r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9676
Expires: Mon, 05 Dec 2022 00:58:16 GMT
Date: Sun, 04 Dec 2022 22:17:00 GMT
Connection: keep-alive
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash bf3ddcf9ae40c8a2946bba630d7e926d
92316af42a154f8c01270911ac1dcc1aff2bf93e
31262ef58694dd018b517928e817a0577244c176295225d6889c02f711569094
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140539
Date: Sun, 04 Dec 2022 22:17:00 GMT
Etag: "638c9e57-1d7"
Expires: Tue, 06 Dec 2022 13:19:19 GMT
Last-Modified: Sun, 04 Dec 2022 13:19:19 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zfGUU8C6vjFhuqZy09FPmrHtD4phFVgVlLn24VScSndZiaG846vjgQ==
ocsp.digicert.com/
200 OK 471 B IP
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 901
Cache-Control: max-age=131358
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:17:00 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:46:18 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 21:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3411
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5634
Expires: Sun, 04 Dec 2022 23:50:54 GMT
Date: Sun, 04 Dec 2022 22:17:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e6Bw3d31x2xvq5Z6qXBTAeaJtmc/qPm8fVkfkB7PmZ1cRorgQMZCc/WOoghaN/lYM3/MI5wKI2Q=
x-amz-request-id: DF9KXXXGE7590P4S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 21:47:08 GMT
age: 1792
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:17:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 22:08:58 GMT
cache-control: public,max-age=3600
age: 483
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 888
Cache-Control: max-age=126278
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:17:01 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:21:39 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UiPp4VRvaWH7yS3zn2KkqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: prcxVw+dWl1eR1dARUmIX3TwGmA=
vendor-cdn.imweb.me/css/chosenImage.css?1617331762
200 OK 773 B URL HTTP/2 vendor-cdn.imweb.me/css/chosenImage.css?1617331762
IP
Hash 886d759b621d7e2156acb3eaa7a9d859
c5ddb2a50f88785a2cfd81a00d924bf6ae5868e9
34f5e85c087582e91520af6312936ef2bdda9e0b5f933d2550723ff2fac6f8a0
GET /css/chosenImage.css?1617331762 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 773
last-modified: Tue, 27 Apr 2021 21:58:44 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 19:18:43 GMT
etag: "886d759b621d7e2156acb3eaa7a9d859"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QTOKhqNC3DHs372VJezQIiZKFztpQlo0AvQC4NojOI3ZR73-J2q_Xg==
age: 10731
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/kakao.css
200 OK 790 B URL HTTP/2 vendor-cdn.imweb.me/css/kakao.css
IP
Hash dd438cde6e734de163ab7a6b4a61b337
b805a3bdbeb73fe840f33303b777e584df31ffff
5828a039bbbd4ba6a538a0759bdf8b903a11dd131c69c044df88b85d0153435f
GET /css/kakao.css HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 790
date: Sun, 04 Dec 2022 04:49:58 GMT
last-modified: Tue, 04 May 2021 07:52:50 GMT
etag: "dd438cde6e734de163ab7a6b4a61b337"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kGMyavoK0RMwNmrneo7n0vrefDhVs7g-kstccVP6ZEGveTH2Yl4dAg==
age: 62823
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/fonts/pretendard/web/variable/pretendardvariable.css?1669614457
200 OK 511 B URL HTTP/2 vendor-cdn.imweb.me/fonts/pretendard/web/variable/pretendardvariable.css?1669614457
IP
Hash ef0d1fd5a34bd63d479445b0223ad52b
c97dd2602caf48a21036a42939a8bc0cc256ee12
cdba9c706e2dbd2036ede7df99320de16f052fd5b8504e5152c10ccc83c159e2
GET /fonts/pretendard/web/variable/pretendardvariable.css?1669614457 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 511
last-modified: Mon, 28 Nov 2022 05:52:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 20:59:38 GMT
etag: "ef0d1fd5a34bd63d479445b0223ad52b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TKJ5M33Gj_RQ5ykYpjzdwGLkJo0Gw3UNzzqOxQgQzcVkUnCyFCGaCw==
age: 21333
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/site/site.css?1666757608
200 OK 290 kB URL HTTP/2 vendor-cdn.imweb.me/css/site/site.css?1666757608
IP
File type assembler source text\012- assembler source, Unicode text, UTF-8 text, with very long lines (377)
Size 290 kB (290115 bytes)
Hash 9dc311d9b33fc027cdb0c3b49017fb47
951d8ff18298715ae1b335bf1640c7c48bb00f6e
23a2c24d37c7234eed21935f3d787f317e1c23d22d21c6b0186f487dcd512551
GET /css/site/site.css?1666757608 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 290115
last-modified: Wed, 26 Oct 2022 04:15:01 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 15:25:56 GMT
etag: W/"9dc311d9b33fc027cdb0c3b49017fb47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1K7oK9d-W5PtmIf9l38_FdnFKKZVc9_ji4tEwV9VQbPDonkqX_HvrQ==
age: 24981
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/tailwind.css?1669782736
200 OK 44 kB URL HTTP/2 vendor-cdn.imweb.me/css/tailwind.css?1669782736
IP
Hash 66fe9bbc4c9e32624e97c3d52e85056f
78fe51b77706e8367c8d5ebca940896fdac5e8e8
40066fc4599a861a0d6ce0d545bdc345a91da36331aea79d74ce9966485ccfea
GET /css/tailwind.css?1669782736 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 30 Nov 2022 04:45:24 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 05:16:19 GMT
etag: W/"9a3728c54f4f49fba26cdd34cff82fa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rJYKMJ5gM2RDy9IpAvarCW9cm4AV0X9C800qktesRYzDz2jC48BCXQ==
age: 63071
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/animate.css?1577682282
200 OK 16 kB URL HTTP/2 vendor-cdn.imweb.me/css/animate.css?1577682282
IP
Hash a4c5c6466b7697a7690973c49342465d
3281f176a16df3c16cbf7e40e5f53906bc2e036d
46ea78b2e5606498fa814dca5f23e3fd98eb6bf907eef2529dfccfd2e8cb3a55
GET /css/animate.css?1577682282 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 27 Apr 2021 21:58:52 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 19:29:31 GMT
etag: W/"a4687c31623987f35b1f356d73f7cb06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ENSu_e01BJzZ7ybVJATo23-meeodNAQQg6ytI_AhiEGKOVOxuklpTg==
age: 10197
X-Firefox-Spdy: h2
player.vimeo.com/api/player.js
200 OK 6.3 kB URL HTTP/1.1 player.vimeo.com/api/player.js
IP
File type Unicode text, UTF-8 text, with very long lines (21087)
Hash be35514553399a516ec9a8a782341d76
cc471c8a2ad4a645656f72e0833a3cd1a9131b63
ab060007b859a933f8fb7bbc505c9c0a06eef5813ab909d9f09f9656c2d53505
GET /api/player.js HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:17:01 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 6272
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Sun, 04 Dec 2022 22:28:08 GMT
x-host: player-8c6fcccfc-gnzxc
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-0
x-backend-proxy: playproxy1
x-bapp-server: player-8c6fcccfc-gnzxc
Accept-Ranges: bytes
Age: 1133
X-Served-By: cache-bma1654-BMA
X-Cache: HIT
X-Cache-Hits: 860
X-Timer: S1670192222.800356,VS0,VE0
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=BxvaeBo02i5F8hbgCUXR9dqKfcmR7KBOqBcBkHb2sNk-1670192221-0-AR8svoDoPc22Y+eLHWKiDYbdd0MuOeKUyn2qOM669tjwuCDPudXJMG3HCcIyw703HTlvJfOv25PMn+I1q9lKwFc=; path=/; expires=Sun, 04-Dec-22 22:47:01 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 7747e8ea2b0f0b51-OSL
cdn.imweb.me/thumbnail/20220923/a6d36709629ef.png
200 OK 14 kB URL HTTP/2 cdn.imweb.me/thumbnail/20220923/a6d36709629ef.png
IP
File type PNG image data, 382 x 210, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e5618ccc9a69a61950feae95dc5a595
4e94adc0b1ce400207ccb343be784f45eeb39d1a
3e87b4ffb2948fdb92aa5246be829d3d3c0039cda4752aea126d507a0ec459a7
GET /thumbnail/20220923/a6d36709629ef.png HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png; charset=utf-8
content-length: 14108
date: Sat, 03 Dec 2022 23:33:01 GMT
last-modified: Fri, 23 Sep 2022 13:56:30 GMT
etag: "3e5618ccc9a69a61950feae95dc5a595"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0-WWpaPC_wksdCDWf0xgoNcZ3UqeHrvmlyyeQ_lcKpgq9V67C2EnRQ==
age: 81842
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/minify_css/vendor_blue_10.css?1653367465
200 OK 135 kB URL HTTP/2 vendor-cdn.imweb.me/minify_css/vendor_blue_10.css?1653367465
IP
Size 135 kB (134701 bytes)
Hash 66d1dd98d1551652b1dd77719d5ed91b
6e272eb432d81f8f48b6acd20e10b05e28c78272
d0ed06657ecdc09f61d8ee09b73db73f068df834cc7f4f2a1f42d9b815e0dd34
GET /minify_css/vendor_blue_10.css?1653367465 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 29 Jun 2022 22:15:04 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 18:18:23 GMT
etag: W/"2995ba54f2c587de0db553ce4d7cec12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OJI_NMm6BuAjI4MMd32YOgw-pCABkIF6DQQApt9At5R09k119SlbIQ==
age: 14331
X-Firefox-Spdy: h2
cdn.imweb.me/thumbnail/20220928/c22e85f0feb58.png
200 OK 16 kB URL HTTP/2 cdn.imweb.me/thumbnail/20220928/c22e85f0feb58.png
IP
File type PNG image data, 950 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e1603bfca79bd90119f306d74a178f4
320d50d4a2aa898f5f46854279bcdf5676c6cfa2
bd80136b0580c959b506551c28865a1c1f92850034e3dc481dcce812e1496608
GET /thumbnail/20220928/c22e85f0feb58.png HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png; charset=utf-8
content-length: 16352
date: Sat, 03 Dec 2022 23:19:35 GMT
last-modified: Wed, 28 Sep 2022 06:48:49 GMT
etag: "0e1603bfca79bd90119f306d74a178f4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZBLGRVmNuYwLISAaKbMlArWohsbIBIEv0G2XLro9059V53CJFb02wQ==
age: 82648
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/fonts/im-icon/style.css?1666251299
200 OK 9.5 kB URL HTTP/2 vendor-cdn.imweb.me/fonts/im-icon/style.css?1666251299
IP
Hash 9b443f251d6453f9e7b015dd78f1d4ba
ce340635d376517e27e9877d3d26ac25aadf5fe3
c763337e6c716a7745bc19c608f811d59119961848b9daae91067ba034101212
GET /fonts/im-icon/style.css?1666251299 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 20 Oct 2022 07:35:21 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 09:25:37 GMT
etag: W/"bde9a1485fd566bda9a9d0cbd6a5aceb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z2oCrEbW1zrss-DQc4Thfz2jqRIfItPArA1Y1dMu0di1BGxhAHvBmA==
age: 47002
X-Firefox-Spdy: h2
cdn.imweb.me/thumbnail/20220920/3ca3836ff31a0.png
200 OK 56 kB URL HTTP/2 cdn.imweb.me/thumbnail/20220920/3ca3836ff31a0.png
IP
File type PNG image data, 950 x 234, 8-bit/color RGBA, non-interlaced\012- data
Hash bddaebe69d079f012e2f1a8276db8c1d
05936b4ad5adadb5457a2d1fdfc2143681e25c5b
cd43f08494c505bdadca6e5a8153130a62f871f41deed003e002f2ab03242177
GET /thumbnail/20220920/3ca3836ff31a0.png HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png; charset=utf-8
content-length: 55677
last-modified: Tue, 20 Sep 2022 13:47:57 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 23:19:30 GMT
etag: "bddaebe69d079f012e2f1a8276db8c1d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pkikobY1LxXVs9HtdJpupJA5Oykr20fUA2BYjlfbwuXqWqkz8utenA==
age: 82653
X-Firefox-Spdy: h2
cdn.imweb.me/thumbnail/20220928/2e722854e1095.png
200 OK 23 kB URL HTTP/2 cdn.imweb.me/thumbnail/20220928/2e722854e1095.png
IP
File type PNG image data, 220 x 350, 8-bit/color RGBA, non-interlaced\012- data
Hash 79b9e1f9b21b0e6fa35b8e7ea9d0d3e3
78cba26bb8bf54ef043d4d4efd8ed11eb18cb7f8
febcc37952477b52bf252939ed2cec6a97b6a3e85d118b470cb7d705008ca495
GET /thumbnail/20220928/2e722854e1095.png HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png; charset=utf-8
content-length: 22764
date: Sat, 03 Dec 2022 23:19:36 GMT
last-modified: Wed, 28 Sep 2022 07:22:02 GMT
etag: "79b9e1f9b21b0e6fa35b8e7ea9d0d3e3"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gADM_GLbiIuzQk2HTKlJpi_8OhgLP7559lexDQoBtOqbQ4uaagRveQ==
age: 82646
X-Firefox-Spdy: h2
cdn.imweb.me/thumbnail/20220928/d2591cd12c591.png
200 OK 147 kB URL HTTP/2 cdn.imweb.me/thumbnail/20220928/d2591cd12c591.png
IP
File type PNG image data, 1542 x 436, 8-bit/color RGB, non-interlaced\012- data
Size 147 kB (147336 bytes)
Hash e177e8a12254396c13f52204706144da
1cba83401bbed006aeb02db54a53ddd1e5c9173f
4179fa80a0226f5c54fa7cf690eb161fbd29923e1094db5927f40c201100f98b
GET /thumbnail/20220928/d2591cd12c591.png HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png; charset=utf-8
content-length: 147336
date: Sun, 04 Dec 2022 11:03:32 GMT
last-modified: Wed, 28 Sep 2022 08:09:18 GMT
etag: "e177e8a12254396c13f52204706144da"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0sFSbEHKXi_nqCzwvZn_F4E46iBe_iIQAcWhJaHyTQfryBuS_e_Z1w==
age: 40411
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/chosen.css?1617331870
200 OK 25 kB URL HTTP/2 vendor-cdn.imweb.me/css/chosen.css?1617331870
IP
Hash d95cafdf12b4bca49aa0494bd128537e
88c36d63c477fe8ef3210f4aa5cee230bfbdad55
271f009e3e192c299e4ef2a0307698009bda98741beb8ca86b58b9a0b3502910
GET /css/chosen.css?1617331870 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 27 Apr 2021 21:58:41 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 04:34:37 GMT
etag: W/"1a134edc02e593f24b5c42353ce61049"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UdJlOtf8WJs_kkr0MKnYMahqgLOrJbPCPVR8CtYhijtKfsTJNy5cgw==
age: 64369
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/im_component.css?1636689958
200 OK 22 kB URL HTTP/2 vendor-cdn.imweb.me/css/im_component.css?1636689958
IP
Hash 47dee9ee0f01ec4d3bdfcc193f06eb68
89a2a3f0874434dcfb1b3e3341952fddc70ae6c0
d804cef66f97f174277ccc582d3b1372cfb14d7dd5c9f34f589e12df7fef986d
GET /css/im_component.css?1636689958 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 18 Nov 2021 06:41:35 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 03:59:06 GMT
etag: W/"f7cb0bde1ac3af3928f2d76977944298"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M7NhKMNyGiKk-XGL1EJXSJHLfaIzwITh3OSnpvudVwa6QM1SdEFlFg==
age: 68232
X-Firefox-Spdy: h2
cdn.imweb.me/thumbnail/20220928/e9e60d3e37559.png
200 OK 22 kB URL HTTP/2 cdn.imweb.me/thumbnail/20220928/e9e60d3e37559.png
IP
File type PNG image data, 220 x 350, 8-bit/color RGBA, non-interlaced\012- data
Hash f4a2bca3b8ca5a248c6039ae83d8c950
5d742026fdab5fd7f85a3a1a66135193da23f431
b993e5f01c1597e0679ff8d7a7e2baa1559286b8ae08d8f9a34d93f58f8baa01
GET /thumbnail/20220928/e9e60d3e37559.png HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png; charset=utf-8
content-length: 22034
date: Sat, 03 Dec 2022 23:19:40 GMT
last-modified: Wed, 28 Sep 2022 07:22:02 GMT
etag: "f4a2bca3b8ca5a248c6039ae83d8c950"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0PNj6AkQm1Kiz3An4Ul2EXq2gI-putA_oTru_VgzIYwBn9ndPSX1Qg==
age: 82643
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/ie-checker-min.js?1577682292
200 OK 535 B URL HTTP/2 vendor-cdn.imweb.me/js/ie-checker-min.js?1577682292
IP
File type ASCII text, with very long lines (446)
Hash 0a7488a6f3c29c020e005b1ab97d5efe
31d8df9d9851cf4535e9bbc81b5430cf794895f2
5b83a6946941829a7fdff7961ebdf0199beedc9ec0a40d99fecea5fb859b3fc3
GET /js/ie-checker-min.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 535
last-modified: Tue, 27 Apr 2021 22:00:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 01:14:36 GMT
etag: "0a7488a6f3c29c020e005b1ab97d5efe"
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b4mv0EXo8RYI8jB_LMYrI3EUChDY7uU8Nche1f4d1co4mHFlHonnig==
age: 75784
X-Firefox-Spdy: h2
wcs.naver.net/wcslog.js
200 OK 6.8 kB IP
File type ASCII text, with very long lines (20124), with no line terminators
Hash 843a08a1540a6ef318459433f0d7e92a
8b367a0abbbb3aa407b3285939b242dd90af8e10
e9c2885f3be79e610f1a995a5d9d403671417e056cdccf427416509263c11883
GET /wcslog.js HTTP/1.1
Host: wcs.naver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 14 Jun 2022 02:08:57 GMT
ETag: "62a7edb9-4e9c"
Server: nginx
Content-Type: application/javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=404
Expires: Sun, 04 Dec 2022 22:23:46 GMT
Date: Sun, 04 Dec 2022 22:17:02 GMT
Content-Length: 6834
Connection: keep-alive
vendor-cdn.imweb.me/js/moment.min.js?1629764594
200 OK 19 kB URL HTTP/2 vendor-cdn.imweb.me/js/moment.min.js?1629764594
IP
Hash 406029c9343f3f53d785def2acd197ef
3258d0c415b2e70284eb68ca259b35a30e61452f
3240803849513771d4796c80a0fb6d91972df507d54f3f30d1beb34c9f529e4d
GET /js/moment.min.js?1629764594 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Aug 2021 00:23:39 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 21:33:20 GMT
etag: W/"5508e02666a970171ece000c47a6b017"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4s4VgldSe2web56PGTaeGgq4GDe-ASXJeKoQDgmUxiIcZdO8P60dqw==
age: 3193
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tffds.com/common/img/default_profile.png
200 OK 3.2 kB URL HTTP/2 tffds.com/common/img/default_profile.png
IP
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash dd126f197cad438a4ae5af15df1f57ba
7efb2b4d9e98a8fd7c0ff0fb66297cc3d4e50f02
364a4dd085d7de554210066021a8c79a2709a17e3dc0078c3dd834dac40b4d0e
Analyzer Verdict Alert openphish Chase Personal Banking
GET /common/img/default_profile.png HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3187
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Mon, 27 Apr 2020 02:03:03 GMT
etag: "5ea63d57-c73"
expires: Tue, 03 Jan 2023 22:17:01 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7BHm9YCWIKOVA5W5wan2dA0MBttx-UG1eNP8Nsa3oOvZv-Mtex9hKA==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/bootstrap-datepicker.js?1577682292
200 OK 15 kB URL HTTP/2 vendor-cdn.imweb.me/js/bootstrap-datepicker.js?1577682292
IP
Hash e064e4f8730315140d349f89887d5fa3
ae8c17e9f29a0f926f16da30873c98cf2bd3b1d3
aeb9336a4c8cc74e732abd65c7f098af8e1136e710239a59ff8f458d35b8c265
GET /js/bootstrap-datepicker.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:24 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 01:13:25 GMT
etag: W/"8247c9c55821bebdae0e846c553eb291"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h10Aa-g4MjIOyQ-QF5BNViue0bde6nIhLx9UQMvFUk507LYdqeQQzA==
age: 76183
X-Firefox-Spdy: h2
tffds.com/js/secret_article.js?1604286051
200 OK 1.8 kB URL HTTP/2 tffds.com/js/secret_article.js?1604286051
IP
Hash fadc6f2b8a3bf91dfb38e93de567e1ae
fb38c1d6c26243d28aa270f3e9cf6b92ac2d5bb0
47d308a99e61ad84416c616d73c2b2a5d3674719f328bdca6950960dea48b434
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/secret_article.js?1604286051 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Mon, 02 Nov 2020 03:00:51 GMT
vary: Accept-Encoding
etag: W/"5f9f7663-f3d"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LlBL53b7KkYPJnwTUIg8YBO_Ccj9x0xHdwZOqD3IYGCdy1d9Mf0O-A==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/site/alarm_menu.css?1648796493
200 OK 6.2 kB URL HTTP/2 vendor-cdn.imweb.me/css/site/alarm_menu.css?1648796493
IP
Hash 960bdc7c849a7aced1890970348c2b04
24fafcd7ebfee9c7339d85ef20159f52f71bab2d
0feb7fc8a8f5a5556950362478d0bb9ae4935ff4f0189eb8993d75781eba06cd
GET /css/site/alarm_menu.css?1648796493 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 12 Apr 2022 01:25:08 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 17:22:27 GMT
etag: W/"c2c6fa0878be40bc18ea177903d61e97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0laylKTjyvjTK2Q52oiJUFf77LzO_7qQuFEW9P9BXrovPZaLWTd_uQ==
age: 21333
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10322
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 22:17:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 1727
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZjAfnCIfBIkjjk0E62TZ7bHsCTUhJk9Wm_wIyhnUNvhgXja5ELfC4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 1727
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/autosize.js?1577682292
200 OK 10 kB URL HTTP/2 vendor-cdn.imweb.me/js/autosize.js?1577682292
IP
Hash 00bee3a30a2bd371e30d86059d0ded68
a517fc612a71fd8733b4baa34f695227ee3b05a9
282d8ea3ac311180e38733345a3382817ffe85d53d906ef02a4a3e6542cbdc24
GET /js/autosize.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:31 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 21:13:04 GMT
etag: W/"01a073241d38eed6ab30505450426839"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CoZfKPPjjqIWXZuK2_g-T__ij5YQ5U8trlzXHhU0Opw6M0oHFpdHgA==
age: 3910
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/owl.carousel2.js?1638150602
200 OK 17 kB URL HTTP/2 vendor-cdn.imweb.me/js/owl.carousel2.js?1638150602
IP
Hash 553b1e9e72af9738eb11f652120753f5
56268c9e24dc3f3632328f91a0d6a8da883ca634
5badb54e79ec4d8254b4fae8bd43aa67ff978a18ffc0e98b818223fece7eecc2
GET /js/owl.carousel2.js?1638150602 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 29 Nov 2021 01:50:36 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 22:16:39 GMT
etag: W/"85f9dfb50ec6d1e2827e123c57dc379e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wkbJ3c82Ym3OOi2EAf5ZMwngJPUG-07NvfrtvTBv1lVXfZXZj8YVfg==
age: 55
X-Firefox-Spdy: h2
tffds.com/js/android_image_upload.js?1660623646
200 OK 5.9 kB URL HTTP/2 tffds.com/js/android_image_upload.js?1660623646
IP
Hash f9f6b78eb3bb9973e594791e762ccaf1
249bd3a2b22378d9bfe6ca570d40dd6c9b129985
b81090d9641370c348d38353c112b8a7ba93d0d72b3cd8fdd2ab4f490affcc22
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/android_image_upload.js?1660623646 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 16 Aug 2022 04:20:46 GMT
vary: Accept-Encoding
etag: W/"62fb1b1e-50d"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vzi52Qy5QqdNQ4H8e5cbtStdZP4FzpP92Zx-tvWcfq-fWnOevC0uDw==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/slick.min.js?1577682292
200 OK 14 kB URL HTTP/2 vendor-cdn.imweb.me/js/slick.min.js?1577682292
IP
Hash 3cf09eb4890bd68408f66d47a0fe7efb
d62d02277bfdc9844b174386d7793454f055921b
05333a51af18ff0eb34b879bb1df6ed925d2210c3ecf15dc2d7fd8973c623e5b
GET /js/slick.min.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:42 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 15:08:06 GMT
etag: W/"b53bdfc29e18f4d493d775a8023fbdc8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YgvXnsrJhfigRgOamvH5iarHqsyqdLeVDiB2TXxbKO-ppVe1syy-ng==
age: 25800
X-Firefox-Spdy: h2
tffds.com/js/post_view.js?1577682295
200 OK 0 B URL HTTP/2 tffds.com/js/post_view.js?1577682295
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/post_view.js?1577682295 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 0
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Mon, 30 Dec 2019 05:04:55 GMT
etag: "5e098577-0"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w_W-de10XTqRrcwWnrj95APV9UdOv3KXtQcdrdMO394gLRTosY--WQ==
X-Firefox-Spdy: h2
tffds.com/js/site_widget.js?1616721332
200 OK 6.4 kB URL HTTP/2 tffds.com/js/site_widget.js?1616721332
IP
Hash 3f96fb22f863242ab661dd08c355a3ec
8d28ae9630afb1f0f90773de6b4601712e8417ed
d090e8325d639b57a49e64640bc63fe0c65bead3d0e024c4343c70e8efcbbcdf
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/site_widget.js?1616721332 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Fri, 26 Mar 2021 01:15:32 GMT
vary: Accept-Encoding
etag: W/"605d35b4-3fc"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DQtMlwdS-ZecCF-Bg805wftB3oPddPySDo1KWMZJMMOuJAcY-NYN-Q==
X-Firefox-Spdy: h2
tffds.com/js/image.js?1653367465
200 OK 171 kB URL HTTP/2 tffds.com/js/image.js?1653367465
IP
Size 171 kB (170832 bytes)
Hash 603fd7bfa180a1a8a9911e610d7ba63b
ad34847ccd9a1956182376ba459c995c0a0d9235
2321728cdd241470f178d1367bc3f16ee7f75b609b5775af3563142e25d182ed
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/image.js?1653367465 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 24 May 2022 04:44:25 GMT
vary: Accept-Encoding
etag: W/"628c62a9-2c91"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M9uB0kg7ulvkLY-0Soii1NpiGsJdZrIkuleIQ7o_27fXJX-Mi4tAvQ==
X-Firefox-Spdy: h2
cdn.imweb.me/thumbnail/20220920/f8ecc36dd1d68.gif
200 OK 60 kB URL HTTP/2 cdn.imweb.me/thumbnail/20220920/f8ecc36dd1d68.gif
IP
File type GIF image data, version 89a, 880 x 458\012- data
Hash 0a90b31a92120d737e209f9052d15879
661f27d5ef20b876f334c6fe200c02429adc2fc0
4b9d150ba50cd055bb406a4f85c1f074f09f81e874d63f24600dcb5282215571
GET /thumbnail/20220920/f8ecc36dd1d68.gif HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif; charset=utf-8
content-length: 60255
date: Sat, 03 Dec 2022 23:20:38 GMT
last-modified: Tue, 20 Sep 2022 14:25:01 GMT
etag: "0a90b31a92120d737e209f9052d15879"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2QXbBqcXhZUVw9Btj4EaWx7n6UFhTakY-kNUSV9r05Xh47TM9phLJQ==
age: 82584
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/fonts/Gilroy-Light.woff2
200 OK 26 kB URL HTTP/2 vendor-cdn.imweb.me/fonts/Gilroy-Light.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25520, version 1.0\012- data
Hash 2e12072b91843ea0578f1f4033307ac8
b7f886dbb1dca33f09c14ed6280567921cee3ccc
e46b7ad868822802e802e605552f3cfc30151551fc297d737117283d51c734bf
GET /fonts/Gilroy-Light.woff2 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tffds.com
Connection: keep-alive
Referer: https://vendor-cdn.imweb.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 25520
date: Sun, 04 Dec 2022 13:11:17 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Apr 2021 22:15:35 GMT
etag: "2e12072b91843ea0578f1f4033307ac8"
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OPVc79MTqzPvjCpjwP5V6UrqrAz9X2Uou8-mxvITI1er-zEqQfwSog==
age: 32745
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0
200 OK 30 kB URL HTTP/2 vendor-cdn.imweb.me/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0
IP
File type Web Open Font Format (Version 2), TrueType, length 30064, version 1.0\012- data
Hash 0cb0b9c589c0624c9c78dd3d83e946f6
5da603104d4d6e362824ec9e7db32eb2d617949a
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
GET /fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tffds.com
Connection: keep-alive
Referer: https://vendor-cdn.imweb.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 30064
date: Sun, 04 Dec 2022 13:11:17 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Apr 2021 22:19:18 GMT
etag: "0cb0b9c589c0624c9c78dd3d83e946f6"
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6aLDZo1HAXxvWh6sNFH6IhsBsSQ-RjzrHgOyWvEWbh3-2oCVKPjNRg==
age: 32745
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/fonts/montserrat-regular.woff2
200 OK 19 kB URL HTTP/2 vendor-cdn.imweb.me/fonts/montserrat-regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18876, version 2.66\012- data
Hash a874db86aa5b42b17c26025820c1874d
271bdf9bcf03438e2d9a7c891de7ecef4475d690
ce5d746eac83f5655f04b889f731f722272841579a990f48a61917861fd544de
GET /fonts/montserrat-regular.woff2 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tffds.com
Connection: keep-alive
Referer: https://vendor-cdn.imweb.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 18876
date: Sun, 04 Dec 2022 13:11:17 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Apr 2021 22:14:39 GMT
etag: "a874db86aa5b42b17c26025820c1874d"
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sHVgzzZgSqnsFQQ6UCyZVAzMEqZbdPLP3-I3NJR0jBWwASHU4knh0g==
age: 32745
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/fonts/Kakao-bRg.woff
200 OK 894 kB URL HTTP/2 vendor-cdn.imweb.me/fonts/Kakao-bRg.woff
IP
File type Web Open Font Format, CFF, length 893612, version 0.0\012- data
Size 894 kB (893612 bytes)
Hash 3f7388383dec7f44c6518c5ee38274bf
633bb27d2f79b4353fa019d5892ba2abce5c5550
3b198375530b221855455e192f4d581215a0bec6ea7af7362e9fd58f0f0388e0
GET /fonts/Kakao-bRg.woff HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tffds.com
Connection: keep-alive
Referer: https://vendor-cdn.imweb.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 893612
date: Sun, 04 Dec 2022 13:11:17 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Apr 2021 22:18:34 GMT
etag: "3f7388383dec7f44c6518c5ee38274bf"
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rp0Y-oT_GQOs5fJGMUKOyT0tRLFWy-YQvLC35IWDUqNz8RYoFpaW2g==
age: 32745
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/fonts/medium/BlackTie-Medium-webfont.woff2?v=1.0.0
200 OK 13 kB URL HTTP/2 vendor-cdn.imweb.me/fonts/medium/BlackTie-Medium-webfont.woff2?v=1.0.0
IP
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash 45950b55ba84e41eb5f0983dede2cebd
e94cf4456de1d974291b0550b71a16c9942afd73
454659a7191149e9499e487fd221c6f1c837ec0f306f5b2048be09f4ef391712
GET /fonts/medium/BlackTie-Medium-webfont.woff2?v=1.0.0 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tffds.com
Connection: keep-alive
Referer: https://vendor-cdn.imweb.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 12848
date: Sun, 04 Dec 2022 13:11:18 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Apr 2021 22:19:20 GMT
etag: "45950b55ba84e41eb5f0983dede2cebd"
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RWSIH9SlG8cTmFxGu1uQm2u_eAZYMv8RqOjgo5pjae9M_8j5rCe3tA==
age: 32745
X-Firefox-Spdy: h2
tffds.com/js/channel_plugin.js?1664263429
200 OK 28 kB URL HTTP/2 tffds.com/js/channel_plugin.js?1664263429
IP
Hash 6a76f3b094f08cffef647793328f8de7
fcf710c21b47a07697e248d5dd757c4c347c55d0
6d18bb143f4eef5963dc3e017a7fc2f1820bfe1f03cf27dcef7b75cd4eaf370c
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/channel_plugin.js?1664263429 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 27 Sep 2022 07:23:49 GMT
vary: Accept-Encoding
etag: W/"6332a505-1f71"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oYVwORPlYZzndaMZo2JRmky5j3TDH2ZWK2qf4f_MC9q2U2tHy4pzjg==
X-Firefox-Spdy: h2
tffds.com/js/post.js?1666690843
200 OK 6.7 kB URL HTTP/2 tffds.com/js/post.js?1666690843
IP
Hash 3c97a97ec9799829e8a7591e20c6c894
5c00ba6828020044a5300117b67bfdeb2e572bef
0d0870ba8f5429f9ab74087636c9d09b944021955e957ad2676b9716303fd9bf
GET /js/post.js?1666690843 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 25 Oct 2022 09:40:43 GMT
vary: Accept-Encoding
etag: W/"6357af1b-5a4b"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LSOzypQNcsjJURXn8zBFmwJLIqABeATcHvEkR3oTXmAPiR021M93gw==
X-Firefox-Spdy: h2
tffds.com/
200 OK 90 kB IP
Hash b3bdb4620e835667f32ea97245494fb3
1a4fc7451a9c2b6d80d522253d548f817a918b10
3dfd27b71402c130d8124f7ada3463d827b0d2bb3fef08f13aa546a86820abe1
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET / HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 22:17:01 GMT
server: nginx
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; path=/; domain=tffds.com; HttpOnly
al=KR; expires=Sat, 30-Sep-2023 22:17:00 GMT; Max-Age=25920000; path=/; domain=tffds.com; HttpOnly
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QAda3sPUe1-JsJf2-ld6NXuDdQsYOoawuv4gwgqis0PXvBO8xIjRRw==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nanumgothic/v21/PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.119.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/nanumgothic/v21/PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.119.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12316, version 1.0\012- data
Hash 3b067d25cb94009ae23abd4fe00a7dbc
1f1d3f89a8188104f63957712e75216a41e13af0
b0ad896039fdcd68f2b45bd389a8d394b65aa544f434626847c12394ca3e74d2
GET /s/nanumgothic/v21/PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.119.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tffds.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:25:43 GMT
expires: Tue, 28 Nov 2023 23:25:43 GMT
cache-control: public, max-age=31536000
age: 514280
last-modified: Mon, 09 May 2022 18:59:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tffds.com/js/header_fixed_menu.js?1658822737
200 OK 24 kB URL HTTP/2 tffds.com/js/header_fixed_menu.js?1658822737
IP
Hash e15395347c9672d2f93714bf091fb7c5
7f47728b84266ef39587d57552ce08178b14d6d6
49c25eaf0766f3a9be3f5cb880915b6ba69c9ce006e4764b55984a391e63b64e
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/header_fixed_menu.js?1658822737 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 26 Jul 2022 08:05:37 GMT
vary: Accept-Encoding
etag: W/"62dfa051-75e"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FatVhPsmStuskzgDxdImUkmEft_DKlcJojZtf7W8sZf3RjFFbo_naQ==
X-Firefox-Spdy: h2
tffds.com/js/mobile_carousel_menu.js?1606176609
200 OK 18 kB URL HTTP/2 tffds.com/js/mobile_carousel_menu.js?1606176609
IP
Hash 93afb8e5a3a3d0649685c630068d6c16
78943bb7f0a97442eeac9a5877691d495d497406
63f14d0ee03b5d8918bf91dbf7168efd63d8ef64d898c5af7d30bb927672faea
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/mobile_carousel_menu.js?1606176609 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 24 Nov 2020 00:10:09 GMT
vary: Accept-Encoding
etag: W/"5fbc4f61-48a"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w_V1rpclDHF6s1hwSGRcl5FTUxZ2Ly4YuG_rKdpfrT_uK5VWX2oejg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:17:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nanumgothic/v21/PN_oRfi-oW3hYwmKDpxS7F_LQv37yzkx1Yl3P690375P--a0I5vFgZwP.117.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/nanumgothic/v21/PN_oRfi-oW3hYwmKDpxS7F_LQv37yzkx1Yl3P690375P--a0I5vFgZwP.117.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20368, version 1.0\012- data
Hash 5e428707e6dfae431a15601da4114aba
c69ab80faf9edc1776309a1bfd7ca322018210dc
9cedb5cbb123561c6520ae4516d4b7829f554228638e9af28b4114ae37f982eb
GET /s/nanumgothic/v21/PN_oRfi-oW3hYwmKDpxS7F_LQv37yzkx1Yl3P690375P--a0I5vFgZwP.117.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tffds.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:56:38 GMT
expires: Wed, 29 Nov 2023 15:56:38 GMT
cache-control: public, max-age=31536000
age: 454825
last-modified: Mon, 09 May 2022 18:59:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:17:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vendor-cdn.imweb.me/js/jquery.exif.js?1577682292
200 OK 7.4 kB URL HTTP/2 vendor-cdn.imweb.me/js/jquery.exif.js?1577682292
IP
Hash abc9a13f4e649ed2bfec039cf42f924a
8bdb61eef9c5048660ef4ac2911e5908d93a2e68
41ecff902e71db9de0086cce012c7206fa1a6b2f58539fc4a989bc21ddac2de6
GET /js/jquery.exif.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:44 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 06:40:07 GMT
etag: W/"d4f055340ea019a2e948d8c1683cbfd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0h4KpezWQqnsnFola8wQFtmhEf19I-zSFN6eGNiadEK4-klLWUEoNw==
age: 83621
X-Firefox-Spdy: h2
tffds.com/js/site_section.js?1653367465
200 OK 29 kB URL HTTP/2 tffds.com/js/site_section.js?1653367465
IP
Hash 7fd15aa1806a2ee3fef6180590f7029a
7b8b1854c1e4ce250b1061723d536b6757e19b86
852b3735b165e90d889369601af579df7d48d3c80937e54cf06c0c95054a9674
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/site_section.js?1653367465 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 24 May 2022 04:44:25 GMT
vary: Accept-Encoding
etag: W/"628c62a9-434b"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F4wnUNv5371WDPBmry0oBzLPD5mBJ9S2fFyzIFPMn2F9T-jIbRbI1g==
X-Firefox-Spdy: h2
tffds.com/js/header_center_colgroup.js?1637043387
200 OK 13 kB URL HTTP/2 tffds.com/js/header_center_colgroup.js?1637043387
IP
Hash 98010cc261fb938e452898cf94e053b8
fdebb2fd04ec21e62b627f2bd50a34097def3754
d4ab348e823e2f77e9ea7a0c86387ab840333d272e464336e75993d4c94d407a
GET /js/header_center_colgroup.js?1637043387 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 16 Nov 2021 06:16:27 GMT
vary: Accept-Encoding
etag: W/"61934cbb-662"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xuvUgJi7IGqh7lgbZZJ-m3Orrs2RMi2_mrXybQp3JxjTVX3Di9rUqA==
X-Firefox-Spdy: h2
tffds.com/js/header_overlay.js?1577682295
200 OK 26 kB URL HTTP/2 tffds.com/js/header_overlay.js?1577682295
IP
Hash cfcb0b33ec20a2ae99b52f1c119fd02e
a8808a35600635843557d7d15f94cb6136e1c70d
1078c5d3d678d47d307930ef7d3581d84e42ae98b3a25d186c178d5d3cb6460f
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/header_overlay.js?1577682295 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Mon, 30 Dec 2019 05:04:55 GMT
vary: Accept-Encoding
etag: W/"5e098577-49c"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SOY6XFZ9a81aGNxRp82QJ26kM4je1c1Qp9mGjrW9jM-VXsZaEqSX-w==
X-Firefox-Spdy: h2
tffds.com/js/site_log.js?1582866622
200 OK 24 kB URL HTTP/2 tffds.com/js/site_log.js?1582866622
IP
Hash 2aa34e2e225eaaba3b7e71496d7db700
827daef41ddf14299513921b792111355fb39734
44c80a61f52d2e70f46c9525963fd6b8e83196131c56406fa018cefac43a0c76
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/site_log.js?1582866622 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Fri, 28 Feb 2020 05:10:22 GMT
vary: Accept-Encoding
etag: W/"5e58a0be-333"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SNsLqBAZqsAfDy4TGy76AunDfiAjFGyZ6McAMF78E2MZlbRRjtWPLQ==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nanumgothic/v21/PN_oRfi-oW3hYwmKDpxS7F_LQv37yzkx1Yl3P690375P--a0I5vFgZwP.116.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/nanumgothic/v21/PN_oRfi-oW3hYwmKDpxS7F_LQv37yzkx1Yl3P690375P--a0I5vFgZwP.116.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23584, version 1.0\012- data
Hash ec392b03f320dac01d4d00567486b64d
8039213da744e524b5b5bfbd59d44cba9e0949e5
36964120bd69597c0d680a4549a453c75dc4020e140b4b2eee0a402810379f5d
GET /s/nanumgothic/v21/PN_oRfi-oW3hYwmKDpxS7F_LQv37yzkx1Yl3P690375P--a0I5vFgZwP.116.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tffds.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 03:54:20 GMT
expires: Wed, 29 Nov 2023 03:54:20 GMT
cache-control: public, max-age=31536000
age: 498163
last-modified: Mon, 09 May 2022 18:59:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tffds.com/js/header_more_menu.js?1584514029
200 OK 24 kB URL HTTP/2 tffds.com/js/header_more_menu.js?1584514029
IP
Hash 4bd101816d28ca17b2fe44a25f058bd8
b3f0b015b11baaff521eb1d18079f5fc00034ccd
8e333265d5ac1283ea9e3aab081365104512aa2676cff1e5cc6a9607c47f3241
GET /js/header_more_menu.js?1584514029 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Wed, 18 Mar 2020 06:47:09 GMT
vary: Accept-Encoding
etag: W/"5e71c3ed-1936"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GMAR3GJpE0KR6yOQkfWIG7QQRgMrPCrsko7uxpncG6u4e0ogwdImNw==
X-Firefox-Spdy: h2
tffds.com/js/post_comment.js?1637030472
200 OK 26 kB URL HTTP/2 tffds.com/js/post_comment.js?1637030472
IP
Hash 5bd9e6c9b00657c4daffa796c5d94063
949199028bdb40be3eb18827a8de123339f38cb5
d46b327f124fccde3773b7fce7cd886b26e33b1359022f84c015b497a121c331
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/post_comment.js?1637030472 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 16 Nov 2021 02:41:12 GMT
vary: Accept-Encoding
etag: W/"61931a48-7c70"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oEkPz2TvozIEb4EAKlHQO2P-3XI3NoP_OdbA3uELXqQbw9ny21Sk_w==
X-Firefox-Spdy: h2
tffds.com/js/zipcode_daum.js?1577682295
200 OK 27 kB URL HTTP/2 tffds.com/js/zipcode_daum.js?1577682295
IP
Hash 3f6cf7594431ce032dc883f889a0e073
b88e581a5fc1505723cb6ef4e0f180430ea8ba04
69993135b28695ae683f87095efb8c62e0a74026f458769506ad5409e67d1ce6
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/zipcode_daum.js?1577682295 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Mon, 30 Dec 2019 05:04:55 GMT
vary: Accept-Encoding
etag: W/"5e098577-f3b"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NwdnZoy6P5SgqvDNLzrF_C8wYwn2WecEbF8WCMLnn2vUT-I_tpULtA==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nanumgothic/v21/PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.118.woff2
200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/nanumgothic/v21/PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.118.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18568, version 1.0\012- data
Hash 0f8573160bba1a05624eaa58fd188573
7316ee1a02df07420bd76ac51e949e907271025e
039f951d6366b6be3ffa909bea03c904182cfed9877855f1889fa7faac2138eb
GET /s/nanumgothic/v21/PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.118.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tffds.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18568
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 03:54:16 GMT
expires: Wed, 29 Nov 2023 03:54:16 GMT
cache-control: public, max-age=31536000
age: 498167
last-modified: Mon, 09 May 2022 18:59:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tffds.com/js/newest_post.js?1661841692
200 OK 25 kB URL HTTP/2 tffds.com/js/newest_post.js?1661841692
IP
Hash c322792eea44677f15160953955e698d
a4e0889134c344c5a8c54c815502c8e5add4f963
9ae8f6b64d2052f5e5e75ab3ce9249a48a7702eaef44c610bcb9a169ac4d2514
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/newest_post.js?1661841692 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 30 Aug 2022 06:41:32 GMT
vary: Accept-Encoding
etag: W/"630db11c-5c6"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5K8pj2V5bpy6ca9y6JHQSk9HWCdPBzex4Rxtt6FDRwq-zYTDq8Ao5w==
X-Firefox-Spdy: h2
tffds.com/js/library_image.js?1660623649
200 OK 27 kB URL HTTP/2 tffds.com/js/library_image.js?1660623649
IP
Hash b613b0b747a6c11f77bff7d4b4bc750c
2f320913af896d092d00886aa4e77d1b038f1e6b
582ecb3e383866be78420e75dfa54a3e338c52db047a9c3ec323e50dea524724
GET /js/library_image.js?1660623649 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 16 Aug 2022 04:20:49 GMT
vary: Accept-Encoding
etag: W/"62fb1b21-2be2"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hJWJU5z5xUHvdLY3VMlBW22MQSP5jqcUaJuzuLoJq3ObMs3oRvwhwQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:17:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.imweb.me/thumbnail/20220919/70abbba209f0e.png
200 OK 9.7 kB URL HTTP/2 cdn.imweb.me/thumbnail/20220919/70abbba209f0e.png
IP
File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash 56ea2a1fd2c03575baf4fa81409f5d3f
7d7de97b369b842ef19998725ef1b9e1fe6d87c2
0d936f38110ef9abe7ef55a225342d729d345d673229df54efa154fa9c39f019
GET /thumbnail/20220919/70abbba209f0e.png HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png; charset=utf-8
content-length: 9698
date: Sun, 04 Dec 2022 13:31:17 GMT
last-modified: Mon, 19 Sep 2022 13:36:32 GMT
etag: "56ea2a1fd2c03575baf4fa81409f5d3f"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9oLYviio6miA-1vOtZS8-FYwz9501-OFNpJSzM-i8zBDW0YQ1zpkJQ==
age: 31547
X-Firefox-Spdy: h2
cdn.imweb.me/thumbnail/20220919/2de7f38af49d9.png
200 OK 1.0 kB URL HTTP/2 cdn.imweb.me/thumbnail/20220919/2de7f38af49d9.png
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 7a0708ac956ba862433f8fc8cab5ee96
6e6bb6f914f0190d0471b99f41392898ad80e591
a7f4732350ad5d9bccac390f115bab78dc53e571ead21a6d25383012c110b26e
GET /thumbnail/20220919/2de7f38af49d9.png HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png; charset=utf-8
content-length: 1020
last-modified: Mon, 19 Sep 2022 13:36:31 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 22:16:42 GMT
etag: "7a0708ac956ba862433f8fc8cab5ee96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q16M7alUB3xLeTCpHTPk-so68oZ6U7qHXKR3WZ3ruyMHUI-B_lgRnw==
age: 22
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:17:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:17:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vendor-cdn.imweb.me/css/font-awesome5.min.css?1660780829
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/css/font-awesome5.min.css?1660780829
IP
GET /css/font-awesome5.min.css?1660780829 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 18 Aug 2022 02:23:56 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 03:59:06 GMT
etag: W/"88fa35a5ba862e078f3d2450e5987714"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zXZDDTAV_iGFQ-rHy-0xnm2Il_01IHVaebqVacl_PAgs1jSRjcWQww==
age: 86065
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/tinycolor-min.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/tinycolor-min.js?1577682292
IP
GET /js/tinycolor-min.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:35 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 19:09:04 GMT
etag: W/"6fe966756f67ea5f7fa26a69d1d27f6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mSyzYkUJe-Yk46RDg3RdIulkOBonu20UXWVjXZUPSVMnXi70SiQtwQ==
age: 11409
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/function.css?1654567141
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/css/function.css?1654567141
IP
GET /css/function.css?1654567141 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 29 Jun 2022 22:14:55 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 05:42:21 GMT
etag: W/"dcd2b1e978a669172a0ee54909b2474d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WlZGI8lrgGKnkpek8IF2QWHX9ClW4bUUF67LYt7pwkEnUXwM4LireA==
age: 62845
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/im_component.js?1636940317
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/im_component.js?1636940317
IP
GET /js/im_component.js?1636940317 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 18 Nov 2021 06:40:40 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 08:50:21 GMT
etag: W/"360fe86d04e3b0037757321fcc71c759"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q7uS3aKATscZ_LDZNeOX0j0Plnx_R24T90xDhQ1NJcZxWpjnPPELPg==
age: 72036
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/jquery-scrolltofixed.js?1663719786
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/jquery-scrolltofixed.js?1663719786
IP
GET /js/jquery-scrolltofixed.js?1663719786 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 00:30:18 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 06:40:07 GMT
etag: W/"55309992f529a97881a20aed3f58e7c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2iq4mFTbkQhro8LPF22qG2b8nHvEbtm91Sppbw2MSfEgWufQZZ6yvw==
age: 80265
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/moment-with-locales.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/moment-with-locales.js?1577682292
IP
GET /js/moment-with-locales.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:38 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 04:34:44 GMT
etag: W/"9b865f2cc21ea21b0ecb6cae6a82a306"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tNALCYccAHxd6rXjhQZZb_TkFpK6XUrxVtQzfwTjjJAfeXXu1FUVPg==
age: 71128
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sun, 04 Dec 2022 22:17:03 GMT
date: Sun, 04 Dec 2022 22:17:03 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=UF9RhNrHeu0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=V2VPa86J06Q; Domain=.youtube.com; Expires=Fri, 02-Jun-2023 22:17:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+091; expires=Tue, 03-Dec-2024 22:17:03 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tffds.com/js/header_mega_dropdown.js?1648796493
200 OK 0 B URL HTTP/2 tffds.com/js/header_mega_dropdown.js?1648796493
IP
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/header_mega_dropdown.js?1648796493 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Fri, 01 Apr 2022 07:01:33 GMT
vary: Accept-Encoding
etag: W/"6246a34d-2177"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jsqJjKK3-fujg64afxGgI1RBjvcRPxgWlvvUBtOxOGrDRTbo2DqIXQ==
X-Firefox-Spdy: h2
tffds.com/js/advanced_trace.js?1597114502
200 OK 0 B URL HTTP/2 tffds.com/js/advanced_trace.js?1597114502
IP
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/advanced_trace.js?1597114502 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 11 Aug 2020 02:55:02 GMT
vary: Accept-Encoding
etag: W/"5f320886-510"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vyPMceU-mVLl-J2yxpCwkOVgWAp_z3P0lU7d-ndMXRtBaom1_NtFRQ==
X-Firefox-Spdy: h2
tffds.com/backpg/add_visit_log.cm
200 OK 0 B URL HTTP/2 tffds.com/backpg/add_visit_log.cm
IP
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
POST /backpg/add_visit_log.cm HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 203
Origin: https://tffds.com
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 22:17:03 GMT
server: nginx
vary: Accept-Encoding
set-cookie: SITE_STAT_SID=20221205638d1c5e639141.35894738; expires=Mon, 05-Dec-2022 15:00:00 GMT; Max-Age=60178; path=/; SameSite=None; Secure; domain=tffds.com; secure; HttpOnly
SITE_STAT_SID_m20220919291503283f781=20221205638d1c5e639291.13605935; path=/; SameSite=None; Secure; domain=tffds.com; secure; HttpOnly
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZdGHpujzsvIo7iRyY4xv8OP06fL_OwJyD49eT3GFIx3gbJ-SO-jQog==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/jquery.fileupload.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/jquery.fileupload.js?1577682292
IP
GET /js/jquery.fileupload.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:31 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 01:45:05 GMT
etag: W/"9bf0c7486c83f8232aab5b6275dce7ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cm-A1kH2fqN9tkSKAWcAODafCBiauvsgIbDpak9SxePMo--gddE-0g==
age: 74021
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/jquery.smooth-scroll.min.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/jquery.smooth-scroll.min.js?1577682292
IP
GET /js/jquery.smooth-scroll.min.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:43 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 01:15:33 GMT
etag: W/"bf370c822f2a1544867e43e9c41d56d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 81uJTqLK8rO43Y5fxB7UtAKhctBQSz5baLmZkSqpit2BmH_zsJN5-g==
age: 75709
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/site/iefix2.css?1590627710
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/css/site/iefix2.css?1590627710
IP
GET /css/site/iefix2.css?1590627710 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 22 Mar 2022 22:33:35 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 19:29:31 GMT
etag: W/"232888fcfd95b6ca4648f9561a0959c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 44xDlnTyaO-1CTBnRTsETdUgVltSH9Mwr3lVDUvmfQri5O91Zlb7rw==
age: 10191
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/emoji.css?1660095097
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/css/emoji.css?1660095097
IP
GET /css/emoji.css?1660095097 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 10 Aug 2022 05:56:00 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 05:42:21 GMT
etag: W/"182103d941eb80d080d3aed950c725d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tCztR_DIm9f_RZljc4LhKtrPMl89MchzCVNMfcMJFm9Pi1br0Of2qA==
age: 62512
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/jquery.trackpad-scroll-emulator.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/jquery.trackpad-scroll-emulator.js?1577682292
IP
GET /js/jquery.trackpad-scroll-emulator.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:34 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 17:56:01 GMT
etag: W/"a4e550fb7a5e5f3a11e4546103da744a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gisSkl643QyBtBCnqw1-rBxM_Et4h4CMHtqI-Gjp1yhqiu-K1-8PSg==
age: 15738
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/bootstrap.slide-menu-alarm.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/bootstrap.slide-menu-alarm.js?1577682292
IP
GET /js/bootstrap.slide-menu-alarm.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:30 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 15:42:08 GMT
etag: W/"54fd29840c3561cb573eba8edf6a38a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QgHQqecZ1DR4uuqMTLxoRtYelY-OBGLWz2939Qpc6KJWdtqT1UTyoQ==
age: 23729
X-Firefox-Spdy: h2
fonts.googleapis.com/earlyaccess/nanumgothic.css
200 OK 0 B URL HTTP/2 fonts.googleapis.com/earlyaccess/nanumgothic.css
IP
GET /earlyaccess/nanumgothic.css HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 22:17:02 GMT
date: Sun, 04 Dec 2022 22:17:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/classie.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/classie.js?1577682292
IP
GET /js/classie.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:26 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 05:42:22 GMT
etag: W/"a9df1cfb76ce492afd9d13f3320272fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EM-jVQX_75dq0-1li8ISAckGstOpqNLVMkqNGdOZE6rdLl_Fw9fvtQ==
age: 64479
X-Firefox-Spdy: h2
tffds.com/js/alarm_menu.js?1603862128
200 OK 0 B URL HTTP/2 tffds.com/js/alarm_menu.js?1603862128
IP
GET /js/alarm_menu.js?1603862128 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Wed, 28 Oct 2020 05:15:28 GMT
vary: Accept-Encoding
etag: W/"5f98fe70-fba"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gm_0c7ZguueCGlHLYHnmLmjrINJ2JR0kQftLBO5LGPRkDDZgWvcsxg==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/fonts/pretendard/web/static/pretendard.css?1669614457
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/fonts/pretendard/web/static/pretendard.css?1669614457
IP
GET /fonts/pretendard/web/static/pretendard.css?1669614457 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 28 Nov 2022 05:52:49 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 05:55:18 GMT
etag: W/"b1ba7e213d62000d8a8ba19509fee5a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vwdbopCbwExR003_bBbpW-YNYRqMo5v95F0nHPqg1-2cNNusQ9satg==
age: 58982
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/fonts/froala-emoji-tap/style.css?1660095148
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/fonts/froala-emoji-tap/style.css?1660095148
IP
GET /fonts/froala-emoji-tap/style.css?1660095148 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 10 Aug 2022 05:56:00 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 05:42:21 GMT
etag: W/"2c7026abca22aa0b59cfbcf5e0ea10b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AsNER5KEM55yNlv_W6KtVUk85n95zkaSnFKAMk47-W4OJVU5Gp91eg==
age: 60516
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/snow.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/snow.js?1577682292
IP
GET /js/snow.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:23 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 19:12:11 GMT
etag: W/"4c6fe27743698f8e5373af6aa1c79ba7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rtjgbAXVclvnj8pA8P969akpb_K7mZaVqrotVozYzGeQ5_3_AxRqDg==
age: 11097
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/jquery.timepicker.min.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/jquery.timepicker.min.js?1577682292
IP
GET /js/jquery.timepicker.min.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:21 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 03 Dec 2022 22:22:05 GMT
etag: W/"108f094efc9c86d8255bf2f0d90032e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: akGDeYdqX2mQceKFM5eOq-WWT2LwDp7kpMEUkV-7h3NXxLXzrzUtWA==
age: 86121
X-Firefox-Spdy: h2
tffds.com/js/app.js?1577682295
200 OK 0 B URL HTTP/2 tffds.com/js/app.js?1577682295
IP
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/app.js?1577682295 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Mon, 30 Dec 2019 05:04:55 GMT
vary: Accept-Encoding
etag: W/"5e098577-90e"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lLV3sYio2atCvhSOermKIZ_Umoi0w0kJFwaWqbKLCddLPGoLhCaPPA==
X-Firefox-Spdy: h2
tffds.com/js/site_booking.js?1661301874
200 OK 0 B URL HTTP/2 tffds.com/js/site_booking.js?1661301874
IP
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/site_booking.js?1661301874 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Wed, 24 Aug 2022 00:44:34 GMT
vary: Accept-Encoding
etag: W/"63057472-bb7c"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AnwxKmtCxnePE6zf2-jOdNP2pDh0UpMbzDHI6hfQXLO7qjoTSnNFIw==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/bootstrap-hover-dropdown.min.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/bootstrap-hover-dropdown.min.js?1577682292
IP
GET /js/bootstrap-hover-dropdown.min.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:44 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 15:25:58 GMT
etag: W/"96703606924ad7165b41efa01468371a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CisDGIkMBk2K1jZqgcKd6bXTJh8wa99SxvTPHgd4eFG6ylkqxfJxAg==
age: 25128
X-Firefox-Spdy: h2
tffds.com/js/preview_mode.js?1656296713
200 OK 0 B URL HTTP/2 tffds.com/js/preview_mode.js?1656296713
IP
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/preview_mode.js?1656296713 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Mon, 27 Jun 2022 02:25:13 GMT
vary: Accept-Encoding
etag: W/"62b91509-a70"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VWBw8bcdepx3F2E8Woa9dYQKgp4rAQL1LdvskuygncVbTFLVyi_xbw==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/jquery.chosen.js?1619084781
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/jquery.chosen.js?1619084781
IP
GET /js/jquery.chosen.js?1619084781 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:35 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 03 Dec 2022 22:22:04 GMT
etag: W/"2e7563460f63f4698ecd26bf64168d7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EkTrxaXPE-uX3lfrSeYSbKA5g8tSnLetGyejIR73jeSrvxZmWSzf8g==
age: 86120
X-Firefox-Spdy: h2
tffds.com/js/one_page.js?1577682295
200 OK 0 B URL HTTP/2 tffds.com/js/one_page.js?1577682295
IP
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/one_page.js?1577682295 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Mon, 30 Dec 2019 05:04:55 GMT
vary: Accept-Encoding
etag: W/"5e098577-ca3"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qPrU6yS8XeHp8VmKIuBrSBpCCO2egPezGKFb9jFHCVfTSmgdq0525g==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/imagesloaded.pkgd.min.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/imagesloaded.pkgd.min.js?1577682292
IP
GET /js/imagesloaded.pkgd.min.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:39 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 05:42:22 GMT
etag: W/"511ef2f6ee750edc32bb5c8d5d324e7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a83W_DSGp5t4uIy5UuzcQOx3oWGOxFpnSz4kMZYQNBe5oHeriKywgg==
age: 60683
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/ThreeCanvas.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/ThreeCanvas.js?1577682292
IP
GET /js/ThreeCanvas.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:23 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 01:17:32 GMT
etag: W/"a304b51dfeb75caa15b40f57d67bfc70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3oyP0bGj6t0iMPpzRFfYrm-483Z6Sk9kJ7wyzG5V2CuKu1Hm5w0FQA==
age: 75647
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/lodash.min.js?1656295899
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/lodash.min.js?1656295899
IP
GET /js/lodash.min.js?1656295899 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Jun 2022 22:15:04 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 01:45:05 GMT
etag: W/"bc0594c54450e8ac689739b6b198067a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IicUNx6PQC_OabNk786FiWRijqtVZBazRqB4WJeMsVIbq0LrwZDhGg==
age: 74042
X-Firefox-Spdy: h2
tffds.com/js/site_animation.js?1648796493
200 OK 0 B URL HTTP/2 tffds.com/js/site_animation.js?1648796493
IP
Analyzer Verdict Alert openphish Chase Personal Banking
fortinet Phishing
GET /js/site_animation.js?1648796493 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Fri, 01 Apr 2022 07:01:33 GMT
vary: Accept-Encoding
etag: W/"6246a34d-edf"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jCONM13rCmKEif7Zx0Y6xdG0sPMrfgnZexgctEgdTmxRPN4_8Vql-A==
X-Firefox-Spdy: h2
tffds.com/js/site_event_check.js?1596495221
200 OK 0 B URL HTTP/2 tffds.com/js/site_event_check.js?1596495221
IP
GET /js/site_event_check.js?1596495221 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Mon, 03 Aug 2020 22:53:41 GMT
vary: Accept-Encoding
etag: W/"5f289575-1d00"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kKuIjQ7LkaGgE4doQu5e4xDC03mz7TalLoJkc9WhDFF6QXvTqQQagA==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/masonry.pkgd.min.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/masonry.pkgd.min.js?1577682292
IP
GET /js/masonry.pkgd.min.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:28 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 01:45:05 GMT
etag: W/"c54e75edf5cbaf412bc16ba4145f6032"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ynoolfZLNwCSMfY4uQoeMHbGFwiUJvpfsfaimUQwyc6L_MZ96NWBDg==
age: 74092
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/lightgallery-all.min.js?1596595980
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/lightgallery-all.min.js?1596595980
IP
GET /js/lightgallery-all.min.js?1596595980 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:22 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 06:40:07 GMT
etag: W/"c27c07b24b6bb357841dc00cac865d2f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5ygClcrKcsHtCpEyV4GQws_PdL82dr2j3Mg-KPbjlIgs5CPOFKuyOg==
age: 57844
X-Firefox-Spdy: h2
tffds.com/css/custom.cm?1670159319
200 OK 0 B URL HTTP/2 tffds.com/css/custom.cm?1670159319
IP
GET /css/custom.cm?1670159319 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css;charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"
set-cookie: al=KR; expires=Sat, 30-Sep-2023 22:17:01 GMT; Max-Age=25920000; path=/; domain=tffds.com; HttpOnly
expires: Sun, 04 Dec 2022 22:27:01 GMT
cache-control: max-age=600
pragma: public
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DwwSUtg16rX8WpOVs4H_JGbvpBZQdQQ6QwjBa8TrhlCAd1dQTf4Kcg==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/site/site2.css?1669168466
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/css/site/site2.css?1669168466
IP
GET /css/site/site2.css?1669168466 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 23 Nov 2022 01:58:05 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 00:48:10 GMT
etag: W/"07469ba9987c7dd41a726c1ba19d5b35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 83yViqRDUGHtMBjqSIs1bFj4nXsFgqgVsF1gRV2syCzf--p4_DUEWQ==
age: 77334
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/site_common.js?1669342392
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/site_common.js?1669342392
IP
GET /js/site_common.js?1669342392 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 02:16:36 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 02:59:54 GMT
etag: W/"c0cb98c476f68e187f809dcae6e4b484"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5dUoHXYfsB8CESeY_m_qVSmGNDu2Kx7P8qEMUYw-9VtdCbku1MqCkw==
age: 80265
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/modernizr.custom.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/modernizr.custom.js?1577682292
IP
GET /js/modernizr.custom.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:38 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 01:13:24 GMT
etag: W/"231cacb5b51f1d9982a69285371f9ec8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jEw_xNS9Lh2EKjv2AriJwe4UgjmdidjaGYGcEiApCon7biMbNzYONw==
age: 76283
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/gambit-smoothscroll-min.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/gambit-smoothscroll-min.js?1577682292
IP
GET /js/gambit-smoothscroll-min.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:44 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 19:32:48 GMT
etag: W/"7894e81941d0048a0659bfee4b2de8ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jctgdHuXJtB28LvruCWSnzYWfzpkK9BAas6Bqok820uS6a_va9HAKg==
age: 9992
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/bootstrap.slide-menu.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/bootstrap.slide-menu.js?1577682292
IP
GET /js/bootstrap.slide-menu.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:37 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 05:42:22 GMT
etag: W/"31553dfba498ec3a30947c9a825d1051"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bkjY_PJhmCA2eDFElrvOyW1guAXFwuAvwqBvjNW7nQ18Yj9hDHK8Yw==
age: 64727
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/jquery.canvasResize.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/jquery.canvasResize.js?1577682292
IP
GET /js/jquery.canvasResize.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:37 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 01:17:32 GMT
etag: W/"c96271dfe7457d87edb605780573274d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2Cq9blwo6XxLgUm0o7uJZNQtGe9lStJ_JMdMHozDk1jBTPOG4yQwTQ==
age: 80265
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/jquery.number.min.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/jquery.number.min.js?1577682292
IP
GET /js/jquery.number.min.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:19 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 06:40:07 GMT
etag: W/"e5447b23f3ad831468bf85423ad2dcac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zj3ciNTBTT4KNRkcfQKWW17N_fO2H5sXsAx9UOt1-GzlfmlzxYRIwg==
age: 57776
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/css/montserrat.css
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/css/montserrat.css
IP
GET /css/montserrat.css HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 27 Apr 2021 21:58:46 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 15:57:35 GMT
etag: W/"3070b0703d6621d221e892db1990ccfe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KOIm8GsQMygT7WAfCogBzQAio_IHEF0f02r4paqdzEO1ooRvgs_dbg==
age: 24376
X-Firefox-Spdy: h2
tffds.com/js/site.js?1640052936
200 OK 0 B URL HTTP/2 tffds.com/js/site.js?1640052936
IP
GET /js/site.js?1640052936 HTTP/1.1
Host: tffds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Cookie: IMCOCOASESSID=nffpq81uo372564nn6adlb5mo1roh65ur3ikc9hd9rq5s3pqjmnm948b1e9nm3u88qlbtp5cf1l3n0275tissvp55fnbpmvub99an83; al=KR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 22:17:02 GMT
server: nginx
last-modified: Tue, 21 Dec 2021 02:15:36 GMT
vary: Accept-Encoding
etag: W/"61c138c8-5762"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j1X9jQwU6doS2X15-d9buqdohmYigmfn7DeC0hD8BqbtE5eRM4EgFg==
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/minify_css/vendor_red_10.css?1653367465
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/minify_css/vendor_red_10.css?1653367465
IP
GET /minify_css/vendor_red_10.css?1653367465 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 29 Jun 2022 22:15:04 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 13:10:55 GMT
etag: W/"7da1dae3dc085edc7b17c0ef26ada3d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: azEYmtJrALCQIKPUbJqYAojVvtFoQ8n5KSLNvqh4Vqev7YU2Sjrpag==
age: 33005
X-Firefox-Spdy: h2
cdn.imweb.me/thumbnail/20220928/6a961c8730ba9.png
200 OK 0 B URL HTTP/2 cdn.imweb.me/thumbnail/20220928/6a961c8730ba9.png
IP
GET /thumbnail/20220928/6a961c8730ba9.png HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png; charset=utf-8
content-length: 487320
last-modified: Wed, 28 Sep 2022 07:26:33 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 23:19:41 GMT
etag: "5ee25788da0df21ee77c8f57ba87ec15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nGalvEv0V4_BW0EkG-YPVbeWeh7VGamhtyGFnK_Mh1_J5U4XH3I0Bg==
age: 82642
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/nprogress.js?1577682292
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/nprogress.js?1577682292
IP
GET /js/nprogress.js?1577682292 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 22:00:37 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 00:30:47 GMT
etag: W/"094e662d40f0e2a40698a857178a5f01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cH3GmHA2GtsUB7aTJzIkpiXf7N1mthfBXWyeI2QhbKSoOt6Ih8rmyg==
age: 78886
X-Firefox-Spdy: h2
sstatic-g.rmcnmv.naver.net/resources/js/naver_web_player_ugc_min.js
200 OK 0 B URL HTTP/2 sstatic-g.rmcnmv.naver.net/resources/js/naver_web_player_ugc_min.js
IP
GET /resources/js/naver_web_player_ugc_min.js HTTP/1.1
Host: sstatic-g.rmcnmv.naver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Wed, 12 Feb 2020 08:43:29 GMT
accept-ranges: bytes
content-encoding: gzip
content-type: text/javascript
content-length: 468873
unused62: 8096267
date: Sun, 04 Dec 2022 22:17:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
vendor-cdn.imweb.me/js/common.js?1669765370
200 OK 0 B URL HTTP/2 vendor-cdn.imweb.me/js/common.js?1669765370
IP
GET /js/common.js?1669765370 HTTP/1.1
Host: vendor-cdn.imweb.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tffds.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 23:55:27 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 03:59:07 GMT
etag: W/"622bec0d1976967b07bef27c398e8d3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J228pddWWYJ10s2M4wTWiK9IhH3btl9B2HttcCv5bcSbN_cwmrZ9xA==
age: 73456
X-Firefox-Spdy: h2
54.230.111.8
23.195.255.54
93.184.220.29
162.159.128.61