r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8693
Expires: Fri, 25 Nov 2022 19:14:10 GMT
Date: Fri, 25 Nov 2022 16:49:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5040
Cache-Control: max-age=155157
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:17 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:55:14 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6717
Expires: Fri, 25 Nov 2022 18:41:14 GMT
Date: Fri, 25 Nov 2022 16:49:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 16:19:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1808
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JbQcEO5G4vYPmo/g7husqiXT6Bv8frm9VHZnggG4JR+TKjqkDaFYm0ZfVX+O0692eInB2LZcQHY=
x-amz-request-id: VGR54EASDBT6FJYH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 16:43:54 GMT
age: 323
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
blog.faceutil.com/autoapps/modules/tmp/%EC%BD%94%EB%AF%B9%EC%8A%A4%ED%83%80%ED%8C%8C%EC%9D%B4%ED%8C%853.6_9485.exe?t=1669374024
211.233.33.250302 Found 315 B URL HTTP/1.1 blog.faceutil.com/autoapps/modules/tmp/%EC%BD%94%EB%AF%B9%EC%8A%A4%ED%83%80%ED%8C%8C%EC%9D%B4%ED%8C%853.6_9485.exe?t=1669374024
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 096f61cd1978709c6e596fd81f8b1a62
2b852f34fcfc0084d493d28326865043aa2b8e6a
eaa33f70ec085432d21d60b42798ecfb80312b59f360cd299515c413e7878e8b
Analyzer Verdict Alert fortinet Malware
GET /autoapps/modules/tmp/%EC%BD%94%EB%AF%B9%EC%8A%A4%ED%83%80%ED%8C%8C%EC%9D%B4%ED%8C%853.6_9485.exe?t=1669374024 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 25 Nov 2022 16:49:16 GMT
Server: Apache/2.2.15 (CentOS)
Location: https://blog.faceutil.com/autoapps/modules/tmp/%ec%bd%94%eb%af%b9%ec%8a%a4%ed%83%80%ed%8c%8c%ec%9d%b4%ed%8c%853.6_9485.exe?t=1669374024
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 16:11:11 GMT
cache-control: public,max-age=3600
age: 2286
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2519
Cache-Control: max-age=147572
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:18 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:48:50 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0cdbf007ac2df6ee59f91e0ebeed5c8b
9fa0e796a0d95db39858a5a4a56b25d0c5d359df
1207ec3dc373347c08f7bd5fa6fa0ff0ed9a89b0ac163763e3701213b751bc53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1207EC3DC373347C08F7BD5FA6FA0FF0ED9A89B0AC163763E3701213B751BC53"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Fri, 25 Nov 2022 22:48:56 GMT
Date: Fri, 25 Nov 2022 16:49:18 GMT
Connection: keep-alive
push.services.mozilla.com/
52.39.62.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.62.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YkjYo+hYW82rmqiQx17fIA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nnpDngZyQi/mVug79SrHwxkPLZw=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7765
Expires: Fri, 25 Nov 2022 18:58:44 GMT
Date: Fri, 25 Nov 2022 16:49:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7765
Expires: Fri, 25 Nov 2022 18:58:44 GMT
Date: Fri, 25 Nov 2022 16:49:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7765
Expires: Fri, 25 Nov 2022 18:58:44 GMT
Date: Fri, 25 Nov 2022 16:49:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7765
Expires: Fri, 25 Nov 2022 18:58:44 GMT
Date: Fri, 25 Nov 2022 16:49:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7765
Expires: Fri, 25 Nov 2022 18:58:44 GMT
Date: Fri, 25 Nov 2022 16:49:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:59:20 GMT
age: 67799
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 44779
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 68080
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 84712
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:53 GMT
age: 68486
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:46:20 GMT
age: 32579
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blog.faceutil.com/autoapps/modules/tmp/%ec%bd%94%eb%af%b9%ec%8a%a4%ed%83%80%ed%8c%8c%ec%9d%b4%ed%8c%853.6_9485.exe?t=1669374024
211.233.33.250302 Found 20 B URL HTTP/1.1 blog.faceutil.com/autoapps/modules/tmp/%ec%bd%94%eb%af%b9%ec%8a%a4%ed%83%80%ed%8c%8c%ec%9d%b4%ed%8c%853.6_9485.exe?t=1669374024
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Malware
GET /autoapps/modules/tmp/%ec%bd%94%eb%af%b9%ec%8a%a4%ed%83%80%ed%8c%8c%ec%9d%b4%ed%8c%853.6_9485.exe?t=1669374024 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Fri, 25 Nov 2022 16:49:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Link: <https://blog.faceutil.com/wp-json/>; rel="https://api.w.org/"
location: https://blog.faceutil.com/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20
Connection: close
Content-Type: text/html; charset=UTF-8
blog.faceutil.com/
211.233.33.250200 OK 14 kB IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1743), with CRLF, LF line terminators
Hash 66a563228834ce904e0d10b3dcec57bc
dbd6b24a079a1b54c8fa0cd572829e817deb3180
6f7a1a367412b23cdce38035b7cdc61c09e04d1d588423435466fae07b9eb9fc
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.6.40
Expires: 0
Cache-Control: no-cache,must-revalidate
Pragma: no-cache
Link: <https://blog.faceutil.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/8tjpA>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14345
Connection: close
Content-Type: text/html; charset=UTF-8
wcs.naver.net/wcslog.js
23.195.255.54200 OK 6.8 kB IP 23.195.255.54:0
File type ASCII text, with very long lines (20124), with no line terminators
Hash 843a08a1540a6ef318459433f0d7e92a
8b367a0abbbb3aa407b3285939b242dd90af8e10
e9c2885f3be79e610f1a995a5d9d403671417e056cdccf427416509263c11883
GET /wcslog.js HTTP/1.1
Host: wcs.naver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 14 Jun 2022 02:08:57 GMT
ETag: "62a7edb9-4e9c"
Server: nginx
Content-Type: application/javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3315
Expires: Fri, 25 Nov 2022 17:44:36 GMT
Date: Fri, 25 Nov 2022 16:49:21 GMT
Content-Length: 6834
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-KE6875C4VY
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-KE6875C4VY
IP 142.250.74.168:0
File type ASCII text, with very long lines (21484)
Hash 26e543473ffcadeac9aaf010be2c5e10
48c91f7dcb9eca6a6a1525c3ff1debf1ca1c52f6
8729cec8aec188d92f3e16dc70565ed71b68d410eddb41c1721555617ee40ecf
GET /gtag/js?id=G-KE6875C4VY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 16:49:21 GMT
expires: Fri, 25 Nov 2022 16:49:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76568
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e1bb96079b34e7d9006e444ddce235e4
7241bcbdf5494b45ec84beea2ca927fbf84a2e0e
d5fc70229c68b2447af3de0edf6f82790d869f0e09d90393c5ed1dd642d0bb95
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4068
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:22 GMT
Last-Modified: Fri, 25 Nov 2022 15:41:34 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
blog.faceutil.com/wp-content/themes/education-hub/style.css?ver=4.7.2
211.233.33.250200 OK 12 kB URL HTTP/1.1 blog.faceutil.com/wp-content/themes/education-hub/style.css?ver=4.7.2
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (755)
Hash e9e1f860010f7ba348310b76a91ee9e7
62f74f49d0928745f178bb915aeaf7b8707d8368
1120841ffd369da93d45ba8dea051390b3c03c578c4e121866601d4b11dfd514
GET /wp-content/themes/education-hub/style.css?ver=4.7.2 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 23 Feb 2017 07:07:41 GMT
ETag: "100779-f896-5492d44d94940"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11977
Connection: close
Content-Type: text/css
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b3169dc3c3cf7a9d5130f459251c3b49
6623a964df500ab0843261738ddc60e7f0288f50
807ea7025f3b8d64221096be24ef07d71d6a4c5e8bc968130f0c921248ff5440
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 10:56:26 GMT
Expires: Wed, 30 Nov 2022 10:56:25 GMT
Etag: "6623a964df500ab0843261738ddc60e7f0288f50"
Cache-Control: max-age=410222,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fbe0920dc0b52d-OSL
blog.faceutil.com/wp-content/themes/education-hub-child/style.css?ver=1.9.4
211.233.33.250200 OK 231 B URL HTTP/1.1 blog.faceutil.com/wp-content/themes/education-hub-child/style.css?ver=1.9.4
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash ea0a8a30eb4bc2290c0148fe7c53117b
b3049616697baac9b226d145badda39d56a2861b
7ac2f2612c592278db75f3d88f488c2a5f6627d0da3625cc79b100f5d4249615
GET /wp-content/themes/education-hub-child/style.css?ver=1.9.4 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 28 Feb 2017 05:44:55 GMT
ETag: "1009f7-10d-54990b20f03c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 231
Connection: close
Content-Type: text/css
blog.faceutil.com/wp-content/themes/education-hub/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0
211.233.33.250200 OK 7.1 kB URL HTTP/1.1 blog.faceutil.com/wp-content/themes/education-hub/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/education-hub/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 23 Feb 2017 07:07:41 GMT
ETag: "100761-7918-5492d44d94940"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Connection: close
Content-Type: text/css
blog.faceutil.com/wp-content/plugins/jetpack/css/jetpack.css?ver=4.6
211.233.33.250200 OK 11 kB URL HTTP/1.1 blog.faceutil.com/wp-content/plugins/jetpack/css/jetpack.css?ver=4.6
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (19706)
Hash 83f25568506bc6dcb77770c00b8d30a4
4fa79545986405da8c4e890043984892df8a1fe1
5842e64c4d06fa785536e109d77c53478072a19b852bc4e25d1b4c190249a631
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=4.6 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 06 Mar 2017 06:03:18 GMT
ETag: "1000ef-f585-54a09a6d9b580"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11159
Connection: close
Content-Type: text/css
blog.faceutil.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
211.233.33.250200 OK 4.0 kB URL HTTP/1.1 blog.faceutil.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
ETag: "e1581-2748-5333ff613c400"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4014
Connection: close
Content-Type: text/javascript
blog.faceutil.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.7.2
211.233.33.250200 OK 489 B URL HTTP/1.1 blog.faceutil.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.7.2
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
Hash e7310e3fcdaade0614b48b2154b4599b
6286153658b9dc345836e4b06f5f1993370acea6
f0ecedd6a50945a0295fc3c92db1770a58ec16df95cc120eac718e684f200679
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.7.2 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 06 Mar 2017 06:03:19 GMT
ETag: "10033a-3f7-54a09a6e8f7c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 489
Connection: close
Content-Type: text/javascript
blog.faceutil.com/wp-content/themes/education-hub/js/skip-link-focus-fix.min.js?ver=20130115
211.233.33.250200 OK 308 B URL HTTP/1.1 blog.faceutil.com/wp-content/themes/education-hub/js/skip-link-focus-fix.min.js?ver=20130115
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (557), with no line terminators
Hash b31a1bcaa74a44673c2fa2d93a60c060
392ffc0fb6b17fd294826634c4c17926f27d480c
59be1508205f1f5de4302adc72a699f1c84ca4361fbaf47b734573ef867b6e94
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/education-hub/js/skip-link-focus-fix.min.js?ver=20130115 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 23 Feb 2017 07:07:41 GMT
ETag: "100756-22d-5492d44d94940"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 308
Connection: close
Content-Type: text/javascript
blog.faceutil.com/wp-content/themes/education-hub/third-party/cycle2/js/jquery.cycle2.min.js?ver=2.1.6
211.233.33.250200 OK 7.1 kB URL HTTP/1.1 blog.faceutil.com/wp-content/themes/education-hub/third-party/cycle2/js/jquery.cycle2.min.js?ver=2.1.6
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (10280)
Hash 65a20a0793f7f89dea24ae92d0e5f435
284ea412e8378ca3ee26eab098bbb4f24b4f1ee7
65a54c9ce5edfbf6359461928b424cd21491c8155da20c6b162a202c3918fead
GET /wp-content/themes/education-hub/third-party/cycle2/js/jquery.cycle2.min.js?ver=2.1.6 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 23 Feb 2017 07:07:41 GMT
ETag: "10076c-599c-5492d44d94940"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7100
Connection: close
Content-Type: text/javascript
blog.faceutil.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
211.233.33.250200 OK 34 kB URL HTTP/1.1 blog.faceutil.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (32077)
Hash d417f4d673009b01654915bbf1f4f872
f432ea8e89e5f4ef50e506019899e539a068f415
24560d81ded58e8befabf32ff51f5b6ae6f21eead0a5f87c255e3b47b988d1cc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 23 May 2016 09:00:29 GMT
ETag: "e1557-17ba0-5337eac0d4540"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33766
Connection: close
Content-Type: text/javascript
blog.faceutil.com/wp-content/themes/education-hub/js/custom.min.js?ver=1.0
211.233.33.250200 OK 200 B URL HTTP/1.1 blog.faceutil.com/wp-content/themes/education-hub/js/custom.min.js?ver=1.0
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with no line terminators
Hash 1db5ff5e7a9e6eeb9508bf6f0be8071c
25bbc18ec2eb75a280bbe0110a7eb90b9177923b
62928f2bb9c292404f841367488e755e0f2aa484b5b3fb5e93b9d12526b65e84
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/education-hub/js/custom.min.js?ver=1.0 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 23 Feb 2017 07:07:41 GMT
ETag: "100757-126-5492d44d94940"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 200
Connection: close
Content-Type: text/javascript
blog.faceutil.com/wp-content/themes/education-hub/js/navigation.min.js?ver=20120206
211.233.33.250200 OK 404 B URL HTTP/1.1 blog.faceutil.com/wp-content/themes/education-hub/js/navigation.min.js?ver=20120206
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (919), with no line terminators
Hash ccd744990d910a7efe7741a2054bf324
ace6fedfeba034ab1b2e3af9f24088d4f5123c90
b7fb0bc3d617951dba4d0dd9ac031801789d5b39d36896db58d36993df1f0a1d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/education-hub/js/navigation.min.js?ver=20120206 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:21 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 23 Feb 2017 07:07:41 GMT
ETag: "10075a-397-5492d44d94940"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 404
Connection: close
Content-Type: text/javascript
www.soonwe.com/ad_js/101926_ad.js
180.67.204.123200 OK 592 B URL HTTP/1.1 www.soonwe.com/ad_js/101926_ad.js
IP 180.67.204.123:0
ASN #9318 SK Broadband Co Ltd
File type ASCII text, with CRLF line terminators
Hash 776976a580c4e30e1cfeb4ed98504999
fee6ba79e2bb06ef5be28b1a5b72dc29a2b2f9ee
bf20aaf59b3c738070b89b2c9e1211d18d4efb3f1e48d6a20ba6ee0054c23cdb
GET /ad_js/101926_ad.js HTTP/1.1
Host: www.soonwe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 07:39:39 GMT
Accept-Ranges: bytes
ETag: "6769316ebde5d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 16:49:00 GMT
Content-Length: 592
i1.wp.com/pds.faceutil.com/img/2017/05/09/1494317126.png?resize=200%2C200&ssl=1
192.0.77.2200 OK 61 kB URL HTTP/2 i1.wp.com/pds.faceutil.com/img/2017/05/09/1494317126.png?resize=200%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b770d49b78b4a71e359493a3cc6e99b3
bec520030bfa62ef256d55113361a1d0782f98e9
e0eca8a9005a1bf1ab03bdd187306837835f41cabc779e76fa2e149e816d9327
GET /pds.faceutil.com/img/2017/05/09/1494317126.png?resize=200%2C200&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:22 GMT
content-type: image/webp
content-length: 60698
last-modified: Fri, 25 Nov 2022 03:14:07 GMT
expires: Sun, 24 Nov 2024 15:14:07 GMT
cache-control: public, max-age=63115200
link: <https://pds.faceutil.com/img/2017/05/09/1494317126.png>; rel="canonical"
x-content-type-options: nosniff
etag: "65329d6f5251b5d4"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/pds.faceutil.com/img/2017/04/25/1493112144.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 4.9 kB URL HTTP/2 i1.wp.com/pds.faceutil.com/img/2017/04/25/1493112144.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd357dffdce7b01382771d4fbbad549f
b6b998b85e925bf1d581a3415bd1d37dc0e8a377
c9488133c4e63800150e49d0a7cfd06b12412bf384b5f0d17b9ef1eb28578443
GET /pds.faceutil.com/img/2017/04/25/1493112144.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:22 GMT
content-type: image/webp
content-length: 4882
last-modified: Tue, 22 Nov 2022 15:45:53 GMT
expires: Fri, 22 Nov 2024 03:45:53 GMT
cache-control: public, max-age=63115200
link: <https://pds.faceutil.com/img/2017/04/25/1493112144.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9c0d83ac670bf04d"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/pds.faceutil.com/img/2020/04/21/1587451964.png?resize=200%2C200&ssl=1
192.0.77.2200 OK 22 kB URL HTTP/2 i2.wp.com/pds.faceutil.com/img/2020/04/21/1587451964.png?resize=200%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7f0803d7647885c149c0fb5dc0b4b957
d3567fe991585d01f9f2be4ffc5403b0a91aa9e6
4e3bcdd63875333c64d304ba91649046f657e352f20d408eba2106a933c3cdaa
GET /pds.faceutil.com/img/2020/04/21/1587451964.png?resize=200%2C200&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:22 GMT
content-type: image/webp
content-length: 22390
last-modified: Wed, 02 Nov 2022 18:56:57 GMT
expires: Sat, 02 Nov 2024 06:56:57 GMT
cache-control: public, max-age=63115200
link: <https://pds.faceutil.com/img/2020/04/21/1587451964.png>; rel="canonical"
x-content-type-options: nosniff
etag: "1e72eafedff20472"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/pds.faceutil.com/img/2017/03/23/1490256035.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 6.6 kB URL HTTP/2 i2.wp.com/pds.faceutil.com/img/2017/03/23/1490256035.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c4bc4d99f3c5ee0f0f63772b8776315f
f0621addd59e1fb8139394b1cadb1e2e739c6721
15172e9a63744fe6e0401a0e33cbc87188c2645b110d9e5c7e5889412c4d94a1
GET /pds.faceutil.com/img/2017/03/23/1490256035.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:22 GMT
content-type: image/webp
content-length: 6588
last-modified: Thu, 17 Nov 2022 10:55:20 GMT
expires: Sat, 16 Nov 2024 22:55:20 GMT
cache-control: public, max-age=63115200
link: <https://pds.faceutil.com/img/2017/03/23/1490256035.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ff512cd28e47fc8b"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/pds.faceutil.com/img/2017/03/21/1490102916.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 6.1 kB URL HTTP/2 i2.wp.com/pds.faceutil.com/img/2017/03/21/1490102916.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f82aeadac4ac4d43b9db15b607edc9e0
7c2a78bba9e3e6554136c10d7c6353f7c3b22f3c
d17237836bd8143ad88e22e32fa0af41ed04b47274890c0f7d232bbecd7e4f20
GET /pds.faceutil.com/img/2017/03/21/1490102916.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:22 GMT
content-type: image/webp
content-length: 6084
last-modified: Sat, 12 Nov 2022 07:36:24 GMT
expires: Mon, 11 Nov 2024 19:36:24 GMT
cache-control: public, max-age=63115200
link: <https://pds.faceutil.com/img/2017/03/21/1490102916.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "2d4d7d700258c635"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/pds.faceutil.com/img/2020/03/16/1584340882.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 7.6 kB URL HTTP/2 i2.wp.com/pds.faceutil.com/img/2020/03/16/1584340882.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3fd4a21851d959fa69a133523a655105
13c28a02f18768028d1647389e74dd59010b7eb9
c0dac591681549937ebc50742bc1eaf2f02007e0bedc766409ec45674f4fa7e6
GET /pds.faceutil.com/img/2020/03/16/1584340882.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:22 GMT
content-type: image/webp
content-length: 7566
last-modified: Fri, 18 Nov 2022 16:24:56 GMT
expires: Mon, 18 Nov 2024 04:24:56 GMT
cache-control: public, max-age=63115200
link: <https://pds.faceutil.com/img/2020/03/16/1584340882.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "654c0c50a0c6bb41"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/pds.faceutil.com/img/2020/05/14/1589431508.gif?resize=200%2C200&ssl=1
192.0.77.2200 OK 418 B URL HTTP/2 i0.wp.com/pds.faceutil.com/img/2020/05/14/1589431508.gif?resize=200%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f8396f987045e9f6e16de19b0caccc09
3be227a1f8d8b88d15aee8c31ac01ce40877a403
619f749160129eab4ad2b0d2b9c843d64b2d466fe418fba86c703fa207a6a0e9
GET /pds.faceutil.com/img/2020/05/14/1589431508.gif?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:22 GMT
content-type: image/webp
content-length: 418
last-modified: Thu, 03 Nov 2022 03:20:10 GMT
expires: Sat, 02 Nov 2024 15:20:10 GMT
cache-control: public, max-age=63115200
link: <https://pds.faceutil.com/img/2020/05/14/1589431508.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "3c9dcc009ebdd341"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/pds.faceutil.com/img/2020/07/10/1594371152.png?resize=200%2C200&ssl=1
192.0.77.2200 OK 1.3 kB URL HTTP/2 i2.wp.com/pds.faceutil.com/img/2020/07/10/1594371152.png?resize=200%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6c3a19477e87c896a06176424e8c1664
14c4c8e45e339e482d5a553df899d810d0e31587
4ebd93aa54a8266d13c35d56f5878030fbfb8daeb8dc33db3f13cb55a31360fd
GET /pds.faceutil.com/img/2020/07/10/1594371152.png?resize=200%2C200&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:22 GMT
content-type: image/webp
content-length: 1332
last-modified: Fri, 25 Nov 2022 03:14:03 GMT
expires: Sun, 24 Nov 2024 15:14:03 GMT
cache-control: public, max-age=63115200
link: <https://pds.faceutil.com/img/2020/07/10/1594371152.png>; rel="canonical"
x-content-type-options: nosniff
etag: "6685fbb698e97ed4"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/blog.faceutil.com/images/file.gif?resize=200%2C200&ssl=1
192.0.77.2200 OK 370 B URL HTTP/2 i2.wp.com/blog.faceutil.com/images/file.gif?resize=200%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 813bf7c45a5c8ee166532f0b79d91349
0124e9f9a7b9832b1c599d56acc4cac274f714fb
59e3c5a4bfb149f6b90cb09daa51537b6e31c83c277f67c5f4ac0421285afc36
GET /blog.faceutil.com/images/file.gif?resize=200%2C200&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:22 GMT
content-type: image/webp
content-length: 370
last-modified: Thu, 17 Nov 2022 10:55:20 GMT
expires: Sat, 16 Nov 2024 22:55:20 GMT
cache-control: public, max-age=63115200
link: <https://blog.faceutil.com/images/file.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "73f6316da8e0268a"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/pds.faceutil.com/img/2017/04/24/1493009388.png?resize=200%2C200&ssl=1
192.0.77.2200 OK 30 kB URL HTTP/2 i0.wp.com/pds.faceutil.com/img/2017/04/24/1493009388.png?resize=200%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c28bbb961d1adf3b7dfaf4f0d94e5c89
fc6aa2e31cadc86b2629d4859cbf103dd82fe6b3
04db06af027e621f4c3d6917c6910e28b37e26a5373555e91240596eff158007
GET /pds.faceutil.com/img/2017/04/24/1493009388.png?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:22 GMT
content-type: image/webp
content-length: 29966
last-modified: Fri, 25 Nov 2022 03:14:04 GMT
expires: Sun, 24 Nov 2024 15:14:04 GMT
cache-control: public, max-age=63115200
link: <https://pds.faceutil.com/img/2017/04/24/1493009388.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a2451278346eaf3d"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/merriweathersans/v22/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
216.58.207.195200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/merriweathersans/v22/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35520, version 1.0\012- data
Hash 51c700f108bd3a8639d845abc5a02462
6d467d623871d39830bca94bc9130d61059c35f3
e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58
GET /s/merriweathersans/v22/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blog.faceutil.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35520
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 15:28:42 GMT
expires: Sat, 25 Nov 2023 15:28:42 GMT
cache-control: public, max-age=31536000
age: 4840
last-modified: Mon, 11 Jul 2022 19:03:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21048, version 1.0\012- data
Hash 22c793ce2678cfa2f8c88b123af3bd95
81ac3d0faa06b9dae82faf2f608fa0a329ca1a5a
0c018fe9d09945d93f6f5aa5f1c53a2975621c3043a22344eaf86d6500c245c6
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blog.faceutil.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:57:50 GMT
expires: Thu, 23 Nov 2023 18:57:50 GMT
cache-control: public, max-age=31536000
age: 165092
last-modified: Mon, 15 Aug 2022 18:13:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blog.faceutil.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 126391
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blog.faceutil.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 19:07:15 GMT
expires: Tue, 21 Nov 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 337327
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blog.faceutil.com/wp-content/plugins/jetpack/_inc/facebook-embed.js
211.233.33.250200 OK 446 B URL HTTP/1.1 blog.faceutil.com/wp-content/plugins/jetpack/_inc/facebook-embed.js
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
Hash ad943d4b2e744f22ccc1d4b7e9805c54
267c32877bf9e58fba19625a8c5aee3e7dccdc96
3af899d7a4532f0cf738724b2b4ecb9368d7cec9380993ca6b39cbe4b975be53
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/_inc/facebook-embed.js HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:22 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 06 Mar 2017 06:03:18 GMT
ETag: "10055f-328-54a09a6d9b580"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 446
Connection: close
Content-Type: text/javascript
img.mobon.net/js/common/HawkEyesMaker.js
14.0.113.209200 OK 101 kB URL HTTP/1.1 img.mobon.net/js/common/HawkEyesMaker.js
IP 14.0.113.209:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 101 kB (101002 bytes)
Hash 3d018aa70b1e54a34e228d24e93cbb92
4eddafa98a083d27fe16d74da703b4f06391d769
7cd8f9bb7da936d9afcf4b7fd9679bc44c3215169d15a636446929ded9b4c1fc
GET /js/common/HawkEyesMaker.js HTTP/1.1
Host: img.mobon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:22 GMT
Content-Type: text/javascript
Content-Length: 101002
Connection: keep-alive
Server: PWS/8.3.1.0.8
Last-Modified: Thu, 21 Jul 2022 05:31:18 GMT
ETag: "f42ab2-18a8a-5e44a06ed039c"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Age: 39650
Via: 1.1 PShgseSEL5ii162:3 (W), 1.1 PShgseSEL4wb142:7 (W)
X-Px: ht PShgseSEL4wb142GMP
X-Ws-Request-Id: 6380f212_PShgseSEL4wb142_29515-9929
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8cea770d1468bf728379a96b09705e35
c2f6473c7c5a03a1b83cf566def5a92e44f7ad3a
5c4c11b78ee2c3114e6a1fd6ad89e83d1e06d273f8d541ca8a4761efc85d5224
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5029
Cache-Control: max-age=143258
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:23 GMT
Etag: "63806b08-1d7"
Expires: Sun, 27 Nov 2022 08:37:01 GMT
Last-Modified: Fri, 25 Nov 2022 07:13:12 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
blog.faceutil.com/wp-content/plugins/jetpack/_inc/twitter-timeline.js?ver=4.0.0
211.233.33.250200 OK 260 B URL HTTP/1.1 blog.faceutil.com/wp-content/plugins/jetpack/_inc/twitter-timeline.js?ver=4.0.0
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
Hash 63cdc5aedadbc565eeb7e53f076c259a
16a7714b0441ca4eb260d4153d1bae0481d928e2
dc2cb5e406eec1fd4bc0dadc63f3e74cbd90257475d6f8b20ce200c036d5ce9b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/_inc/twitter-timeline.js?ver=4.0.0 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:22 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 06 Mar 2017 06:03:18 GMT
ETag: "10055e-157-54a09a6d9b580"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 260
Connection: close
Content-Type: text/javascript
blog.faceutil.com/wp-includes/js/wp-embed.min.js?ver=4.7.2
211.233.33.250200 OK 751 B URL HTTP/1.1 blog.faceutil.com/wp-includes/js/wp-embed.min.js?ver=4.7.2
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (1398), with no line terminators
Hash 7542039ce963ffd18ad4fb7be13bd2be
8385e433e8e65739fc27b6bd16b1a7ae71b11084
a70bca1336a4ac7592ce631cbb22c9ebb01d60461d221ac7a46f91a4ccfd1255
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=4.7.2 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:22 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 23 Nov 2016 13:38:33 GMT
ETag: "e144b-576-541f8014be840"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 751
Connection: close
Content-Type: text/javascript
blog.faceutil.com/wp-content/plugins/jetpack/_inc/jquery.spin.js?ver=1.3
211.233.33.250200 OK 1.2 kB URL HTTP/1.1 blog.faceutil.com/wp-content/plugins/jetpack/_inc/jquery.spin.js?ver=1.3
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
Hash ea8e88c6a70d40551fed82a9a026ae32
70b78afd236ad9ef06459c9c9f58f414c40fd6e3
d3e5ac1299380977ea0a9e0affce0a689a7633ea8a92d2b4bfa3c583fa8fb3d4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/_inc/jquery.spin.js?ver=1.3 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:22 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 06 Mar 2017 06:03:18 GMT
ETag: "100510-d02-54a09a6d9b580"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1156
Connection: close
Content-Type: text/javascript
blog.faceutil.com/wp-content/plugins/jetpack/_inc/spin.js?ver=1.3
211.233.33.250200 OK 3.8 kB URL HTTP/1.1 blog.faceutil.com/wp-content/plugins/jetpack/_inc/spin.js?ver=1.3
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
Hash fbffaa6dcda4e19a7ac5cf067191b4c3
25333714fe3bac0bd608fbd6e4921e94d4dfd07f
fb31d5b515aa7e48c7c5a70a067d6dca25a050c5390e936055b5e18fa146bf21
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/_inc/spin.js?ver=1.3 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:22 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 06 Mar 2017 06:03:18 GMT
ETag: "10053a-27d5-54a09a6d9b580"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3808
Connection: close
Content-Type: text/javascript
blog.faceutil.com/wp-content/plugins/jetpack/modules/carousel/jetpack-carousel.js?ver=20160325
211.233.33.250200 OK 14 kB URL HTTP/1.1 blog.faceutil.com/wp-content/plugins/jetpack/modules/carousel/jetpack-carousel.js?ver=20160325
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
Hash 42043a55ad6ed5ddbc43f5e97d4d3fee
1fdb4e79f6b823229849bf373debde3208122d80
e8bfffab5c235af4e678aabcc6ddd58bf3a7c73b53f88f8e2f47a08ae66e6f2b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/modules/carousel/jetpack-carousel.js?ver=20160325 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:22 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 06 Mar 2017 06:03:18 GMT
ETag: "100222-cf6a-54a09a6d9b580"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14235
Connection: close
Content-Type: text/javascript
region1.google-analytics.com/g/collect?v=2&tid=G-KE6875C4VY>m=2oeb90&_p=1734183135&cid=1015836717.1669394963&ul=en-us&sr=1280x1024&_s=1&sid=1669394962&sct=1&seg=0&dl=https%3A%2F%2Fblog.faceutil.com%2F&dt=%ED%8E%98%EC%9D%B4%EC%8A%A4%EC%9C%A0%ED%8B%B8%20%7C%20%EB%AC%B4%EB%A3%8C%EA%B2%8C%EC%9E%84%20%EC%86%8C%ED%94%84%ED%8A%B8%EC%9B%A8%EC%96%B4%20%EB%8B%A4%EC%9A%B4%EB%A1%9C%EB%93%9C&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-KE6875C4VY>m=2oeb90&_p=1734183135&cid=1015836717.1669394963&ul=en-us&sr=1280x1024&_s=1&sid=1669394962&sct=1&seg=0&dl=https%3A%2F%2Fblog.faceutil.com%2F&dt=%ED%8E%98%EC%9D%B4%EC%8A%A4%EC%9C%A0%ED%8B%B8%20%7C%20%EB%AC%B4%EB%A3%8C%EA%B2%8C%EC%9E%84%20%EC%86%8C%ED%94%84%ED%8A%B8%EC%9B%A8%EC%96%B4%20%EB%8B%A4%EC%9A%B4%EB%A1%9C%EB%93%9C&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-KE6875C4VY>m=2oeb90&_p=1734183135&cid=1015836717.1669394963&ul=en-us&sr=1280x1024&_s=1&sid=1669394962&sct=1&seg=0&dl=https%3A%2F%2Fblog.faceutil.com%2F&dt=%ED%8E%98%EC%9D%B4%EC%8A%A4%EC%9C%A0%ED%8B%B8%20%7C%20%EB%AC%B4%EB%A3%8C%EA%B2%8C%EC%9E%84%20%EC%86%8C%ED%94%84%ED%8A%B8%EC%9B%A8%EC%96%B4%20%EB%8B%A4%EC%9A%B4%EB%A1%9C%EB%93%9C&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blog.faceutil.com
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://blog.faceutil.com
date: Fri, 25 Nov 2022 16:49:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blog.faceutil.com/wp-content/plugins/jetpack/images/rss/orange-large.png
211.233.33.250200 OK 2.5 kB URL HTTP/1.1 blog.faceutil.com/wp-content/plugins/jetpack/images/rss/orange-large.png
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 444af470b2d36623da32551fb16a1647
95394c083c0fb42783624e3e9f077e3e0399da08
aca3978b854d733c9e09e0a8bcbf22a47af0ad1ecab4fbb09520b18a8f9316da
GET /wp-content/plugins/jetpack/images/rss/orange-large.png HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:23 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 06 Mar 2017 06:03:18 GMT
ETag: "1000ca-9bf-54a09a6d9b580"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2518
Connection: close
Content-Type: image/png
pixel.wp.com/g.gif?v=ext&j=1%3A4.6&blog=125196822&post=0&tz=9&srv=blog.faceutil.com&host=blog.faceutil.com&ref=&fcp=6017&rand=0.10568654610216965
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A4.6&blog=125196822&post=0&tz=9&srv=blog.faceutil.com&host=blog.faceutil.com&ref=&fcp=6017&rand=0.10568654610216965
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A4.6&blog=125196822&post=0&tz=9&srv=blog.faceutil.com&host=blog.faceutil.com&ref=&fcp=6017&rand=0.10568654610216965 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:23 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
wcs.naver.com/m?u=https%3A%2F%2Fblog.faceutil.com%2F&e=&wa=4f674946a5e760&bt=-1&os=Linux%20x86_64&ln=en-US&sr=1280x1024&bw=1280&bh=939&c=24&j=N&jv=1.8&k=Y&ct=&cs=UTF-8&tl=%25ED%258E%2598%25EC%259D%25B4%25EC%258A%25A4%25EC%259C%25A0%25ED%258B%25B8%2520%257C%2520%25EB%25AC%25B4%25EB%25A3%258C%25EA%25B2%258C%25EC%259E%2584%2520%25EC%2586%258C%25ED%2594%2584%25ED%258A%25B8%25EC%259B%25A8%25EC%2596%25B4%2520%25EB%258B%25A4%25EC%259A%25B4%25EB%25A1%259C%25EB%2593%259C&vs=0.8.6&nt=1669394962212&EOU
110.93.147.30200 OK 43 B URL HTTP/2 wcs.naver.com/m?u=https%3A%2F%2Fblog.faceutil.com%2F&e=&wa=4f674946a5e760&bt=-1&os=Linux%20x86_64&ln=en-US&sr=1280x1024&bw=1280&bh=939&c=24&j=N&jv=1.8&k=Y&ct=&cs=UTF-8&tl=%25ED%258E%2598%25EC%259D%25B4%25EC%258A%25A4%25EC%259C%25A0%25ED%258B%25B8%2520%257C%2520%25EB%25AC%25B4%25EB%25A3%258C%25EA%25B2%258C%25EC%259E%2584%2520%25EC%2586%258C%25ED%2594%2584%25ED%258A%25B8%25EC%259B%25A8%25EC%2596%25B4%2520%25EB%258B%25A4%25EC%259A%25B4%25EB%25A1%259C%25EB%2593%259C&vs=0.8.6&nt=1669394962212&EOU
IP 110.93.147.30:0
ASN #23576 NAVER Cloud Corp.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /m?u=https%3A%2F%2Fblog.faceutil.com%2F&e=&wa=4f674946a5e760&bt=-1&os=Linux%20x86_64&ln=en-US&sr=1280x1024&bw=1280&bh=939&c=24&j=N&jv=1.8&k=Y&ct=&cs=UTF-8&tl=%25ED%258E%2598%25EC%259D%25B4%25EC%258A%25A4%25EC%259C%25A0%25ED%258B%25B8%2520%257C%2520%25EB%25AC%25B4%25EB%25A3%258C%25EA%25B2%258C%25EC%259E%2584%2520%25EC%2586%258C%25ED%2594%2584%25ED%258A%25B8%25EC%259B%25A8%25EC%2596%25B4%2520%25EB%258B%25A4%25EC%259A%25B4%25EB%25A1%259C%25EB%2593%259C&vs=0.8.6&nt=1669394962212&EOU HTTP/1.1
Host: wcs.naver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 16:49:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: NWB=f696b4c1873ea08b592fee67d53262b4.1669394963884; Expires=Wed, 24-Nov-27 16:49:23 GMT; Domain=wcs.naver.com; Path=/; Secure; SameSite=None
NWB_LEGACY=f696b4c1873ea08b592fee67d53262b4.1669394963884; Expires=Wed, 24-Nov-27 16:49:23 GMT; Domain=wcs.naver.com; Path=/
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
server: wcs
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Tue, 01 Jan 1980 09:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b2d050163f2471843e5078124f8ca400
96276dd2f7d1f520fc3eef3ff759bb1dfa07f473
bbda824d68a81d6e202d5519498ca0e4d154e34f923f5c56e4168f0d420a33d6
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 958
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:24 GMT
Last-Modified: Fri, 25 Nov 2022 16:33:26 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.mediacategory.com/script/common/media/629392
119.205.238.29200 355 B URL HTTP/1.1 www.mediacategory.com/script/common/media/629392
IP 119.205.238.29:0
Hash 0ef8f84307f31e9fe326501054cd563a
ddfea4ff0ab16cc35bf95c939ca8ac62594cbf06
d9abdb05937346a63be7736643370f29453ed29cfeea08f654d2e4d349688fc9
GET /script/common/media/629392 HTTP/1.1
Host: www.mediacategory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Set-Cookie: Start_Time=2022112601; Domain=.mediacategory.com; Expires=Sun, 24-Nov-2024 16:49:24 GMT; Path=/
IP_info=91.90.42.154.9176633; Domain=.mediacategory.com; Expires=Sun, 24-Nov-2024 16:49:24 GMT; Path=/
Content-Type: text/javascript
Content-Length: 355
Date: Fri, 25 Nov 2022 16:49:23 GMT
Keep-Alive: timeout=5
Connection: keep-alive
blog.faceutil.com/wp-content/themes/education-hub/third-party/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
211.233.33.250200 OK 77 kB URL HTTP/1.1 blog.faceutil.com/wp-content/themes/education-hub/third-party/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/education-hub/third-party/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://blog.faceutil.com/wp-content/themes/education-hub/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3; wcs_bt=4f674946a5e760:1669394962
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:23 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 23 Feb 2017 07:07:41 GMT
ETag: "100769-12d68-5492d44d94940"
Accept-Ranges: bytes
Content-Length: 77160
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=euckr
www.mediacategory.com/servlet/iadbn?from=&location=https%3A//blog.faceutil.com/&s=629392&psb=99
119.205.238.29200 1.9 kB URL HTTP/1.1 www.mediacategory.com/servlet/iadbn?from=&location=https%3A//blog.faceutil.com/&s=629392&psb=99
IP 119.205.238.29:0
File type HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (419)
Hash b39860e046f6fb5f73eca7214e725e3b
8e95212ace3b26b4bc7f18d4ad68f210b24643f4
23063330428abd49b0f176a72d7be1096ecbb7d77cf8a4ecc17d6b4a9a265a26
GET /servlet/iadbn?from=&location=https%3A//blog.faceutil.com/&s=629392&psb=99 HTTP/1.1
Host: www.mediacategory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Set-Cookie: Start_Time=2022112601; Domain=.mediacategory.com; Expires=Sun, 24-Nov-2024 16:49:24 GMT; Path=/
IP_info=91.90.42.154.5996084; Domain=.mediacategory.com; Expires=Sun, 24-Nov-2024 16:49:24 GMT; Path=/
au_id=e25556a93eb02ca9507c60f6184afabbb6c-16a; Domain=.mediacategory.com; Expires=Sun, 24-Nov-2024 16:49:24 GMT; Path=/
Pragma: no-cache
Cache-Control: no-cache
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Date: Fri, 25 Nov 2022 16:49:24 GMT
Keep-Alive: timeout=5
Connection: keep-alive
www.mediacategory.com/servlet/adbnMobileBanner?from=&s=598131&types=ico_m&bCover=true
119.205.238.29200 2.2 kB URL HTTP/1.1 www.mediacategory.com/servlet/adbnMobileBanner?from=&s=598131&types=ico_m&bCover=true
IP 119.205.238.29:0
File type ISO-8859 text, with very long lines (417)
Hash 3ae4d5c1f569bc462c42f5c3a315f724
d8d63b691ce57d54ddcb2f556ea6cc793a91c729
18408f51ea9edf654c67c7968ee5ad4434dee01713a7f819df86c0ad673ac1f5
GET /servlet/adbnMobileBanner?from=&s=598131&types=ico_m&bCover=true HTTP/1.1
Host: www.mediacategory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Set-Cookie: Start_Time=2022112601; Domain=.mediacategory.com; Expires=Sun, 24-Nov-2024 16:49:24 GMT; Path=/
IP_info=91.90.42.154.2335987; Domain=.mediacategory.com; Expires=Sun, 24-Nov-2024 16:49:24 GMT; Path=/
au_id=7d3b24844fa668de1e248d0c184afacbc3c-12ef; Domain=.mediacategory.com; Expires=Sun, 24-Nov-2024 16:49:24 GMT; Path=/
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/html;charset=euc-kr
Transfer-Encoding: chunked
Date: Fri, 25 Nov 2022 16:49:24 GMT
Keep-Alive: timeout=5
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 16:41:08 GMT
expires: Fri, 25 Nov 2022 18:41:08 GMT
cache-control: public, max-age=7200
age: 496
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4014b3f4adf5c5373118894c244afb12
1198e79d0e1e14408e3c0084a3f479122020a723
affc5983ee364e0310c082b225a90cff4ba2d01b68d2cdaf6b5ecbe780cad66d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2883
Cache-Control: max-age=133511
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:24 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 05:54:35 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
platform.twitter.com/widgets.js
192.229.233.25200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 383
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:24 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2a03384abe9f9728677b1f7b876b4694
41c1c401e79ac5b6edc6fc3cce8b4d085c565ac1
744b3562ef1851ca3c0413020ef5c40e71af514e6ff8da065f6ea9f846e70717
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.gravatar.com/dist/css/hovercard.min.css?ver=2022Novaa
192.0.73.2200 OK 23 kB URL HTTP/2 secure.gravatar.com/dist/css/hovercard.min.css?ver=2022Novaa
IP 192.0.73.2:0
File type ASCII text, with very long lines (7814), with no line terminators
Hash 18b9d7954386b6d6ec32db72d1ef2c38
fabeae4cdd36f92f388ae1b6820983dc2df9b649
c2751c6549ef39ea02a8408d114ccf2c0217289be3c882d920ea89865ef679c2
GET /dist/css/hovercard.min.css?ver=2022Novaa HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:24 GMT
content-type: text/css
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
etag: W/"5fac09d6-1e86"
content-encoding: br
expires: Fri, 02 Dec 2022 16:49:24 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fblog.faceutil.com
192.229.233.25200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fblog.faceutil.com
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fblog.faceutil.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1967311
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:24 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
connect.facebook.net/ko_KR/sdk.js?_=1669394962201
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/ko_KR/sdk.js?_=1669394962201
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash d2f2fff03061c9294bc0cbe6cee0fdf1
b9b3f3abf0d306522e86c8b1f0cbc8982ba4e4c0
634141bd70a5a30bd03826b5f176b28ceada5bdd84b25617fa0ac4b4c41d8f2d
GET /ko_KR/sdk.js?_=1669394962201 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 91cd5c21bf41501de7f43ceaaf651051
etag: "0e9d1662bbeab546c48d5ff7de4887d4"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 25 Nov 2022 17:09:24 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 0vL/8DBhySlLwMvmzuD98Q==
x-fb-debug: 3egrRhLBYSTf0fO8tVgl52lJoxNkWIT8bWtflkbecjgAneCFs0rA9knYW9LynLXTfU48JhwvxYz2cTP4K7HO1g==
content-length: 1687
priority: u=3,i
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:49:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=person/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 43 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=person/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash ca77cda252e41fda3aa101b1f0508d4e
7413cb30ee560cddd012d63b4e43bfffa0dbf956
519f568426907af9f0e220f481b8ed21f6cfe37d640985cd4db81850c532f175
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=person/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 43295
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 16:42:23 GMT
expires: Wed, 22 Nov 2023 16:42:23 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 259621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/u/0/_/widget/render/person?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F116698397072408224308&layout=portrait&theme=light&showcoverphoto=true&showtagline=true&width=220&origin=https%3A%2F%2Fblog.faceutil.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
142.250.74.174301 Moved Permanently 226 B URL HTTP/2 apis.google.com/u/0/_/widget/render/person?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F116698397072408224308&layout=portrait&theme=light&showcoverphoto=true&showtagline=true&width=220&origin=https%3A%2F%2Fblog.faceutil.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4df07581948280a6e769a24c5d99d775
843a2c95362347eb8894a6acb607f139be65ded4
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73
GET /u/0/_/widget/render/person?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F116698397072408224308&layout=portrait&theme=light&showcoverphoto=true&showtagline=true&width=220&origin=https%3A%2F%2Fblog.faceutil.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: sffe
content-length: 226
x-xss-protection: 0
date: Fri, 25 Nov 2022 16:49:20 GMT
expires: Fri, 25 Nov 2022 17:19:20 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4014b3f4adf5c5373118894c244afb12
1198e79d0e1e14408e3c0084a3f479122020a723
affc5983ee364e0310c082b225a90cff4ba2d01b68d2cdaf6b5ecbe780cad66d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2884
Cache-Control: max-age=133511
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 05:54:36 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
blog.faceutil.com/wp-content/uploads/2017/02/faceutil_ico-150x150.png
211.233.33.250200 OK 6.6 kB URL HTTP/1.1 blog.faceutil.com/wp-content/uploads/2017/02/faceutil_ico-150x150.png
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c7baa215b6c3bbcfb06f030e4a1ffb4
43e33aa48580d080cfa722c71dbe16a954c9fead
3ac028eeedf46223b4f950731aff68925a7b974a42d0bcbd8aa33d44edacf7ee
GET /wp-content/uploads/2017/02/faceutil_ico-150x150.png HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3; wcs_bt=4f674946a5e760:1669394962; _ga_KE6875C4VY=GS1.1.1669394962.1.0.1669394962.0.0.0; _ga=GA1.1.1015836717.1669394963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:24 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 23 Feb 2017 08:15:55 GMT
ETag: "e1967-1988-5492e38dec4c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6559
Connection: close
Content-Type: image/png
blog.faceutil.com/wp-content/uploads/2017/02/faceutil_ico.png
211.233.33.250200 OK 5.2 kB URL HTTP/1.1 blog.faceutil.com/wp-content/uploads/2017/02/faceutil_ico.png
IP 211.233.33.250:0
ASN #3786 LG DACOM Corporation
File type PNG image data, 200 x 201, 8-bit/color RGBA, non-interlaced\012- data
Hash 2dc862fb2f365aca978da4e3bd414995
8271baeed9617f03e3174552b52c12219b71bb80
f361471600aa897e2af7a70b4f525d55d65a323854543f4db1b8119cfedf7122
GET /wp-content/uploads/2017/02/faceutil_ico.png HTTP/1.1
Host: blog.faceutil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Cookie: PHPSESSID=7ggkqk1k81fr5hkjqvt8i80rh3; wcs_bt=4f674946a5e760:1669394962; _ga_KE6875C4VY=GS1.1.1669394962.1.0.1669394962.0.0.0; _ga=GA1.1.1015836717.1669394963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:24 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 23 Feb 2017 08:15:54 GMT
ETag: "e195b-1454-5492e38cf8280"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5227
Connection: close
Content-Type: image/png
connect.facebook.net/ko_KR/sdk.js?hash=117fd90c01c498d15dfc099808d4bcfb
157.240.200.14200 OK 88 kB URL HTTP/2 connect.facebook.net/ko_KR/sdk.js?hash=117fd90c01c498d15dfc099808d4bcfb
IP 157.240.200.14:0
File type ASCII text, with very long lines (18530)
Hash 328239b1569c89f91b7e990c385262e6
77ca5fd98fab5ad6bcd821be3011c424ced95c10
2a1bb82a358a4e078bf2ba46f14433f101fc48bfcb10a7278c60ca97cb829527
GET /ko_KR/sdk.js?hash=117fd90c01c498d15dfc099808d4bcfb HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blog.faceutil.com
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 04723a4d3c84b8a7e6c1a1dae6b84ff1
etag: "11ac425613044d17389ca58985f254d8"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 25 Nov 2023 14:20:39 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: MoI5sVacifkbfpkMOFJi5g==
x-fb-debug: GCxC85T6ms/cJYMLMAefpNBmfmd0fJoh+6JEMh9bBXOf8hyZAS9iflX8004KYkXE/781XHGgTO/j4T6yuArXJQ==
priority: u=3,i
content-length: 88532
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:49:25 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 735c9d7f22925c5ab8aefbb8af96afb5
cd3e0452bcf4efb8a250cad5d8245b8744e486f6
edcb8cc42b114a2990957b054a6a5c71e7262f01090273d034d55006a016c53a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3847
Cache-Control: max-age=134468
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "63804d52-138"
Expires: Sun, 27 Nov 2022 06:10:33 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e61028bc752671cea11924bc1a42a422
b2555d630c063dda53f0e5a84324759e42b48352
23c45f9941b1a476fe0cd4650c9ea13a22e05e5640025e380b13faa4997109ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.mobon.net/js/jquery-1.6.2.min.js
14.0.113.209200 OK 92 kB URL HTTP/1.1 img.mobon.net/js/jquery-1.6.2.min.js
IP 14.0.113.209:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32764)
Hash a1a8cb16a060f6280a767187fd22e037
7622c9ac2335be6dcd3ab8b47132e94089cef931
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
GET /js/jquery-1.6.2.min.js HTTP/1.1
Host: img.mobon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediacategory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:24 GMT
Content-Type: text/javascript
Content-Length: 91556
Connection: keep-alive
Server: PWS/8.3.1.0.8
Last-Modified: Thu, 05 May 2016 06:31:46 GMT
ETag: "f021d0-165a4-532127f0e5880"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 45896
Via: 1.1 PShgseSEL7vn105:10 (W), 1.1 PShgseSEL4vx139:13 (W)
X-Px: ht PShgseSEL4vx139GMP
X-Ws-Request-Id: 6380f214_PShgseSEL4wb142_29515-9963
Cache-Control: max-age=86400
syndication.twitter.com/settings?session_id=caa324574d3f05e97824079058858a46f604d751
104.244.42.136200 OK 374 B URL HTTP/2 syndication.twitter.com/settings?session_id=caa324574d3f05e97824079058858a46f604d751
IP 104.244.42.136:0
File type JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Hash 925c2a7587f39436ea29513221652474
695b7f2f3d99f407bcdfd0b372db0e28193cc60c
62e36e14e5c219119cb51c3cdf43a2005512a1bd6ebf2d68d0c610a2e6e3ef0f
GET /settings?session_id=caa324574d3f05e97824079058858a46f604d751 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 16:49:24 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Fri, 25 Nov 2022 16:49:25 GMT
content-length: 374
content-encoding: gzip
x-transaction-id: 65fb6d799c563f59
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 103
x-connection-hash: 3236af642a44fca837643be9adf53ed76b4ba25d0a6f5ae89946cd2ce17d1301
X-Firefox-Spdy: h2
platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
192.229.233.25200 OK 3.0 kB URL HTTP/1.1 platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (8274), with no line terminators
Hash 9dcf6c8cba8fe3e8cb99b94ee63af2d5
ec132eb470954fdf2ff629d8344942b47ce4a5d1
2783e866faf68e4f6bc1775136ac1fa7b05d4adc7522f350763eb09a0e91b80d
GET /js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1967312
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "be517337a860b30e72096680d8dde0eb+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2977
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fblog.faceutil.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
216.58.207.237200 OK 4.7 kB URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fblog.faceutil.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2267)
Hash 6882d813bf7edf67b0241f055f31205e
a92e9f1e0114aa7eded06070f3ba5fb36fdc6787
6daae501cb37e3b6ba28551b326dc4eed4cc06950b03c6e4a2d95e2dd5c9947c
GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fblog.faceutil.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 16:49:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-c4lMIclA6sqqQjnaPwFfvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.mobon.net/newAd/js/jquery-1.9.1.min.js
14.0.113.209200 OK 112 kB URL HTTP/1.1 img.mobon.net/newAd/js/jquery-1.9.1.min.js
IP 14.0.113.209:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (38285)
Size 112 kB (111552 bytes)
Hash 40c3ba029e2186c188414067ddcb85a5
91804d2c8d596fe5826b125a7e6d2f83855747ce
88460181df47931862c8c62935fb54eb25ca68a121cad7b1b12d3cd9f3b9d1d7
GET /newAd/js/jquery-1.9.1.min.js HTTP/1.1
Host: img.mobon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediacategory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:24 GMT
Content-Type: text/javascript
Content-Length: 111552
Connection: keep-alive
Server: PWS/8.3.1.0.8
Last-Modified: Tue, 14 Aug 2018 01:15:32 GMT
ETag: "1001139-1b3c0-5735af24c9f29"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 45968
Via: 1.1 PShgseSEL5pk161:0 (W), 1.1 PShgseSEL4vx139:3 (W)
X-Px: ht PShgseSEL4vx139GMP
X-Ws-Request-Id: 6380f214_PShgseSEL4wb142_30324-34687
Cache-Control: max-age=86400
syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669394964726%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=caa324574d3f05e97824079058858a46f604d751
104.244.42.136200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669394964726%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=caa324574d3f05e97824079058858a46f604d751
IP 104.244.42.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669394964726%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=caa324574d3f05e97824079058858a46f604d751 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 16:49:24 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 25 Nov 2022 16:49:25 GMT
content-length: 43
x-transaction-id: e59afa3d9286c7c9
strict-transport-security: max-age=631138519
x-response-time: 106
x-connection-hash: 3236af642a44fca837643be9adf53ed76b4ba25d0a6f5ae89946cd2ce17d1301
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/oJI2v4nsT1A.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/oJI2v4nsT1A.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4431)
Hash 1edd6626ecc1fe1c708fe86319f5bc22
dd58cc72446f8658aac8f9c46075874d5df96b6a
afb2ce31a60811eac42759964232e5b0f6d23463b318c21677bff49f1ef71b9c
GET /rsrc.php/v3/yp/l/0,cross/oJI2v4nsT1A.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 24 Nov 2023 18:45:23 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Ht1mJuzB/hxwj+hjGfW8Ig==
x-fb-debug: Ne8hjCb1Wi8nV30MsIucv1btJPTzvPzf0BPF4YklJfmkDr6VcEK7+MJSceq5ShE19wiwjTayjaDbWg2TZp11QA==
priority: u=2
content-length: 5146
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:49:25 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 830 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (724)
Hash d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d
GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 18 Nov 2023 18:24:38 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: Kj7wDR4ZUhOCqpydHIir3jrZeY0lgM+7J9w/C7ydajKnbRQOLDivzqfww/dDUDhdoi+4Uz0SpoApq3vwuwWS0A==
content-length: 830
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:49:25 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 966255e8eae5f73b5fe45aab88646f99
57eadbf09ae6a8170cdfe3b0691b908f49e2c08d
a99ecadf4c294cebf0c392ea036f508443cb471c44773cc5ea0212ab86074cbe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3221
Cache-Control: max-age=134593
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "63805041-1d7"
Expires: Sun, 27 Nov 2022 06:12:38 GMT
Last-Modified: Fri, 25 Nov 2022 05:18:57 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (18622)
Hash 151e87d38f4f425e44d9c851c9aecf05
762111e5095f5354be95b98ad476f6e7161ce6b1
f236f289f38c8081b496e0537ed3b2c66822e7a743f5d9d4959f955c64b0b2b0
GET /rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 17 Nov 2023 16:54:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FR6H049PQl5E2chRya7PBQ==
x-fb-debug: XKYCuFqqNH0kZrgnBK9d939R6pWs+fcIzk26id8p6lRkOvr6n2vQtYYz0yMcJoZ8xMvN0Ztyy0Cqwk+0Rwgf4Q==
content-length: 91088
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:49:25 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 06:07:00 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: bP7Hn62kFAjWr7jSa5xbIHjvtrymCc5+/BWiU8jmZWvoE9UNywvxV+fazhrnkAfvO75toNN1+8hqwJRQpK4bpw==
content-length: 1657
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:49:25 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5542)
Hash 0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 03:18:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: m+BQtPjWNbih3NkPDP8aeJSIVnefnV7FgVfmHv1ottnMxuFQ7O9P70HznPCRDJbEWaZVpMfMOPytg5/OtxyEfQ==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:49:25 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (8741)
Hash dfb29285817fca7b068ba0ec98aa2392
78cd49585da28a245a096781c8e0fada59cf2b72
2c4a3a46d7dfaf97bbc16a2b93470d1b3382c0da3f44dca0c987a3384cee43d3
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 06:07:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 37KShYF/ynsGi6DsmKojkg==
x-fb-debug: W8oNQ20RRci19DZRKo9uDRApdh+0a2rAY6qTH85H4Hi9P5kV6tLh8k37VYg3Sb5ZwVDl6wz3D24n8ZMMRcEPrQ==
content-length: 16262
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:49:25 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3i2w-4/yy/l/ko_KR/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3i2w-4/yy/l/ko_KR/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (42499)
Hash fb24fca1bc6fd8f3743b985fb941449f
e383fbe258fc0dc39fadf400b79425472687c428
881c213110887795191e5e3c205cde329503491de58018de13036362b57b83f2
GET /rsrc.php/v3i2w-4/yy/l/ko_KR/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 06:25:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: +yT8obxv2PN0O5hfuUFEnw==
x-fb-debug: I00fQbX/8vJtNdHP1Csn3uKOjUETAGv94eHtbmQfrWBTbxTSY5POzaRpF7hIKx0lrAVb76wp/ulA5fUYLM+6Sg==
priority: u=3,i
content-length: 23609
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:49:25 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.mobon.net/js/mobonStorage.js
14.0.113.209200 OK 508 B URL HTTP/1.1 img.mobon.net/js/mobonStorage.js
IP 14.0.113.209:0
File type ASCII text, with CRLF line terminators
Hash b6bf937a9fb3c1ea2105fe81f4a69753
e9dd1cf9c45820f68d202876fbdef1fa2c26ccd0
6cfdeb9af1badf5af62f77edb7c808ae8c86d9db16864cf96751d32854387d68
GET /js/mobonStorage.js HTTP/1.1
Host: img.mobon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediacategory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 16:49:25 GMT
Content-Type: text/javascript
Content-Length: 508
Connection: keep-alive
Server: PWS/8.3.1.0.8
Last-Modified: Thu, 21 Apr 2022 07:04:20 GMT
ETag: "f08574-1fc-5dd24b81768e7"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 46312
Via: 1.1 PShgseSEL5rx160:2 (W), 1.1 PShgseSEL4wb142:4 (W)
X-Px: ht PShgseSEL4wb142GMP
X-Ws-Request-Id: 6380f215_PShgseSEL4wb142_30765-46970
Cache-Control: max-age=86400
platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
192.229.233.25200 OK 2.1 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (3835), with no line terminators
Hash a7a94df486e306b619ab921142d234e2
1386bcf32860c146b6b7d912b92a540662cc7361
f4de548de8d166e7872adeefa8e8345f952b9001b40ca56622cd40033a34bf22
GET /_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1890038
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "581beb14123ea389fe5c0fe24167fe0a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2097
platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
192.229.233.25200 OK 96 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 12bea7ea22b3c50f7f37f5e605e78430
5e7542f91bcaab2eb202fc8b19f53f1d009bc199
67cf3d50c902dfdf90bcf12de4d3f32d23d2547e9e90566a9a41f95db671fad9
GET /_next/static/chunks/modules.c7def0268c66f6a548ed.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1967311
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "51acddf0dbfab928b183f36c1ee67619+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 95749
platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
192.229.233.25200 OK 668 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (1338), with no line terminators
Hash 79fd032d8d5d9fa6b966e0a2b0e5a3e1
092828885b8721858c80381d92622760aa6b2188
d08463c097b4b77e9db4acb6fdf01a44f3b80db66cd368c76185a363c9bf0863
GET /_next/static/chunks/pages/_app-446fb4a338b215deec8c.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1967312
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "be3e428d416daa9027cecf70b5f26bf9+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 668
platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
192.229.233.25200 OK 90 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
IP 192.229.233.25:0
File type ASCII text, with no line terminators
Hash 8e33207e7b788da9abde5b6d33da0b00
23e48f1b412b3a0a406639f297fb6f4c4740efe8
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a
GET /_next/static/chunks/main-e9db78f5e7b3d83edd5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1967312
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "8e33207e7b788da9abde5b6d33da0b00"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 90
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
192.229.233.25200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (13043), with no line terminators
Hash 9a40466b77e5f5f4a525cf508afee546
410eb7a6ee4ee31950b33844fd21efcc8850e3e0
aae2810ee062cd3d5a1d770d2f1b287c84d5ae6276c90914ab21c9cce6686538
GET /_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1967311
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "1efc61e416c7f4f293501e877fbec836+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F714)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1285
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js
192.229.233.25200 OK 414 B URL HTTP/1.1 platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (1208), with no line terminators
Hash 19e50b016c2418a8b7178a219a9fe03d
68c691a19558f28e9111b35f0c0f182addd31e3f
ff39afa732cf28797d8c7d8170b9e4dcc5ab8bcbd688b44be3dc0d82a5b3bbe4
GET /_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1890038
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "12a5a08767706f15b6b316996cd057c1+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 414
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js
192.229.233.25200 OK 76 B URL HTTP/1.1 platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js
IP 192.229.233.25:0
File type ASCII text, with no line terminators
Hash abee47769bf307639ace4945f9cfd4ff
c0a0dc51ee8a2852baf5ff30c33b1478ff302585
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
GET /_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1890037
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "abee47769bf307639ace4945f9cfd4ff"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 76
platform.twitter.com/_next/static/chunks/25.1196cfa4eb55f7de134c.js
192.229.233.25200 OK 14 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/25.1196cfa4eb55f7de134c.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (53694), with no line terminators
Hash 8da4abd15b05dc50b2815dfec96e8f3c
b86b0fc588c082ac282fa866de8d1a3a4b9aed53
6e52ce876ddb32d195df9690e1bc74f948074a9ab719ccbea4b17d9e612fc1c2
GET /_next/static/chunks/25.1196cfa4eb55f7de134c.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1886745
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "2f6429a57d1908638b4dcaf459730606+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F719)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13533
platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
192.229.233.25200 OK 7.7 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (23122), with no line terminators
Hash 47db702890e40ec11a744a885b6724b9
8ad88841d05dc05ce69ee8d430728214dd82e981
c8f11861cf29a4bc87a1f04f8add61885cc2627e6fd35a0ad12c48acddbaecb6
GET /_next/static/chunks/2.691622e4391d1973cb65.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1967312
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 7674
platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js
192.229.233.25200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (2558), with no line terminators
Hash 385597e7610afe03d76680534f29c35d
12280b5eef389f1e5a45b2b6ff7b21d1ca0b2f8f
ba66755ab4b673c2c028ddc2540308742f6287ae47243b6424df833c4ccd1be3
GET /_next/static/chunks/4.87a72bcd1cc186518122.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1890037
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:26 GMT
Etag: "ff2a4a029f711ed6f7dcb3f1f834609a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F717)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=3
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1276
platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js
192.229.233.25200 OK 187 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 187 kB (187307 bytes)
Hash 0c9586da0105e26c179e1576b6ee4d4f
a6d8cd227714e168c5bde33c28114aa2a08bdd8c
03ece567f7bdc643d0f3cd1d64b35a2e09bf711667df1439b3a2a8a8cff308db
GET /_next/static/chunks/0.ad6e60829dfc07776f5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1890038
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:26 GMT
Etag: "f8a649284ac45133fc2c0b92defbd7b3+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 187307
stats.wp.com/e-202247.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:21 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A600%2C400%2C400italic%2C300%2C100%2C700%7CMerriweather+Sans%3A400%2C700&ver=4.7.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A600%2C400%2C400italic%2C300%2C100%2C700%7CMerriweather+Sans%3A400%2C700&ver=4.7.2
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A600%2C400%2C400italic%2C300%2C100%2C700%7CMerriweather+Sans%3A400%2C700&ver=4.7.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 16:49:21 GMT
date: Fri, 25 Nov 2022 16:49:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=auth/exm=person/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_1?le=scs
142.250.74.174200 OK 0 B URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=auth/exm=person/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_1?le=scs
IP 142.250.74.174:0
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=auth/exm=person/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 42350
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 12:42:26 GMT
expires: Thu, 23 Nov 2023 12:42:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 187618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/services.min.css?ver=2022Novaa
192.0.73.2200 OK 0 B URL HTTP/2 secure.gravatar.com/dist/css/services.min.css?ver=2022Novaa
IP 192.0.73.2:0
GET /dist/css/services.min.css?ver=2022Novaa HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:24 GMT
content-type: text/css
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
etag: W/"5ab37b5c-a54"
content-encoding: br
expires: Fri, 02 Dec 2022 16:49:24 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 0 B IP 93.184.220.29:0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3221
Cache-Control: max-age=134593
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:49:25 GMT
Etag: "63805041-1d7"
Expires: Sun, 27 Nov 2022 06:12:38 GMT
Last-Modified: Fri, 25 Nov 2022 05:18:57 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202247
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202247
IP 192.0.77.32:0
GET /wp-content/js/devicepx-jetpack.js?ver=202247 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:21 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"5bffef65-52b6"
content-encoding: br
expires: Mon, 20 Nov 2023 23:25:32 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
secure.gravatar.com/js/gprofiles.js?ver=2022Novaa
192.0.73.2200 OK 0 B URL HTTP/2 secure.gravatar.com/js/gprofiles.js?ver=2022Novaa
IP 192.0.73.2:0
GET /js/gprofiles.js?ver=2022Novaa HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:49:21 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Fri, 02 Dec 2022 16:49:21 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80949726f6c32%26domain%3Dblog.faceutil.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.faceutil.com%252Ff2e97e711871a8c%26relation%3Dparent.parent&container_width=263&height=432&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F%25ED%258E%2598%25EC%259D%25B4%25EC%258A%25A4%25EC%259C%25A0%25ED%258B%25B8-1656053511364043%2F&locale=ko_KR&sdk=joey&show_facepile=true&show_posts=false&width=340
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80949726f6c32%26domain%3Dblog.faceutil.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.faceutil.com%252Ff2e97e711871a8c%26relation%3Dparent.parent&container_width=263&height=432&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F%25ED%258E%2598%25EC%259D%25B4%25EC%258A%25A4%25EC%259C%25A0%25ED%258B%25B8-1656053511364043%2F&locale=ko_KR&sdk=joey&show_facepile=true&show_posts=false&width=340
IP 157.240.200.35:0
GET /v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80949726f6c32%26domain%3Dblog.faceutil.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.faceutil.com%252Ff2e97e711871a8c%26relation%3Dparent.parent&container_width=263&height=432&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F%25ED%258E%2598%25EC%259D%25B4%25EC%258A%25A4%25EC%259C%25A0%25ED%258B%25B8-1656053511364043%2F&locale=ko_KR&sdk=joey&show_facepile=true&show_posts=false&width=340 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.faceutil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: +0Aa22AhQMmaJln4xUmzd4aH+Kx3clMOCWjedEVXTiUqS0rcTmp3/Xt+NjvYPmbSNz+koXBut1yWslQWHDnN4A==
date: Fri, 25 Nov 2022 16:49:25 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
192.229.233.25200 OK 0 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
IP 192.229.233.25:0
GET /_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1890038
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 25 Nov 2022 16:49:26 GMT
Etag: "5a0c374fae04eeb3b101385087754b18+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 299281