIIICzCCoONxkCAP___________wMyBTEZAgA_
GET /safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdmFyEAEYsbIIIICzCCoONxkCAP_________
__wMyBTEZAgA_ HTTP/1.1
Host: safebrowsing-cache.google.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: PREF=ID=0bf83377af187da0:TM=1400818428:LM=1400818428:S=BtS5V38lDRX7nCYn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Age: 717
Alternate-Protocol: 443:quic
Cache-Control: public,max-age=172800
Content-Encoding: gzip
Content-Length: 1753
Content-Type: application/vnd.google.safebrowsing-chunk
Date: Thu, 05 Jun 2014 03:54:59 GMT
Server: HTTP server (unknown)
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: 3.1
---------------------------------------------------------https://safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdm
FyEAAYgeUIIIDqCCpUhjICAP________________________________________________________
________________________________________________8HMgWBMgIAHw
GET /safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdmFyEAAYgeUIIIDqCCpUhjICAP_________
________________________________________________________________________________
_______________8HMgWBMgIAHw HTTP/1.1
Host: safebrowsing-cache.google.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: PREF=ID=0bf83377af187da0:TM=1400818428:LM=1400818428:S=BtS5V38lDRX7nCYn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Age: 111
Alternate-Protocol: 443:quic
Cache-Control: public,max-age=172800
Content-Encoding: gzip
Content-Length: 454

Content-Type: application/vnd.google.safebrowsing-chunk
Date: Thu, 05 Jun 2014 04:05:05 GMT
Server: HTTP server (unknown)
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: 3.1
---------------------------------------------------------https://safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNoYXZhch
ABGLW4CiDIuAoqBUacAgAHMgc1nAIA__8B
GET /safebrowsing/rd/ChFnb29nLXBoaXNoLXNoYXZhchABGLW4CiDIuAoqBUacAgAHMgc1nAIA__8
B HTTP/1.1
Host: safebrowsing-cache.google.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: PREF=ID=0bf83377af187da0:TM=1400818428:LM=1400818428:S=BtS5V38lDRX7nCYn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Age: 110
Alternate-Protocol: 443:quic
Cache-Control: public,max-age=172800
Content-Encoding: gzip
Content-Length: 1642
Content-Type: application/vnd.google.safebrowsing-chunk
Date: Thu, 05 Jun 2014 04:05:06 GMT
Server: HTTP server (unknown)
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: 3.1
---------------------------------------------------------https://safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNoYXZhch
AAGLeRFCDAkRQqBbwIBQAfMgW3CAUAHw
GET /safebrowsing/rd/ChFnb29nLXBoaXNoLXNoYXZhchAAGLeRFCDAkRQqBbwIBQAfMgW3CAUAHw
HTTP/1.1
Host: safebrowsing-cache.google.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: PREF=ID=0bf83377af187da0:TM=1400818428:LM=1400818428:S=BtS5V38lDRX7nCYn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Age: 110
Alternate-Protocol: 443:quic
Cache-Control: public,max-age=172800
Content-Encoding: gzip
Content-Length: 1750
Content-Type: application/vnd.google.safebrowsing-chunk
Date: Thu, 05 Jun 2014 04:05:06 GMT

Server: HTTP server (unknown)


x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: 3.1
----------------------------------------------------------

You might also like