www.genians.co.kr Open in urlscan Pro
199.60.103.31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.genians.co.kr/blog/threat_intelligence/facebook
Submission: On May 17 via manual (May 17th 2024, 10:05:26 am UTC) from SG — Scanned from SG

Summary HTTP 117 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 26 domains to perform 117 HTTP transactions. The main IP is 199.60.103.31, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.genians.co.kr.
TLS certificate: Issued by GTS CA 1P5 on May 14th 2024. Valid for: 3 months.

This is the only time www.genians.co.kr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	199.60.103.31 199.60.103.31	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
8	74.125.24.95 74.125.24.95	15169 (GOOGLE) (GOOGLE)
2	172.67.70.112 172.67.70.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.69.47 172.67.69.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.4.95 142.250.4.95	15169 (GOOGLE) (GOOGLE)
7	104.16.118.116 104.16.118.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.176.91 104.17.176.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
15	64.233.170.94 64.233.170.94	15169 (GOOGLE) (GOOGLE)
6	172.64.146.132 172.64.146.132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.109.254 104.16.109.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.153.27 172.64.153.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.117.116 104.16.117.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.140.17 104.18.140.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.223.152 104.17.223.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.175.201 104.17.175.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.33.88.78 13.33.88.78	16509 (AMAZON-02) (AMAZON-02)
2	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
3	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.38.63.222 3.38.63.222	16509 (AMAZON-02) (AMAZON-02)
4	74.125.130.97 74.125.130.97	15169 (GOOGLE) (GOOGLE)
1	104.18.241.108 104.18.241.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.84.229.83 52.84.229.83	16509 (AMAZON-02) (AMAZON-02)
1	172.253.118.155 172.253.118.155	15169 (GOOGLE) (GOOGLE)
3	216.239.34.178 216.239.34.178	15169 (GOOGLE) (GOOGLE)
1 2	142.251.175.103 142.251.175.103	15169 (GOOGLE) (GOOGLE)
2	74.125.24.155 74.125.24.155	15169 (GOOGLE) (GOOGLE)
1	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
1	74.125.200.157 74.125.200.157	15169 (GOOGLE) (GOOGLE)
2	142.251.175.94 142.251.175.94	15169 (GOOGLE) (GOOGLE)
117	33

30 199.60.103.31 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.genians.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.70.112 (United States)

ASN13335 (CLOUDFLARENET, US)

app.convertful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.69.47 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
display.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.118.116 (None, )

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.176.91 (None, )

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.146.132 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

22120960.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.109.254 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.153.27 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.117.116 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.140.17 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.223.152 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.175.201 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.88.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-78.sin2.r.cloudfront.net

cdn.channel.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.38.63.222 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-38-63-222.ap-northeast-2.compute.amazonaws.com

api.channel.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.130.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.241.108 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.229.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-229-83.sin2.r.cloudfront.net

cf.channel.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.103 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sh-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	genians.co.kr www.genians.co.kr	546 KB
15	gstatic.com fonts.gstatic.com	281 KB
10	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 12774 js.hubspot.com — Cisco Umbrella Rank: 4098 app.hubspot.com — Cisco Umbrella Rank: 5794 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4060 track.hubspot.com — Cisco Umbrella Rank: 2393 forms.hubspot.com — Cisco Umbrella Rank: 5442	41 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 380	201 KB
8	channel.io cdn.channel.io — Cisco Umbrella Rank: 138073 api.channel.io — Cisco Umbrella Rank: 123269 cf.channel.io — Cisco Umbrella Rank: 217642	238 KB
6	hubspotusercontent-na1.net 22120960.fs1.hubspotusercontent-na1.net	159 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	385 KB
4	hsforms.com perf.hsforms.com — Cisco Umbrella Rank: 13925 perf-na1.hsforms.com — Cisco Umbrella Rank: 4386	5 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 89	3 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 154	953 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	76 KB
2	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 13326	562 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	398 B
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2189	23 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4572 forms.hscollectedforms.net — Cisco Umbrella Rank: 4722	26 KB
2	popt.in cdn.popt.in — Cisco Umbrella Rank: 28755 display.popt.in — Cisco Umbrella Rank: 28889	56 KB
2	convertful.com app.convertful.com — Cisco Umbrella Rank: 86467	19 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103	455 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3473	1 KB
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 6483	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	28 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2225	21 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3146	4 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5201	88 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5709	6 KB
117	26

	Domain	Requested by
30	www.genians.co.kr	www.genians.co.kr
15	fonts.gstatic.com	fonts.googleapis.com
8	fonts.googleapis.com	www.genians.co.kr
6	22120960.fs1.hubspotusercontent-na1.net	www.genians.co.kr
4	www.googletagmanager.com	www.genians.co.kr www.googletagmanager.com js.hsadspixel.net
4	api.channel.io	cdn.channel.io
3	track.hubspot.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.genians.co.kr
3	perf.hsforms.com	www.genians.co.kr
3	cdn.channel.io	www.genians.co.kr cdn.channel.io
3	connect.facebook.net	www.genians.co.kr connect.facebook.net
2	www.google.com.sg	www.genians.co.kr
2	googleads.g.doubleclick.net	www.genians.co.kr www.googletagmanager.com
2	www.google.com	1 redirects www.genians.co.kr
2	www.facebook.com	www.genians.co.kr
2	cta-service-cms2.hubspot.com	www.genians.co.kr js.hubspot.com
2	js.hs-banner.com	www.genians.co.kr js.hs-banner.com
2	no-cache.hubspot.com	www.genians.co.kr
2	app.convertful.com	www.genians.co.kr app.convertful.com
1	forms.hubspot.com	js.hsleadflows.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	cf.channel.io	www.genians.co.kr
1	perf-na1.hsforms.com	www.genians.co.kr
1	api.hubapi.com	js.hsadspixel.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	display.popt.in	cdnjs.cloudflare.com
1	js.sentry-cdn.com	cdn.channel.io
1	app.hubspot.com	www.genians.co.kr
1	cdnjs.cloudflare.com	cdn.popt.in
1	js.hs-analytics.net	www.genians.co.kr
1	js.hsadspixel.net	www.genians.co.kr
1	js.hsleadflows.net	www.genians.co.kr
1	js.hubspot.com	www.genians.co.kr
1	js.hscollectedforms.net	www.genians.co.kr
1	static.hsappstatic.net	www.genians.co.kr
1	ajax.googleapis.com	www.genians.co.kr
1	cdn.popt.in	www.genians.co.kr
117	39

This site contains links to these domains. Also see Links.

Domain
www.genians.com
docs.genians.com
career.genians.co.kr
www.defense.gov
asec.ahnlab.com
www.sentinelone.com
www.korearisk.com
www.facebook.com
www.linkedin.com
blog.naver.com
www.youtube.com

Subject Issuer	Validity	Valid
www.genians.co.kr GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-28` - `2024-06-27`	a year	crt.sh
popt.in E1	`2024-05-05` - `2024-08-03`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hsappstatic.net E1	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
hscollectedforms.net E1	`2024-03-29` - `2024-06-27`	3 months	crt.sh
hs-banner.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
hsleadflows.net E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
hsadspixel.net E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
channel.io Amazon RSA 2048 M02	`2024-03-18` - `2025-04-15`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
hsforms.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.genians.co.kr/blog/threat_intelligence/facebook
Frame ID: A4D438894B38D796C2AAC3C535607A31
Requests: 110 HTTP requests in this frame

Frame: https://cdn.channel.io/plugin/ch-plugin-core.4808bef7.vendor.js
Frame ID: E7384D01408FCFEA50DAFD2F4E7B9ABE
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

페이스북과 MS관리콘솔을 활용한 Kimsuky APT 공격 발견

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

117
Requests

99 %
HTTPS

0 %
IPv6

26
Domains

39
Subdomains

33
IPs

4
Countries

2231 kB
Transfer

5941 kB
Size

34
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.genians.com/dpi-list/
Title: GDPI

Search URL Search Domain Scan URL

URL: https://docs.genians.com/release/ko/
Title: Genian NAC

Search URL Search Domain Scan URL

URL: https://docs.genians.com/ie/2.0.1/release/ko/
Title: Genian EDR

Search URL Search Domain Scan URL

URL: https://www.genians.com/investor-relations/
Title: GLOBAL IR

Search URL Search Domain Scan URL

URL: https://career.genians.co.kr/
Title: 채용

Search URL Search Domain Scan URL

URL: https://www.genians.com/

Search URL Search Domain Scan URL

URL: https://www.defense.gov/About/Biographies/Biography/Article/1174198/dr-robert-soofer/
Title: DR. ROBERT SOOFER

Search URL Search Domain Scan URL

URL: https://asec.ahnlab.com/ko/54952/
Title: 문서 뷰어로 위장한 악성 배치 파일(*.bat) 유포 중(Kimsuky)

Search URL Search Domain Scan URL

URL: https://www.sentinelone.com/labs/kimsuky-evolves-reconnaissance-capabilities-in-new-global-campaign/
Title: Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign

Search URL Search Domain Scan URL

URL: https://www.korearisk.com/
Title: Korea Risk Group

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.genians.co.kr/blog/threat_intelligence/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.genians.co.kr/blog/threat_intelligence/facebook
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.genians.com/slack
Title: Slack Chat

Search URL Search Domain Scan URL

URL: https://blog.naver.com/geninetworks
Title: 네이버 블로그

Search URL Search Domain Scan URL

URL: https://www.facebook.com/geniansk
Title: 페이스북

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCROgy3oQBLX7XJxrtwlOCmw/videos
Title: 유튜브

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/geni-networks/
Title: 링크드인

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://www.google.com/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5&rnd=1519131580.1715940320&url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&dma=0&npa=0&gtm=45He45f0n81K2W7KLKv894175417za200&auid=1508471037.1715940320 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5&rnd=1519131580.1715940320&url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&dma=0&npa=0&gtm=45He45f0n81K2W7KLKv894175417za200&auid=1508471037.1715940320

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request facebook Show response
www.genians.co.kr/blog/threat_intelligence/ 219 KB
58 KB 658ms
284ms Document
text/html 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a181d606a65a1597ca293fb524850219f19b23f6bc7b89476614ddb15e8de49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 8852c9c71bcf5f6f-SIN
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 17 May 2024 10:05:17 GMT
edge-cache-tag: CT-166722337865,CG-160042930800,P-22120960,W-91477323817,CW-82089555793,CW-90177302329,CW-91475314358,E-79898463282,E-79898702603,E-79899581031,E-79899581289,E-79900046894,E-80098821499,E-80108915758,E-80196549756,E-80324726170,E-80324726186,E-90030717443,E-90770797734,E-91475314353,MENU-91477323817,PGS-ALL,SW-1,GC-90769646347,GC-93807820653,TS-79898702625
etag: W/"20c56d0a547f212e69c397f784b6f514"
last-modified: Mon, 13 May 2024 08:05:17 GMT
link: </hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js>; rel=preload; as=script,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2B9MCPZW6uHfcsFtarNHdwrtczH67ny7wsMVGwceoJLcnfAf2QUGRnKP4%2BBVB%2BXIKBHE8B4BNKYz842dDEoCaz1imP3IVgjp%2FZuHOxT0XLk6KfnpREi8IReFRJqSNAp%2B0YDm"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-id: 166722337865
x-hs-hub-id: 22120960
x-hs-prerendered: Mon, 13 May 2024 08:05:17 GMT

GET
H2 200 jquery-1.11.2.js Show response
www.genians.co.kr/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
35 KB 62ms
61ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 b4ef37917b36c601eeeeb55cdda4288c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 569565
x-amz-cf-pop: SIN2-C1
x-amz-version-id: null
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ClZyTZGnbvi14yX1hXeaQF%2FFENFBORfbyPJhV4vxycLtMWMKyvRWuizYXNcR1qT3OiVIAKwmd%2BZl8cd2iqpYDQ3LSvFKpLwhGlOpR8xxit7nhRRmQkwgIl%2F2uRvyjRfimi26"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8852c9c8edbe5f6f-SIN
x-amz-cf-id: Lbrlv3h9MELdaW-MGLjHM6JDxK5uDU-UDNyjA5YNzTCGKiLdHiSzcQ==
expires: Sat, 17 May 2025 10:05:17 GMT

GET
H2 200 project.js Show response
www.genians.co.kr/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 58ms
58ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 579232
x-amz-cf-pop: SIN2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kK4eDjXOjXI95tmSbdDB8BNNTt5CvTgxE6doK4Ro2y%2Bp68nC2FkBOMpWwsI3W0OKeFpEGngSHnrlQeqtZ4z0%2FpdAnN44%2BDuhXQmcWSCZrFup47hyBbHULj6VsQQaVn9QHzYB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8852c9c8edc15f6f-SIN
x-amz-cf-id: Ie8PXhxahhhpuemoZOOP7KIqGA03GXD0oomOIrTiQujnGESDeXqAnw==
expires: Sat, 17 May 2025 10:05:17 GMT

GET
H2 200 project.js Show response
www.genians.co.kr/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1004 B 60ms
59ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 565818
x-amz-cf-pop: SIN2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPRWtlky3ilPGocSzVLok1iqeGpUQY5MvPw%2FT731ed3nq7rSF1AuUlqsBBKjJz1h9sxcU%2BC3GPXPmi9ygkvPJFW%2BRpfr62UA%2FkCrtKmrWeJcx9x12ZXR%2FBIGfMYGRj8lJuib"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8852c9c8edc35f6f-SIN
x-amz-cf-id: XQvIvCMUOkmL8gAJ-U8oNCyvL9JJkx6vOmLogoaAdc0VDHl7mp5eIQ==
expires: Sat, 17 May 2025 10:05:17 GMT

GET
H2 200 _blog.min.css
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/79899581289/1659968487946/Genians_July2022/css/templates/ 34 KB
7 KB 356ms
350ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/79899581289/1659968487946/Genians_July2022/css/templates/_blog.min.css

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9859ed95c152f2cdffa8a84f55cc8c9986d7feb4fd7f64ccdfc7f6ea7e1453fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 8H7N91VHKEBDEPXV
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"6ce54718dc8eaf726534a0e23dbd1b08"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1659968489156
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: zxzTB10QSyV_.S3jZC2Njqa.F2WuK7Cf
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 836093ba-1179-4493-b75a-1fc8e49851aa
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 144
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HyvLKq2M4ZByBvWQJgkJ5Cq62xW5i6iFxCXjqYc6dGoCDAGm6NyUo/In29x6rGqEKgA8qEwWSng=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 836093ba-1179-4493-b75a-1fc8e49851aa
last-modified: Mon, 08 Aug 2022 14:21:30 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qVv524RxieSvIhOBi%2FDSka3e4W4hS15uC%2F%2Frps%2Blh1B806aWsHSu0hcAikGuLkwLUlch9boYEJvu%2FKZ8KfOByiztHOb9g1sw7jXmfsbdgdM8k1ofciOGoHrW%2BMIRHkMVO2Pf"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8852c9c8fdc85f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: nrOowjQV_2SAqbViE21swYvtDoqdC99jCh-b2dM55iGCfURZASO4UQ==

GET
H2 200 css2
fonts.googleapis.com/ 56 KB
13 KB 420ms
35ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Do+Hyeon&display=swap

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

5ba72404f10d3334dc22edc8768ce022912d0207178fe5b63d4c43cd655d5124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 10:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 10:05:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 10:05:17 GMT

GET
H2 200 main.min.css
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/79898702603/1710135903860/Genians_July2022/css/ 107 KB
21 KB 69ms
64ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/79898702603/1710135903860/Genians_July2022/css/main.min.css

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

efdac532a62c61456e138c7e3c5b2e56674b39b8f29c1396b4568f59380833ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RJ7GKYJ6W6HDV55Q
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"374f24a3acd12b4b89a836eb87a201b1"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1710135904983
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 936f33bed45438343f0ef2adff442814.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: BfIhfSO_._j4xGGNCSL0O4jxx8iH0IPt
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 2fd7d708-fcb0-4436-b4a9-ecb3356a4eb5
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 299
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4EcsJgvMWkDVWCICmbUXYyb6PW0pIFJDV7YmWALAoo0J+db0psvfgzrKlgjLdjgvatD8eL1Om2M=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 2fd7d708-fcb0-4436-b4a9-ecb3356a4eb5
last-modified: Mon, 11 Mar 2024 05:45:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2FtHHnSbQUS%2Fwop59RxwATBo14lqANmxcM5NmA8HUHnpg9Z%2BjirapvkG6GumPI8tdZZJi3U%2B2os6OL0e0wnrjBpjYB%2BAGsLNEMVh5C7xx4LR%2FOl9iubQJp3Ea8MGI5fCBy3"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8852c9c8fdd05f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: l1ef3zenhsDBy3ohVEVL5fJzJkBhWh6mqVXhSU-PyDvZ_q98F3dNvg==

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 421ms
37ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans%3A300italic%2C400italic%2C700italic%2C400%2C700%2C300&ver=5.8.4

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

9b879928082038ce615bf66e6f4839a9f81780498d3b5bdd6d0fefd4c624c2ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 10:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 10:05:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 10:05:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 561 KB
138 KB 422ms
39ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

6291dfb4cb5c4c6d1d03ce9700fced21a16ae00efca8e8a290aca005c04b953c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 10:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 10:05:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 10:05:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 56 KB
3 KB 421ms
38ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%7CShadows+Into+Light%3A400%2C700%7COpen+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%7CPlayfair+Display%3A400%2C700&ver=5.8.4

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

972d3a6eab1ff85ee07fe022dbe9bac480a62447afa9c8407acbb4e9a0caa763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 10:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 10:05:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 10:05:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 55 KB
12 KB 417ms
34ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Black+Han+Sans&display=swap

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

ce6346e4f1b1ce6aebfa9d5b120f69d7c3994dc604fc1868941df9ceb57eb8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 10:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 09:59:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 10:05:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 417ms
34ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300|Open+Sans:400|Open+Sans:700

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 10:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 08:27:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 10:05:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 418ms
36ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100italic%2C100%2C300italic%2C300%2C400italic%2C400%2C500italic%2C500%2C700italic%2C700%2C900italic%2C900&ver=5.8.4

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 10:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 09:49:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 10:05:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
837 B 415ms
33ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300|Lato:400|Lato:700

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 10:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 09:36:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 10:05:17 GMT

GET
H2 200 animate.min.css
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/80324726186/1659968480000/Genians_July2022/css/ 54 KB
6 KB 170ms
167ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/80324726186/1659968480000/Genians_July2022/css/animate.min.css

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

275e255b6cc0db0a3fc78b2fe2f7fe4f69aaa8535d5303c42fcf83546deb8485

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RJ7RM69A9D904B6S
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"c4b6f629d6a0edadad11aa46ff82822b"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1659968480970
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 b4346add631a498bf6cdbf88cbc5ff12.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ye8rqRi937_ZhR5vDvJJjJ_Acr9XxASr
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 4122f2c3-a918-42f2-b446-f1f8d7021952
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 325
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Prcpjw04RlloVp8VAO7XlqC5WV+qdGI3NsIpjtaytL3N5nnZs+Qlpalaq18CsiDWH5OU+IhQVMA=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 4122f2c3-a918-42f2-b446-f1f8d7021952
last-modified: Mon, 08 Aug 2022 14:21:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=POUUWwtxuHcgTSb4XRsDX7yDFGfApqLWTgFHGZef39fZWGfiMyROEYPlJCLaxhG%2F3QVA%2FKwjtctM%2BET1yT4wGhgJRtkRxEuVx7ZfIOWfAXgrM3KhXdJAWrNZb3mAvTT25yCr"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
access-control-allow-credentials: false
cf-ray: 8852c9c8fdd15f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: EJDfgHNeWlOUmcu-F8IfCIPOUrVZwcayuLnesPSv_aFn3tb-r8woLQ==

GET
H2 200 theme-overrides.min.css
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/79899581031/1659968480353/Genians_July2022/css/ 5 KB
2 KB 94ms
91ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/79899581031/1659968480353/Genians_July2022/css/theme-overrides.min.css

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc3c0cacc5eea5ed712a54d02440f3b86ff2dd1a0382a26133634ad5c2294c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: TW0GQTAKNKQQKX3B
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"c978aeca5584400ecd971d8b565d24dc"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1659968480857
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 f9efe5e72b7e5cc47bf34a0b0debcbe2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: iQSjPeo4h7XV3mWvPw0u7D6aw5o1FYBg
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 006d3349-5527-45bb-972a-858a5569ba92
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 255
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CIpKJQ/RGPYyotMP0uM8paCP5CrA/3U2WNeoT3AjZDSHfyxsSxS7bW6H/3eQUcLjJBmdFYYGeiI=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 006d3349-5527-45bb-972a-858a5569ba92
last-modified: Mon, 08 Aug 2022 14:21:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCMV2wh7vp65wJ68WmpvvO4yRSupLbguN2Ut7xjOE72vC3SebZvSlW00VqyqpA9P9W48gWEb%2Fu6OSda0kYmdbjxmBuDImq4l1cG%2BVZz05fgelB6P2HDCZpRcjCiaIweKSmjf"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8852c9c8fdd25f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: P_IQ3lDEnnnGpmrLR5Fcn_T0k1w3riCfPKDEe3ZBabEu8AC3eKq1YQ==

GET
H2 200 module_91475314358_Header_Mod.min.css
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/module_assets/91475314358/1678653427481/ 12 KB
3 KB 100ms
97ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/module_assets/91475314358/1678653427481/module_91475314358_Header_Mod.min.css

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0bdd14796daf75544de42d2b34b6ef0afb7fc042ef22a8eddb4119d0541ad9a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RJ7H0GW91MPPVSQN
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"3a557fff2d191c0f746917c43a82cfca"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1678653427481
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 4NhKso_Ftfcw4g1gx9UcAMp3XTM_t0Bs
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 22b012d7-774b-4bce-a48d-94be134c6f9e
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 191
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tSOotfe982NuGH0X27I8SNgRqqHpwHUlrR6OK6pYneKtqtIJ0r8jsZH1IJ9sY+1fvS1fQN3NAw5zFEt7NwugwbI1zNQdFEnfAncSC8VlH/Q=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 22b012d7-774b-4bce-a48d-94be134c6f9e
last-modified: Sun, 12 Mar 2023 20:37:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iYTflDGHJPt0wjkdBmDCJN0nvdsYJkEdx7RWbn3WCWxEW3fgx%2BwKmpAvRYNVZ1OwABjLVXX4bRPlDPiEit%2BUIKNObuVMnEDh08KMe4ioJTj3K1q4HPDDzvW8ASrrnZuLoGnm"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8852c9c8fdd35f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: QpXXC6SkfwCUsNeN0_Z2q8h9kQ5ZbfgE26f8FU0Plj7BmeiOag48pw==

GET
H2 200 project.css
www.genians.co.kr/hs/hsstatic/BlogSocialSharingSupport/static-1.258/bundles/ 720 B
815 B 60ms
57ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs/hsstatic/BlogSocialSharingSupport/static-1.258/bundles/project.css

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 b854b2dbed0b7eb7e4e055e04c5ae48a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 579158
x-amz-cf-pop: SIN2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 8ccI4weZqJTdCHtwNm3UqetXb_uUGb6Y
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 20:21:22 GMT
server: cloudflare
etag: W/"a81c70764750950eb72d4537c41e781f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8PR1ZH8dfw%2BMoSgAWnk0lEAXQJX9BhoUvQ4gblN%2F2dhUZs48CxQ9%2Foo9H7pxow%2BZi%2BFOBrXm92XrR7xkj5h7BiKRS5fLgOE%2BWKohbdYXFmuznSqRpR8HClNORdQy2vrJb9z"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8852c9c8fdd45f6f-SIN
x-amz-cf-id: kRJkut1Jh1GSKCTKZ4h8NCv4-MS1VGabfpPL_VlufPJgg1v26a-agg==
expires: Sat, 17 May 2025 10:05:17 GMT

GET
H2 200 module_90177302329_Footer_Mod.min.css
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/module_assets/90177302329/1688627795365/ 7 KB
3 KB 91ms
88ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/module_assets/90177302329/1688627795365/module_90177302329_Footer_Mod.min.css

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

018834bd8fbdf2624a8f08731aa7567c5239bf6a2b3a37285e52c2ba3d040df9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RJ7HX36T7ERJ3VPF
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"55f4c290341b00b97e3fd5f5cd387034"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1688627795365
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 7f7e359e1c06a914d3d305785359b84c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: p0Wq3e2CIzUVjYjtnialpalfro00i1Up
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 8fcd8116-6f96-4a3c-be1a-e50a22f08836
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 190
alt-svc: h3=":443"; ma=86400
x-amz-id-2: hAK8FsqZ/sAClt9ytY4uCw3zmXUD3c0J6laV9yVgRbx+fNZp6p6/qQsi+N5u303E/wkpxLGkIEY=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 8fcd8116-6f96-4a3c-be1a-e50a22f08836
last-modified: Thu, 06 Jul 2023 07:16:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yCmPfxSKn1vG9lYZ5%2BkdMyLD0yC37isWWNiUSAHV42iRnim%2BcAs0kYhKDF9loND5IZTvo1r08umI4XD48fTBp2%2FHPUDKmag9hqVGlFgYFy%2FXLsw8uF7pGUtNrOpx8jdtk7gV"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8852c9c8fdd75f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: 7ANu6RKczIUriV6pjhd0vxVYGGROstGIDwN4j-p0j5i0LCVQ0E0z_g==

GET
H2 200 Convertful.js Show response
app.convertful.com/ 56 KB
18 KB 388ms
39ms Script
application/javascript 172.67.70.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertful.com/Convertful.js?owner=61137

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.112 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de8f830abed231072b7a748232a5b58b93d25c997c5b9a26d9620b2985b43fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3115041
cf-polished: origSize=57403
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 11 Apr 2024 08:46:58 GMT
server: cloudflare
etag: W/"6617a382-e03b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdfF85oBXwoemAo1pulEyJmjewgT8SBeLydTFMeT6OuhOvVaEwDvahzxMB7yLTcTivam9iSahxaI5dK%2FoUAEM9945WhZ4b8L57cEqu3s%2FxGWz6baXnrUrNbulD%2F9ptEVovN4zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8852c9ce1a999c74-SIN

GET
H2 200 pixel.js Show response
cdn.popt.in/ 228 KB
52 KB 384ms
29ms Script
text/javascript 172.67.69.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/pixel.js?id=fe412cec37a66
Requested by: Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f35d41f9e3c6837803647e11b42a2d168503f619e03e2966fa4c424e34973108

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
x-amz-version-id: f4CCS8Ij_b.kQpGKUV0C0Ge6YZB_SZgI
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 5e28bc713b3439ab2d031400bb99f2a0.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN52-P1
age: 3247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 May 2024 06:49:06 GMT
server: cloudflare
etag: W/"e2811d9b01c243ddd18f56421a40691d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djvYCR8yAAR6FksGAfTjBNxHQri4FSfyNwJdwujdG66Hs5nRNfZPFRaczBiNCdQFn65b3fYSmHYyHGgUffOeOvk0cb6qBX9DVW3Qx%2Fa%2BOao%2FrCbBbV2AQQUvTyWQNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 8852c9ce2dad409d-SIN
x-amz-cf-id: Pgv2-BSYzzU8vpLZgTF5D6Erlgp88xhR0_m_1QR5Gy4m6QxS0qjtqw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 451ms
25ms Script
text/javascript 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 05:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 05:58:19 GMT

GET
H2 200 close-icon.svg
www.genians.co.kr/hubfs/Assets_2022/ 296 B
1 KB 64ms
62ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genians.co.kr/hubfs/Assets_2022/close-icon.svg

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9b0825f13f69bc7a5ed7d71e62719a24969e2a035f8ac596829e22e99d53af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-91486080435,FD-89624073500,P-22120960,FLS-ALL
age: 222187
x-amz-request-id: 644ZX900CB9FVF9Z
x-amz-server-side-encryption: AES256
edge-cache-tag: F-91486080435,FD-89624073500,P-22120960,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"713d4ec47222ca0f7f83cb8af8d0432b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1668349365696
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 d196b3182ad74e7b80ce14b0ee8558c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: di9L5xOzj4QaCOFlvd9hC4zrnEFci_is
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-91486080435,FD-89624073500,P-22120960,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: y5nf2m6r2SjlI/KkkQ9TQWQXy+aA2KLOQMfcZZdy14oHX7ooVmuIlnnmu95fJbMRGr06iGdjW/0=
last-modified: Sun, 13 Nov 2022 14:22:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FqsPEq6%2BbBeftzFi1UxiQGnaI1C6BTic8KIW%2BgTA%2FcHg9RalwCuwkJA4AkFNoH3lFd7Cz5fJze9lWA1hHVSBJ7Qk2uUPzyQC8u45GQBuWh2%2B9W5iCNNGSD2SxtL9NQHV%2BcQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8852c9c8fdd85f6f-SIN
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: gWUpflACkLT-YqyxuNJgwsM5vMAUTEQ6w_Sdp7MdB1K3VBHTywBYkg==

GET
H2 200 search-icon.svg
www.genians.co.kr/hubfs/Assets_2022/ 431 B
1 KB 88ms
87ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genians.co.kr/hubfs/Assets_2022/search-icon.svg

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d9e00a6f21b8d4273ced29fded683f1b64f000420677471e62da53c58274a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-91483898913,FD-89624073500,P-22120960,FLS-ALL
age: 38209
x-amz-request-id: D2F6CWCMYARCN2WG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-91483898913,FD-89624073500,P-22120960,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"111f92c06c9352f16c35cfe4104e9da1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1668349365669
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 11db54d41dc7b64f760df4a169363db2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: yeVwQv5atV22vFFVeZ_gjmO23ukGkhrL
x-amz-cf-pop: MRS52-P2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-91483898913,FD-89624073500,P-22120960,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1zNUI1tHgXunXPZkwiJmQR9RI66D/Ehst4S9WbYt2k90/45/HPfAHAPtLPrj9jbM9xVTSEE3l9A=
last-modified: Sun, 13 Nov 2022 14:22:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lPrBfqYnT9S1IDBR7Eu8NjgKqhROBSKvSQR5gjxGG1oEXyp2rox8q4VoD0vyiFy8BCfyT5hPSIgqlyiRneRNtl7BNfG38bK314Tdm2fP1dMKtpmYum42kn1bAuXzSYlzJPB"}],"group":"cf-nel","max_age":604800}
cf-ray: 8852c9c8fdd95f6f-SIN
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: J4yXCwW83mSC6uxVrTVTqnjct6ZXaN-LkqqudBGFMo8BKoCH6jTpCw==

GET
H2 200 171685cc-9b9c-403c-9d26-fe85cdedf487.png
no-cache.hubspot.com/cta/default/22120960/ 4 KB
5 KB 1190ms
803ms Image
image/png 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/22120960/171685cc-9b9c-403c-9d26-fe85cdedf487.png

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ad0d857acb011242b1e51998d1da1787755b13a939e52a9e33b03c6bf79d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
x-amz-version-id: cDZxEgPyWwod27n5ZExqkrOWF7tH7HoD
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: YK52CCNDG4FTSGA9
x-amz-server-side-encryption: AES256
content-length: 4502
x-amz-id-2: lKcnG5b0Jim+gVmW99UXUbJ6cRsgm2uEt4zwKtQWyFrnum6fH78wnYiN7Fl86jQSMU1X54MA6EU=
last-modified: Tue, 04 Apr 2023 05:29:44 GMT
server: cloudflare
etag: "632df6e7c1d5297c049f20dfc92c5eb7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wN3UNmAZz3%2F%2Be2iVbWbMEbCQGNAfIBTrI9yURUjKgNfNpeS9zvK0Oez3ots364t70lWBU6F8B1k22Hqc7EDF3EJHgKwL42e3iIZxStOcTdPvitk5XrRiU2o8BYvhr1pgQjDP3DfU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8852c9cbcae6604d-SIN

GET
H2 200 current.js Show response
www.genians.co.kr/hs/cta/cta/ 18 KB
8 KB 56ms
55ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs/cta/cta/current.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

99638cf918a36ae5912b6e521489ec6f3c8cb82e2e21e2f43941b86f8b223aa6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 405
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.292/bundles/current.js&cfRay=8852bfe294408bce-SIN
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"6d8dd07e8368ff52cc7dcb421189093b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: cta-embed-js/static-1.292/bundles/current.js
date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: 6dYEpr.GOIl1ONbJkQvzy0C6ZtehNCz3
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 28f9a1ec-4bc9-4b45-9a26-e789c8fc309a
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 28f9a1ec-4bc9-4b45-9a26-e789c8fc309a
last-modified: Thu, 09 May 2024 14:05:37 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60IQTe3HYg1TM6ip9baKWNuUXaipTR0C9S95svOVoB67U9nxXUVLWCuPHmyoZILG01oQHA2CVcOE%2Bayrf3tSiXNyb%2BaUUdcDRdFHcquBi9RC5x%2B8nu%2FD7ltq7iCvLKivcAvL"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-9c6mc
cf-ray: 8852c9c98e475f6f-SIN
x-amz-cf-id: cHZF8kE7zkN_F3uhsEk2kDmzymXMAeoqovZpf6Jt1t-G9Z4NrsfXQw==

GET
H2 200 e223f582-cb41-426f-8322-1305288cd3ea.png
no-cache.hubspot.com/cta/default/22120960/ 4 KB
5 KB 349ms
347ms Image
image/png 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/22120960/e223f582-cb41-426f-8322-1305288cd3ea.png

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed626958a30b6f69d1f12c9cc733eaf8c41790c3b61073b7d91bfcba18d9c4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
x-amz-version-id: sUPtbT8hXJiVVNFQT8QG9InG1rdluOxa
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: YK58Q0D68M70EVA4
x-amz-server-side-encryption: AES256
content-length: 4029
x-amz-id-2: Cm4YYPacB94NNfN88QopTzYhAlIbCBUJPYqFESVYch1xd7H8I/CSglWGujhlC7qeaNcpEvSV5JY=
last-modified: Tue, 04 Apr 2023 05:37:48 GMT
server: cloudflare
etag: "1cd4c3fb58f32351dbf6959a38382611"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brBy2BFdEJjEotEZcQNLIimuQPsdenE%2FGzCVcM2NZHJ4RAoUCoI%2FKsyld%2FfoIvvnoo4bl3WrYXFFQ9QfVbAwCZqL5IPcNFbPdfFtJbWsNxkPtTcD7E1gIcuBe3geHm5ehtrJphnZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8852c9cc2b71604d-SIN

GET
H2 200 top-button.svg
www.genians.co.kr/hubfs/Assets_2022/ 1 KB
1 KB 61ms
59ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genians.co.kr/hubfs/Assets_2022/top-button.svg

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b1ccc8462830d8895b610d1f8c26c2463d5f09467c5d950329c0264bfb410f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-94689385335,FD-89624073500,P-22120960,FLS-ALL
age: 38210
x-amz-request-id: Z1FJFCCE0GGX766Z
x-amz-server-side-encryption: AES256
edge-cache-tag: F-94689385335,FD-89624073500,P-22120960,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"24cb0790a4960f2e026eb49681ac7742"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1670535475749
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 e93c671d969240be8a6839ba09d3b732.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: OWQp_Wn4u_X9IQ8KJDC1h0WpxiGvL85c
x-amz-cf-pop: TLV50-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-94689385335,FD-89624073500,P-22120960,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: jIhl/x2va7aBosfnTXG+TRSQxpWbo/xc9R511TWU22m5BBCoYh/yKUDUzxxp2Nd5Ez6boQUtGAk=
last-modified: Thu, 08 Dec 2022 21:37:56 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EVKUu2wNNeVhyqSIzNtAG3JxIQH9AVPhvcURfDnyfU5TKJSLDzt9aUKL0m2T2g6T8G4zmyPo0qPwXmmJ1%2FsW4ycmZeQiHT7IKtASyT0DUOZSqrbo01WVNf8ac2Tpd328hzhI"}],"group":"cf-nel","max_age":604800}
cf-ray: 8852c9cbf88f5f6f-SIN
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: FZebex0CB5N4F2ULmnMoZGh9rwAabWGwiQUgHN_kcr9HAIB7EbJr7A==

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.840/ 13 KB
6 KB 403ms
53ms Script
application/javascript 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.840/embed.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee5c21fba72db5037f82a272693e5db4bb73ab1059a340dcffc9bee28f670c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
x-amz-version-id: e_mEpsTIjne7IZWFj8MkYDmouI7jSgMC
via: 1.1 5230066306741527c1870ae028182b78.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: SIN2-C1
age: 569583
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 01 Apr 2024 16:01:41 GMT
server: cloudflare
etag: W/"3a4474324e070674ecd017b9d44b9c99"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ptLBIzcJlS2mVawhksSiqMJfm1VG3ABLXFOufulCAN5xrP%2Fr%2BZuVklQAKVx8T3iSj4CYS81ZVXghuzsMeQW4%2FsqGlSCLqoixf5voT4MAKyoQTQcPlxnrrO2MN8oXlaBQThWouArt0Lg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8852c9ce2a379d0e-SIN
x-amz-cf-id: Ct3wjP7dVT81yYiv9fs8Kie4IKmtURr_tmJnK6YJ3PZWNfHsHgEbcw==
expires: Sat, 17 May 2025 10:05:18 GMT

GET
H2 200 bootstrap.min.js Show response
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/80108915758/1659968495247/Genians_July2022/js/ 35 KB
10 KB 145ms
144ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/80108915758/1659968495247/Genians_July2022/js/bootstrap.min.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RJ7T1QZT392QMBV3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"046ba2b5f4cff7d2eaaa1af55caa9fd8"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1659968495247
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 d1cde188ada6755fe03b8541b71fce4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ElLUXJ4AfXrorxpJqahF6Sgvqe90_RLa
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 91eb930c-8487-436b-887d-e8c50a4863b3
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 170
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vKfjPkEHSv0mT/RNW4Ejv8/qW1rgLEtaXsKbGMy30xDUM9oHhPf5fyM3KHAo5Kv6LS+MLQpGFO4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 91eb930c-8487-436b-887d-e8c50a4863b3
last-modified: Mon, 08 Aug 2022 14:21:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvyV379BvQSLy1AqOe191jfRyknMNaAgWmHGky8aDrp9Y7qUZLVhEvPNdh%2BNjEXrT%2FOKV7FBcahpg1T1BXrTQy9JCQUTUgg1L7ncWPx5CPhkJBaTEdaqOMn9vsjxz%2BIUub8l"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
access-control-allow-credentials: false
cf-ray: 8852c9c9ee9d5f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: bWBktAyPK-P_bVeLxIib-USfwhLXF3evLcdpB0f1Y4VX_t7ukxKHEA==

GET
H2 200 wow.min.js Show response
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/80324726170/1659968490945/Genians_July2022/js/ 8 KB
4 KB 136ms
135ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/80324726170/1659968490945/Genians_July2022/js/wow.min.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

828a49558961d12d520f31a04957d50caab7af6ecb73c4b33c4d0527e7381159

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RJ7RKXSD6NBM0GPE
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"1e9116fe65d2344b4689a5eba2447462"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1659968490945
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 5c91d033409cd7607633594f94b09064.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: D79WfnjToYaEldbNI8hapf1.8gbNEX_7
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 8598dcb2-0f4a-4c9a-acea-32759e96d298
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 177
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IphzjxkF0RdkswB7Xy0FqQ9MB+lY0O8Xh4oP/hBFBy+SoBkU2sDsrR5qgyG4OyNZxGRtKqzQrT0=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 8598dcb2-0f4a-4c9a-acea-32759e96d298
last-modified: Mon, 08 Aug 2022 14:21:31 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwKy1%2BbiNtFEXg%2BYxBlYsk1W6NF8%2BzMCHk346rAh2eD212uiffp%2FXTuZblQzx9hYMt6PasX7qX0qyBtydVWrYauyJ%2Ff%2F3C1aVO64GH3cRIUMeZvdxiEmV2EUHdAe6wguQC1%2F"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8852c9cadfac5f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: XLlyf6cUYqWzwkti6R-aB3l-a1p8fjOnTqR45OtLugM9_FumaI4QxQ==

GET
H2 200 main.min.js Show response
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/79898463282/1659968488351/Genians_July2022/js/ 2 KB
2 KB 68ms
67ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/79898463282/1659968488351/Genians_July2022/js/main.min.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f1c37ed2c907787e9312f03082562a5609471564706765a41461a586699b727

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RJ7S36K7T0EMVC21
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"29cbd288ca1098a8fa60ad156c02ac7d"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1659968488741
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 af08bb104c29fffb75d24691c869c256.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: zB3H8r_uRR9B9R6iL.j_YRVI_qAsngzg
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: f6cbf205-b177-4507-9d0b-d5d91845e28b
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 176
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uc53XE0sKsZij2PvZ418Vc1Eza3WXZaPXbkJa3UBQ7fc/V05Tk0AfcZd0es1FHJf2CUeYolNHXU=
x-evy-trace-route-configuration: listener_https/all
x-request-id: f6cbf205-b177-4507-9d0b-d5d91845e28b
last-modified: Mon, 08 Aug 2022 14:21:29 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQV%2B76f%2B86OKYbzfmyhFY%2BQIQqBdumb2RiVNdH%2Bd8vGsEJ%2B95NRZ9swM60LNKHJCkBb1Sg7%2ByeC%2B0IQSVdSNuqSryZfXNbcwxTEL8Zwi85W8Ne%2FKuzZXxw5aLVI2mX%2F4qfL1"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8852c9cba85b5f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: i7k5Gw7pppbGEiob8j50CxsCoaabobiJ3fV-IF4onHArh3GFkqxTeQ==

GET
H2 200 module_91475314358_Header_Mod.min.js Show response
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/module_assets/91475314358/1678653426394/ 6 KB
3 KB 111ms
110ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/module_assets/91475314358/1678653426394/module_91475314358_Header_Mod.min.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad649608c26d49f53d7fa6e6a635dd3b862942f0e6688cd02f46fe3b6f05894b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RJ7RYM1568B0TGAJ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"cd0b4286964bee68e582c3082b85e2fd"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1678653426394
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 6b7e1e42d74fd61097787cc6c1a37c34.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: znt.NGFxY0wnlijXGrInvS0rI7vq3wRs
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 5593075b-a0dd-4fac-862d-e738e27b13bd
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 214
alt-svc: h3=":443"; ma=86400
x-amz-id-2: jgYBf9z9EJRAgyFkAxRxYJ6tNkqL0eA4WPmrUK6j3wph6jJOy8cbEW2HoGx6Nl5ZQwW4PssUvKMoMd6ynvtxgELW9KDJOP6eIAWA/1O9aj4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 5593075b-a0dd-4fac-862d-e738e27b13bd
last-modified: Sun, 12 Mar 2023 20:37:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNM4SXvL00UDjpA%2Fw4ocBmCAnP1Nem1JqjnntqCrwhMWah0kV5fBBSg%2BmgtOldpQi5bIsU%2Bl%2F2T%2BghuczthrJtjkGZSIlnZZzUrbAG%2FqBmbOmQunVIxJh4VbprOYnwL92xH4"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8852c9cbf88b5f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: w892s93nMI-o58mMDlgAhLTTwjxQvuLUvOGHUKAhv_kFxrz55JVlTA==

GET
H2 200 nice-select.min.js Show response
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/90770797734/1667810441669/Genians_July2022/js/ 97 KB
36 KB 87ms
83ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/90770797734/1667810441669/Genians_July2022/js/nice-select.min.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

89584e221540543008e88fecdff9657c65676e7c4931691768e816a9f3375ec5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RJ7V846M135DWB6T
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"dc2a73a6b5b0f845c1e62108475d8f5d"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1667810442629
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 7f7e359e1c06a914d3d305785359b84c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: uDq8MtvF2rLFrkysI2FXNl2TJmMXhFvE
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: bc0589e0-0232-4199-844c-45b9666fcce7
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 196
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 74w4xZNfTCuks/kRi27TvgsDT1D/9a68VFTgd0brHg+vXplKt/26WyUH0L7GtfEoIgikH2KT2TI=
x-evy-trace-route-configuration: listener_https/all
x-request-id: bc0589e0-0232-4199-844c-45b9666fcce7
last-modified: Mon, 07 Nov 2022 08:40:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxB3ZwQgoXJfOTeimQJevUkpiMhZ%2FRe9rkXEA%2ByJptNhLofo4fn35k6ggUAWOExcrlZ4uelecI6dlPWGdeiFbPzrFIX%2B1IrqbW3Nk8UpVQv1Na4oohd5aGjcET3PTxlXpWe7"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8852c9cbf88c5f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: HMDgl6gJuBJp5WQBozzLjU0RNABAOu-pErkGHB5CNSo5DCUgB8crcw==

GET
H2 200 module_90177302329_Footer_Mod.min.js Show response
www.genians.co.kr/hs-fs/hub/22120960/hub_generated/module_assets/90177302329/1688627794680/ 507 B
987 B 97ms
94ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/module_assets/90177302329/1688627794680/module_90177302329_Footer_Mod.min.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4e7f93227616e2e47d8e36c75921821f97d95dc3c6ad85414711508a703bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RJ7RQ8TVY0SQCWHB
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"e8d6f80d50d7a3f7cc9edf3a20ba6c4f"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1688627794680
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 5c91d033409cd7607633594f94b09064.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: XBtanVCkhpaDuGCAGg9.gL8EhDH7.zwi
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 0f79605b-d63e-46e8-a45b-ae572a6aab86
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 191
alt-svc: h3=":443"; ma=86400
x-amz-id-2: r1lI/y1JlNe0vLULEzfNEhie3zRgOW1w8bbTk8gHH88viz5CwKK7FflByUzhM9SjgIM0KU7SSoQ=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0f79605b-d63e-46e8-a45b-ae572a6aab86
last-modified: Thu, 06 Jul 2023 07:16:35 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DEfPherq8kqGyHT8Yz0k3jnazvJNF45rHhkBfLXTzYDFzgZOSzdf3avTSFeYJzHSzsY%2Fc9zdzuX5D7BphFBmtL16gEys5FIanGxNqsxJcrevspUyHuuQXXlCbG9mHepAFlfx"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
access-control-allow-credentials: false
cf-ray: 8852c9cbf88e5f6f-SIN
timing-allow-origin: www.genians.co.kr
x-amz-cf-id: 7rYvLRvTGdZHMFYb4dGoizpOnkZjIrI-dhP2bhW_VaiKTZNkwUjvew==

GET
H2 200 22120960.js Show response
www.genians.co.kr/hs/scriptloader/ 3 KB
1 KB 322ms
320ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs/scriptloader/22120960.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9451920be76fe934e924ff94523287cccbed1686cc2055ff0f4795a79727b163

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 80391972-8925-4660-aaf2-5738922b204e
content-encoding: br
x-envoy-upstream-service-time: 13
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 80391972-8925-4660-aaf2-5738922b204e
last-modified: Fri, 17 May 2024 08:37:31 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.genians.co.kr
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-fs4nl
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2urasQ4RC9vwP6UCKMRKDP0ACnWDbL%2Bw3FQCHLYGwvQMMRVQ8LqgdpdjcQGOPfXPU0mTonbQ4LQ5nCGAifj33a8PxoTZn1RnuUmp6l1Nk4PI%2FwM7zWV2R59BFS4gnL6%2BuJv4"}],"group":"cf-nel","max_age":604800}
cf-ray: 8852c9cbf8915f6f-SIN
expires: Fri, 17 May 2024 10:06:48 GMT

GET
H2 200 index.js Show response
www.genians.co.kr/hs/hsstatic/HubspotToolsMenu/static-1.321/js/ 12 KB
5 KB 67ms
66ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 6a453f38d14868702eadac9560675990.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 569563
x-amz-cf-pop: SIN2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 1rlxLpliQ7bEVIEMqiesE48_Sx9RmqkP
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Mar 2024 15:59:57 GMT
server: cloudflare
etag: W/"5885ac5129ee80f8b7e1e228e142587d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBDId3gaFubOr1XgP1kSc5OwWsBMvdNR8CfQmTkyTxGrn7fUyhl5mKlMqoqZ0JRPJaRwnKwcjLutIFvDgr%2FRGONCxhgNDsUTKX8JsllfAZ6TbaLj1uGLvaT9yOPJoVEmbotJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8852c9cbf8935f6f-SIN
x-amz-cf-id: aU4_PpB0ORpIqtI1gskwwWFCqa8KXp_L-ZGJWpQ7MAQdNrbGpc3pRw==
expires: Sat, 17 May 2025 10:05:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 357ms
17ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 May 2024 10:05:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=12, mss=1392, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: sFq3qpSYMT84kjsIw7Oc5FyAWFGAQgg+cABudsPG5I3rL1r3/cPTdCNtniglgyp8kvLOOoosW+SyWTRjgcdkUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 %EB%B0%B0%EA%B2%BD-%EB%9D%A0%EB%B0%B0%EB%84%88%20%285%29.webp
www.genians.co.kr/hubfs/ 34 KB
35 KB 59ms
58ms Image
image/webp 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genians.co.kr/hubfs/%EB%B0%B0%EA%B2%BD-%EB%9D%A0%EB%B0%B0%EB%84%88%20%285%29.webp

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d64ddb83b0420242c658aed3d81d2485a3a888ff01a696868b9f6397b799f87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-166735483995,P-22120960,FLS-ALL
age: 38209
x-amz-request-id: PZ12VCM5V07HD70S
x-amz-server-side-encryption: AES256
edge-cache-tag: F-166735483995,P-22120960,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
etag: "0cd574ac134a1504487d965c9e1e575a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1715127663036
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 50940f3eeb596eda1f7ea7b16cfd66f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Ln2dxNDoyfiGVMwiVrHAihH27YtuK2E1
x-amz-cf-pop: TLV50-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-166735483995,P-22120960,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 34658
x-amz-id-2: nIK6NXbC4pNnPBnIPcJy01lVaNIQXFuEPp+D4Z/j4EIxAZ4OJZ88aWp0KPwJkZY4RRByV3NcO0U=
last-modified: Wed, 08 May 2024 00:21:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kq7noNMF3V%2FGok%2FgPC2X41pYohyvehDien8xMpCUbtUp74V8n%2FSuPv4pyZTxodxWfKWhI9lgbXWsz%2FkH63geqAGuKoSKWgu5fUmG9dcrfvsVxry8lNwvMkQl8CcSC4zAxGnA"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8852c9cc58e95f6f-SIN
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: sCXIw2zFl7_4ctpC3P4DBMvFx-TeTvV7hnvJmtp2S7UwImiGfS1NmQ==

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.103.woff2
fonts.gstatic.com/s/notosanskr/v36/ 24 KB
24 KB 377ms
28ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.103.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

fb2e2a6c4daa34833f012f2c077c590373e5ff304e7592347f2a50d40a381e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 10:48:53 GMT
x-content-type-options: nosniff
age: 170185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24268
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:21:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 10:48:53 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.116.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 383ms
34ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

4274a8517ab6de432e5c268c7be4d3714e4ebf0195304fac838e0a554575afa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:13:48 GMT
x-content-type-options: nosniff
age: 183090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15968
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:37:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 07:13:48 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2
fonts.gstatic.com/s/notosanskr/v36/ 14 KB
14 KB 397ms
48ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

82d1b96059dc0b80248c1479fd57f467c051afd33cfdd4d1ae925dc2d5adad97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 10:47:15 GMT
x-content-type-options: nosniff
age: 170283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14328
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:22:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 10:47:15 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.118.woff2
fonts.gstatic.com/s/notosanskr/v36/ 14 KB
14 KB 384ms
35ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

4bcc4e96f1cf00230baefd446120c1e0d85d08335ffa8d07dd67da2535b93dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 10:47:15 GMT
x-content-type-options: nosniff
age: 170283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14504
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:19:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 10:47:15 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5CgmG0X7t.woff2
fonts.gstatic.com/s/notosanskr/v36/ 25 KB
25 KB 392ms
44ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5CgmG0X7t.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

6b46737ec17d04244eb04c2c164cf604b1d41e5176e524a536eefdda3de056a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 08:01:39 GMT
x-content-type-options: nosniff
age: 180219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25948
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:36:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 08:01:39 GMT

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 384ms
36ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A300italic%2C400italic%2C700italic%2C400%2C700%2C300&ver=5.8.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:30:55 GMT
x-content-type-options: nosniff
age: 182063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 07:30:55 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 395ms
47ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

90f48a71b4ff0b07308674b4a8d3f73faef08cf0529fe1311b2f2dc95824efae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 05:09:17 GMT
x-content-type-options: nosniff
age: 190561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16700
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:42:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 05:09:17 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.115.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 384ms
37ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

377b1cab84eff8ab7ae41600307bb1cae178f2dea582d2658133a628cb42b65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 06:08:24 GMT
x-content-type-options: nosniff
age: 187014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16140
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:21:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 06:08:24 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.113.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 398ms
51ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

a7d9347ee436bce21bc7e27c564113e3ab9f19fb39abce8fe57126481389a75a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 04:50:01 GMT
x-content-type-options: nosniff
age: 191717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16312
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:37:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 04:50:01 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.114.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 380ms
33ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

270d6a130b11f25f8d2423607674f4aa218b0f829b2df3a286d6a1b43c76af75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 08:32:08 GMT
x-content-type-options: nosniff
age: 178390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16072
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:37:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 08:32:08 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.111.woff2
fonts.gstatic.com/s/notosanskr/v36/ 17 KB
17 KB 386ms
40ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

897f11f7ee77a6709c521d1198f7c0e15afc426206da9a052092bb89aafc5592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 10:31:18 GMT
x-content-type-options: nosniff
age: 171240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17332
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:42:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 10:31:18 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.112.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 396ms
50ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

f456cdb0762281ddf6d92890b29fb72d953cf75ada51c5edc9e2003a2295172d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 10:31:32 GMT
x-content-type-options: nosniff
age: 171226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16336
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:42:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 10:31:32 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.107.woff2
fonts.gstatic.com/s/notosanskr/v36/ 18 KB
18 KB 388ms
43ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

d3132a0d9d745064386d9d8c938997e5bfffcc7b3e3e1d76c9ac24aa2e6d1e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 06:08:46 GMT
x-content-type-options: nosniff
age: 186992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18228
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:23:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 06:08:46 GMT

GET
H2 200 %EB%A1%9C%EA%B3%A0.svg
www.genians.co.kr/hubfs/ 5 KB
5 KB 56ms
55ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genians.co.kr/hubfs/%EB%A1%9C%EA%B3%A0.svg

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d909bb67cb3550a76118fc42780b69a80365ee3686ea1ab80b1f1de8b76ebf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-99965432636,P-22120960,FLS-ALL
age: 534378
x-amz-request-id: G8534T1MR4PHKF7F
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99965432636,P-22120960,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"a8292d635a88dc55927f3e11378e9c8d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674707165348
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 451146ac16b95679df1cbebbf8a889ba.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ywnaL2948sI_0QsoVGUd2rnzkMULfP4c
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-99965432636,P-22120960,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sPXDUjDan1NcnYNuktQXaT0/DwAYuWY1j7K+iepFjG/sPnY0OJHmePn0lq7ziqKwKzaGLHuKxeFtCGWjaDbmDDBqFEKOaJV8SpfYG9uNeZQ=
last-modified: Thu, 26 Jan 2023 04:26:06 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9%2Ff%2BOPuy5Rq7HFL2Q7k3SEP1XPqcjzItBjE8%2FsS%2Fkvf5jnNfTLuXtQg1O0GMqmi1j0Vs08WYrtMCx%2BoXP3DLN609Bf6kwf9wZl4xwrdXsisI6ZSTNp9gw6ngnZziJujWt0y"}],"group":"cf-nel","max_age":604800}
cf-ray: 8852c9cd29945f6f-SIN
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: VPp5-rXjH2p_rjYoiryM2ALXv_nAx4JsiI0MR59EecgdUEAx8L1EPw==

GET
H2 200 01-May-08-2024-04-14-28-0692-AM.png
www.genians.co.kr/hs-fs/hubfs/ 130 KB
131 KB 52ms
51ms Image
image/webp 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genians.co.kr/hs-fs/hubfs/01-May-08-2024-04-14-28-0692-AM.png?width=2472&height=1460&name=01-May-08-2024-04-14-28-0692-AM.png

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d34b0c7c6e17e244f63c948e81cedad01623c0ec5ac941722af8b2198d3851

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 c8c3180933886633be93f042334d6e12.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-166741045853,P-22120960,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 133056
cf-resized: internal=ok/m q=0 n=625+234 c=0+0 v=2024.4.1 l=133056
last-modified: Wed, 08 May 2024 04:14:29 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfdTDCuEYqNHyFyTabTxxo6lGPPU401gMnb-ld1Fc3DQ:696fa032520fe5fdc419b98deed11b5e"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xSYrobXUo2TmaQK0dfYPJ2HXSdrbFoMy4aJ8y5bodkfAb74GdyRhg0sBZUUBDST91KgS8rqqQ9lHmsO4zacV%2Bsk7TMQCa6yIavtk2s%2Fxu57ZWZEHhH6QrVK0Z%2FClCK2T%2FBb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8852c9cd29955f6f-SIN
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H2 200 02-May-08-2024-04-14-37-9593-AM.png
www.genians.co.kr/hs-fs/hubfs/ 160 KB
161 KB 134ms
134ms Image
image/webp 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genians.co.kr/hs-fs/hubfs/02-May-08-2024-04-14-37-9593-AM.png?width=1350&height=654&name=02-May-08-2024-04-14-37-9593-AM.png

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12ed84dcce39a214dc326c095de32385ff4e7c32bafe027b2b61ecdcb3c7a96

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-166739673717,P-22120960,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 163444
cf-resized: internal=ok/m q=0 n=690+288 c=0+0 v=2024.4.1 l=163444
last-modified: Wed, 08 May 2024 04:14:39 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfQWVREH72og8QvugNw0G412ti40C_xcVXHQBQ5LUgDQ:5d0910716696e8b070f29d149fc4588c"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7Rwy6KRtR7GIXqe6ldIlctD4v8HVSTeXsXTPGsI%2BMgDEScTek6IRGlwfIOxT9IS2LFYvt8Jqnhq5Sz50gASugSPy8xtujkywazapyMzNysmEF7yj8Uo0PUMHT7hGB9lV1tB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8852c9cd29965f6f-SIN
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H2 200 FontAwesome5Brands-Regular.woff2
22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/raw_assets/public/Genians_July2022/fonts/ 74 KB
75 KB 701ms
321ms Font
application/font-woff2 172.64.146.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/raw_assets/public/Genians_July2022/fonts/FontAwesome5Brands-Regular.woff2
Requested by: Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/79898702603/1710135903860/Genians_July2022/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.132 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980c50844e3159514aff19388aba2d4cb1f4e55c4483454666d1d2220dccbe78

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-79901403259,FD-79900189586,P-22120960,FLS-ALL
age: 534748
x-amz-request-id: 6SBATVE8M383DCQ4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-79901403259,FD-79900189586,P-22120960,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "f00626944d387e310db3090ba23b0f7d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1658465860254
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:19 GMT
via: 1.1 07c8a21e4ac1622767bf9030500ce6b0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: R.W8W_jRq1wQo7RfF69.WaFTYaJt0ngY
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-79901403259,FD-79900189586,P-22120960,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 75920
x-amz-id-2: 85wj+tygnmAwXlnkn2PRIOoVb64jkj5df+jYytjdQ2wctiIl9x1CrB1QgOYG6z8iZrGhmYpkaUw=
last-modified: Fri, 22 Jul 2022 04:57:41 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8852c9cfea76819c-SIN
timing-allow-origin: 22120960.fs1.hubspotusercontent-na1.net
x-amz-cf-id: iiCWaX3CNEwTNLowHECbBRpO8WSvyz37-jhuWLXNi8rTaA6Ph_0tiA==

GET
H2 200 FontAwesome5Free-Solid.woff2
22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/raw_assets/public/Genians_July2022/fonts/ 76 KB
77 KB 688ms
309ms Font
application/font-woff2 172.64.146.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/raw_assets/public/Genians_July2022/fonts/FontAwesome5Free-Solid.woff2
Requested by: Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/template_assets/79898702603/1710135903860/Genians_July2022/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.132 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0248654794364bbb3b6f0a28142f22097bb1aab1f3de68bf8a0f6d5068e90c17

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-79901831846,FD-79900189586,P-22120960,FLS-ALL
age: 534748
x-amz-request-id: HKWTQG9AVBJBEYQ3
x-amz-server-side-encryption: AES256
edge-cache-tag: F-79901831846,FD-79900189586,P-22120960,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "86c08f5a2e679c6a62b8c4a521a52222"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1658466256664
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:19 GMT
via: 1.1 9112f917b5d446937bb37b520eab286c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: pCjcauXbhJYUjISWW4ob5ZsYxcEUCtBF
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-79901831846,FD-79900189586,P-22120960,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 77896
x-amz-id-2: onETA8OYT8fK994Mj75iCaFr7Ozd6VK7Z1tLqIuGNVeUtQl3JByysKy4NXozX/t2GK0zx5XgVkY=
last-modified: Fri, 22 Jul 2022 05:04:17 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8852c9cfea75819c-SIN
timing-allow-origin: 22120960.fs1.hubspotusercontent-na1.net
x-amz-cf-id: _PuTOPOCyw28LOB1y4-LMsd_cCafOGC9x3Kf8MzbOGWpYV48DT11bw==

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.109.woff2
fonts.gstatic.com/s/notosanskr/v36/ 18 KB
18 KB 340ms
39ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900%2C100i%2C300i%2C400i%2C500i%2C700i%2C900i&display=swap&ver=2.5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

a6bb2c230f4eef5cf697e4eb7c758ecc0fe986e0f26ffa1b1e9d0b353fa3766a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 06:08:46 GMT
x-content-type-options: nosniff
age: 186992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17932
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:37:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 06:08:46 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 615ms
266ms Script
application/javascript 104.16.109.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs/scriptloader/22120960.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.109.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
x-amz-version-id: WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
via: 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: cf98b2a4-8188-43ac-b3a9-44e62afc92d4
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8852c9d018273f81-SIN
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cf98b2a4-8188-43ac-b3a9-44e62afc92d4
last-modified: Wed, 15 May 2024 14:34:44 UTC
server: cloudflare
etag: W/"7d377a186677c174f204d466b8fa5fdb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rl62l
cf-ray: 8852c9d018273f81-SIN
x-amz-cf-id: oYAJ8poFtYOj2UQnpob5HWK0uPa2Vwmpo_sXMSyzrCJiMukzv5qSzw==
x-hs-target-asset: collected-forms-embed-js/static-1.503/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/22120960/ 71 KB
23 KB 1159ms
811ms Script
text/javascript 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/22120960/banner.js
Requested by: Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs/scriptloader/22120960.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e4fd73c11565b418bc291dfd7ad145ac3f0c59a485662af13c154e6f51e8dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
x-amz-version-id: C_5aLzC5ZqMXrFowCjLVo6LRHxF.ge8F
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: NGGXQ714XXW7V60C
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: d980c71c-9c20-4f44-bfbc-403283875e68
x-envoy-upstream-service-time: 75
x-amz-id-2: VGz2rwGzM6qkO7Tfrem8lj5A7aWL/L7IOocGKUTm0FP1Qu42Y1V6c5bvGib2BIC4tEwwAWi+1pQ=
x-evy-trace-listener: listener_https
x-request-id: d980c71c-9c20-4f44-bfbc-403283875e68
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 16:26:31 GMT
server: cloudflare
etag: W/"1f453ad4a637f44b9f1d20dbb6f05b6f"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.genians.co.kr
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8852c9d0190e8bd0-SIN
expires: Fri, 17 May 2024 10:10:19 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
25 KB 694ms
342ms Script
application/javascript 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs/scriptloader/22120960.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6683ec2fb825072bc67ba2b4831425951dc365245d5334ca6f2150f50e1590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1122/bundles/project.js&cfRay=8852c9d02b63a8f4-SIN
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"fa60ef0d372e46facb8180b2d901ba81"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1122/bundles/project.js
date: Fri, 17 May 2024 10:05:19 GMT
x-amz-version-id: TKnbzs9HpFoaV4UGBsfs5UANej3HQBO9
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 6385c607-8780-482a-8506-7e292ddb12f0
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6385c607-8780-482a-8506-7e292ddb12f0
last-modified: Tue, 14 May 2024 11:26:52 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gumfdfnH7REtE1hR6U%2Foq2i%2FIfN0Mg0YM%2F9teOARE1VEkeo9lVZ0wdj6nXigr2sIl7CUPJkn9dhw60txN4QJZGEqQUDZtXgot8WMgRgGtaD84YEBnKVf8e7W5%2BPK%2FsNS"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-wlmbb
cf-ray: 8852c9d02b63a8f4-SIN
x-amz-cf-id: pfQ9DlxKi28aRN0jqO-ZVd_Z7qOaQF3jpxF02KOw3OsYwfU23vQNmA==

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 381ms
25ms Script
application/javascript 104.18.140.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs/scriptloader/22120960.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.140.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb5dc6835aeb8a8e1615ca49df1828cfaf708dc73651c5f1c651f2d2ab3907a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
age: 54040
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1338/bundle/main/lead-flows-release.js&cfRay=884da27778ae5e3e-SIN
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"d252299cef5b9176cf0435e72e0baeeb"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1338/bundle/main/lead-flows-release.js
date: Fri, 17 May 2024 10:05:18 GMT
x-amz-version-id: FzXUOelq5PzvbDhLOc3Au0ThiCBuXHAc
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 342d704b-2da2-44d1-9347-74b57c199d8c
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 45
x-evy-trace-route-configuration: listener_https/all
x-request-id: 342d704b-2da2-44d1-9347-74b57c199d8c
last-modified: Wed, 03 Apr 2024 09:27:53 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-lw8xd
cf-ray: 8852c9d02fcd3e1e-SIN
x-amz-cf-id: WUEHVNcZ57EmJPoOUSUs2Nmt3p586Ks0EexASjNSDPb4-GXhEmfsXg==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 376ms
25ms Script
application/javascript 104.17.223.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs/scriptloader/22120960.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.223.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef61f745ab49ef3bbdb192b7f791f9d645caa5f89817f099470397b13e742ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
x-amz-version-id: mFY3j4a3uPqa1nxwSjuH9WwSOlmw5rRi
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 506
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.557/bundles/pixels-release.js&cfRay=8852bd7141984679-SIN
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 5efb705d-0dee-46da-8577-10a70f7109ea
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 7
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5efb705d-0dee-46da-8577-10a70f7109ea
last-modified: Mon, 13 May 2024 14:08:11 UTC
server: cloudflare
etag: W/"c43db96a42a0426e882c9ce0209630a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-sc4vs
cf-ray: 8852c9d02d8f4a1d-SIN
x-amz-cf-id: cHQQ0zQLU37kscEd38DzdTf5HQvpcWARM5OKNC-GXfAzAEvR3Zbn6A==
x-hs-target-asset: adsscriptloaderstatic/static-1.557/bundles/pixels-release.js

GET
H2 200 22120960.js Show response
js.hs-analytics.net/analytics/1715940300000/ 67 KB
21 KB 667ms
318ms Script
text/javascript 104.17.175.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1715940300000/22120960.js
Requested by: Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs/scriptloader/22120960.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.175.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a0a199cdce22f15b9d583c19b685fc371f8eed6138439d79c51504600adfc2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: YK56XYPQZ7PAD2X5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: aa87e2b6-60cf-4c1b-bdaa-932751592e14
x-envoy-upstream-service-time: 27
x-amz-id-2: t8x4QIEiPbxmRpNaXZLIFxVBe4fLV7FQl5kjz2Enp8JfW+SnCDZH/zZmPIccywBESNWh5ldxu3M=
x-evy-trace-listener: listener_https
x-request-id: aa87e2b6-60cf-4c1b-bdaa-932751592e14
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 24 Apr 2024 18:47:50 GMT
server: cloudflare
etag: W/"9de8e3ea571c0ca72ac56f2cea261f51"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8852c9d05dc09e4a-SIN
expires: Fri, 17 May 2024 10:10:18 GMT

GET
H2 200 939333007162424 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 245ms
242ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/939333007162424?v=2.9.156&r=stable&domain=www.genians.co.kr&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

0dd1be9e11aeea4a2399c1bdad0daa0f19f03220df3aaf8637ccf3c69908e349

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 May 2024 10:05:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=61, mss=1392, tbw=63363, tp=-1, tpl=-1, uplat=212, ullat=0
pragma: public
x-fb-debug: ubkgHiZaQEdQOWzF+yJK5hNPSFpIZLFbPYtRcDsHYvyTRGYlvzbyzbUMOc109GYorhB/zN0Yr36uyVBVZmVuaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 export Show response
app.convertful.com/api/widget/ 142 B
856 B 767ms
766ms XHR
application/json 172.67.70.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertful.com/api/widget/export?owner=61137&domain=www.genians.co.kr&subscriber_uid=null

Requested by

Host: app.convertful.com
URL: https://app.convertful.com/Convertful.js?owner=61137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.112 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.28

Resource Hash

9236f20b1a46c1c66a0e99f7ad6415dee87fc1db86e6b902fcd3e2680f302cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.28
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"5c88315d30734511d3afe2124d438c8734845c12"
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.genians.co.kr
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0CnfQmB88fN%2B3fCr2w4AWM0MBk8IyRoXixaka%2BlWIpEHpwwPDmOrdUlgHgpzO5WzOEv9bPCQHdwikTGp%2FFQ7QKt1Z5XiwFb8muD0bnYr0znGk01cffnR1nL5DReIBXwcs9CLxA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: ETag
cache-control: private, must-revalidate
access-control-allow-credentials: true
cf-ray: 8852c9ce5b1b9c74-SIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, ETag, If-None-Match, Cache-Control

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 366ms
30ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: cdn.popt.in
URL: https://cdn.popt.in/pixel.js?id=fe412cec37a66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 579230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27964
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8GTeQLsVjMItxlkTLLBSvrwXhgyYUtf32W%2B0eXt0QYZU0EROHwBUQxK0uFfPdn%2FEerlBuYIPzyabKkAJ1W7lSqNCm8xWS19hfx8CjzONR8rxsrTgFZQ6xeIp4N%2B6jiWHUca9Ydaw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8852c9d0afca5f64-SIN
expires: Wed, 07 May 2025 10:05:18 GMT

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
652 B 359ms
352ms XHR
text/plain 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=22120960

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: fd126b2c-2f15-46a6-bb5a-dd8a9cabd8eb
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8852c9cedf4e604d&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: fd126b2c-2f15-46a6-bb5a-dd8a9cabd8eb
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin: https://www.genians.co.kr
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-ddwd7
cache-control: max-age=0
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8852c9cedf4e604d-SIN

GET
H2 200 ch-plugin-web.js Show response
cdn.channel.io/plugin/ 2 KB
1 KB 77ms
20ms Script
text/javascript 13.33.88.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.channel.io/plugin/ch-plugin-web.js
Requested by: Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-78.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a407054bd5f0a1dc6df703826af349d50acdde0ff2c10d5b6add722ba8b779dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 09:33:37 GMT
content-encoding: br
via: 1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 08:33:31 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 1902
x-amz-server-side-encryption: AES256
etag: W/"0504a336a97ecfde6b8c05ce56ef84a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600,public
x-amz-cf-id: su0STebrbsXlqW7cqbijk4dS1Lggae_prExLmzBKdFeYrgCNzE_HEg==

GET
H2 200 arrow-down.svg
22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/Assets_2022/ 160 B
740 B 648ms
310ms Image
image/svg+xml 172.64.146.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/Assets_2022/arrow-down.svg
Requested by: Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs-fs/hub/22120960/hub_generated/module_assets/90177302329/1688627795365/module_90177302329_Footer_Mod.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.132 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 881cb6ba2493ebaf3da1e21b9f128ec38203214dbafdf3a5b58d8b97db6e031d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-90771948057,FD-89624073500,P-22120960,FLS-ALL
x-amz-request-id: BW3WXRM2N2SV3717
x-amz-server-side-encryption: AES256
edge-cache-tag: F-90771948057,FD-89624073500,P-22120960,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"31b84ea6b7dda322aa8e0046261cba42"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1667810875077
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:19 GMT
via: 1.1 914dbe74ea96bd4eab279d4e05aee014.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 4pnl6n2DWfuCIjR5hCABQ3xNDDsuWYhh
x-amz-cf-pop: TLV50-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-90771948057,FD-89624073500,P-22120960,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: p058iDnb926Czvx32JtRmjky8ZbE8KufFpKHAUkOjfSsPr0kYrzntwQDAhmeRe0RfYtIXAXtnug=
last-modified: Mon, 07 Nov 2022 08:47:56 GMT
server: cloudflare
cf-ray: 8852c9d0ddf29c69-SIN
timing-allow-origin: 22120960.fs1.hubspotusercontent-na1.net
x-amz-cf-id: s_v6o8BrPyl6SoZ6TYihMGrBjyyMYFThJTQ_lWokqm3vH8QLS75U5g==

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 6 KB
2 KB 362ms
355ms XHR
application/json 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&pageId=166722337865&pid=22120960&sv=cta-embed-js-static-1.292&rdy=1&cos=1&df=t&pg=171685cc-9b9c-403c-9d26-fe85cdedf487&pg=e223f582-cb41-426f-8322-1305288cd3ea

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11de9f2f18aa06705fc1b20caf704567cb86fea3c3f73210a00411fe0df3de36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Fri, 17 May 2024 10:05:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 71cc30b3-a749-4e39-a093-ee92145e5315
content-encoding: br
x-envoy-upstream-service-time: 64
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 71cc30b3-a749-4e39-a093-ee92145e5315
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.genians.co.kr
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-jbmqh
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JLFxg7R1s6utPV6h2flTYfGIB4KNkdcX3ISOK8cJ%2FScXi5C9pnKqQzqYsBUHlkVSbkNQ62HIX4xZc5FG%2BAZykdAzt%2FAw9mWFjzyQyKL5o%2FCzHsassUaL1%2FxdkjO2piu1z3icZw1pu5xeHpC2sP8%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8852c9cedf51604d-SIN

GET
H2 200 ch-plugin-core.4808bef7.vendor.js Show response
cdn.channel.io/plugin/ Frame E738 398 KB
121 KB 56ms
56ms Script
text/javascript 13.33.88.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.channel.io/plugin/ch-plugin-core.4808bef7.vendor.js
Requested by: Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-78.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ed6b47ea21af5e751f6702b03da104978777add0fd75df4e4cedb1b015334da

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 08:33:37 GMT
content-encoding: br
via: 1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 08:33:08 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 5502
etag: W/"6e54de799cd4ef1c250d8336f0331d99"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3acNjoiNNhIY2Udgz9rEaMrNa801hXr08q1UiEyPRtFjbyUCivnatA==

GET
H2 200 ch-plugin-core-20240517173153.js Show response
cdn.channel.io/plugin/ Frame E738 430 KB
102 KB 69ms
69ms Script
text/javascript 13.33.88.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.channel.io/plugin/ch-plugin-core-20240517173153.js
Requested by: Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-78.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0ffe4bd782cb5d84d9f56cd9040878e2130ef9e3bf89a539c21a5e762f9c32d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 08:33:37 GMT
content-encoding: br
via: 1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 08:33:06 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 5502
etag: W/"24e9666a2bba89943d46909538e4c266"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: tSO5ffQVPppQihjgGs4ZTo53d2G4PmNOpJofgiDLt9nPc6r9K3gVbw==

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 364ms
18ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=939333007162424&ev=PageView&dl=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&rl=&if=false&ts=1715940318851&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.2.1715940318848.1649494089&cs_est=true&ler=empty&cdl=API_unavailable&it=1715940318438&coo=false&rqm=GET

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=10, mss=1392, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 May 2024 10:05:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 b05367f6be924bb49e15838987b99ce6.min.js Show response
js.sentry-cdn.com/ Frame E738 3 KB
2 KB 351ms
14ms Script
text/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/b05367f6be924bb49e15838987b99ce6.min.js

Requested by

Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-core-20240517173153.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f358b276808b1949c6adeadb05f680d29656c6a8af1e67784d98fe4684c71a33

Security Headers

Name	Value
Content-Security-Policy	font-src * data:; frame-ancestors 'self' .sentry.io; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; object-src 'none'; default-src 'none'; style-src 'unsafe-inline'; media-src ; worker-src blob:; base-uri 'none'; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; img-src blob: data:; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=b5fa6ab22c5515f45855ddf51aad64b6aa188587
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: font-src * data:; frame-ancestors 'self' *.sentry.io; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; object-src 'none'; default-src 'none'; style-src * 'unsafe-inline'; media-src *; worker-src blob:; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; img-src * blob: data:; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=b5fa6ab22c5515f45855ddf51aad64b6aa188587
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 May 2024 10:05:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 40
x-envoy-upstream-service-time: 33
content-length: 1263
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-89f77cc67-25wwl, cache-chi-klot8100052-CHI, cache-qpg1271-QPG
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cta-loaded.js Show response
www.genians.co.kr/hs/cta/ctas/v2/public/cs/ 0
733 B 295ms
295ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=22120960&pg=171685cc-9b9c-403c-9d26-fe85cdedf487&lt=1715940318115&dt=1715940318117&at=1715940318991&an=1

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Fri, 17 May 2024 10:05:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: da955526-6079-4db2-a5aa-5f94f2e1fe71
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: da955526-6079-4db2-a5aa-5f94f2e1fe71
last-modified: Fri, 17 May 2024 10:05:19 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRSM0w%2FWRupIip0lclMbvkux2kgpIq6xOAP1arV7AUCbPYdbzkC5u46qZcwhvZ1jb%2FceEitizwEpUwhRrBZr9Jg4ymzKY29r6oFLxwMaXkS0k4E%2BASd2mQhTL8Be1K%2BRyN%2Bx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-fnshr
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8852c9d1cd985f6f-SIN
x-robots-tag: noindex, follow

GET
H2 200 cta-loaded.js Show response
www.genians.co.kr/hs/cta/ctas/v2/public/cs/ 0
816 B 292ms
290ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=22120960&pg=e223f582-cb41-426f-8322-1305288cd3ea&lt=1715940318259&dt=1715940318260&at=1715940318993&an=1

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Fri, 17 May 2024 10:05:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 87be4019-f358-4069-9ae8-8d095f6c0d1b
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 87be4019-f358-4069-9ae8-8d095f6c0d1b
last-modified: Fri, 17 May 2024 10:05:19 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1frt%2BIQYTOaU%2BIbeqVtTgEJkUUTaCAYuI4k4nCY6FSqTplaEVayfv7Qs9FPHZY5Y0yX71CpzCtYTAexeLeLJk%2F8Hcsbgc1E8oDtB3RqSzzwaOJr0VqI3%2FEl9rvH%2Bbub1wSRB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-9ls2q
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8852c9d1cd9b5f6f-SIN
x-robots-tag: noindex, follow

GET
H/1.1 200
OK counters.gif
perf.hsforms.com/embed/v3/ 35 B
1 KB 624ms
277ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 10:05:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: bbb12009-42c6-44f3-b41e-c483f4728793
x-envoy-upstream-service-time: 5
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bbb12009-42c6-44f3-b41e-c483f4728793
Last-Modified: Fri, 17 May 2024 10:05:19 GMT
Server: cloudflare
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rbtjd
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 8852c9d3faeb449f-SIN

GET
H2 200 5d2922a3-7a9f-4546-9b6d-b3b79d62f084.png
22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/hub_generated/resized/ 2 KB
3 KB 51ms
50ms Image
image/webp 172.64.146.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/hub_generated/resized/5d2922a3-7a9f-4546-9b6d-b3b79d62f084.png
Requested by: Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.132 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa9d23aa52b83780406a22fb3f51b98d2b55dce7d399a52d4972cfc1cf62e394

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
via: 1.1 e06f1884e3b8f2d22eb184102aa03e4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: nkmAzm3FhaVbgIY5n8auNStAit5kQEcl
age: 574396
x-amz-cf-pop: LAX50-P3
cf-polished: origFmt=png, origSize=4502
x-amz-request-id: JAVM661SVRQ48SZH
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="5d2922a3-7a9f-4546-9b6d-b3b79d62f084.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
content-length: 2062
x-amz-id-2: zpgy9faW6VmpXGZvgU7rIkPb6TJeuJR4afcbZFry9EVC3+ygJY7yKJcrPUiclBlvSlew0iwf3sU=
last-modified: Tue, 04 Apr 2023 05:29:42 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "632df6e7c1d5297c049f20dfc92c5eb7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8852c9d1ceb89c69-SIN
timing-allow-origin: 22120960.fs1.hubspotusercontent-na1.net
x-amz-cf-id: TXLEw2QwcxZWCPvlNEv0jsQBSgTE8JF5akgdnlaDDHfYPV868lcP6w==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H/1.1 200
OK counters.gif
perf.hsforms.com/embed/v3/ 35 B
1 KB 616ms
270ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 10:05:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 42f03869-0eb5-41b8-a853-fad7d2f495d3
x-envoy-upstream-service-time: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 42f03869-0eb5-41b8-a853-fad7d2f495d3
Last-Modified: Fri, 17 May 2024 10:05:19 GMT
Server: cloudflare
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-fl6gb
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 8852c9d3fd41601c-SIN

GET
H2 200 cd5e5767-e0dd-48e9-9ac6-a02e66cc043c.png
22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/hub_generated/resized/ 2 KB
2 KB 56ms
54ms Image
image/webp 172.64.146.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/hub_generated/resized/cd5e5767-e0dd-48e9-9ac6-a02e66cc043c.png
Requested by: Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.132 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35969a28552ca202ff27576f6c6c772ff33554d65b2885544328ea889d6052f1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
via: 1.1 f86847f56467a24ee3617872b36786c8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: qvEMD7TEWskj.zkt_gqhJ0Q0qo1REwGN
age: 121370
x-amz-cf-pop: LAX50-P3
cf-polished: origFmt=png, origSize=4029
x-amz-request-id: JR7NTQE613QKGT4D
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="cd5e5767-e0dd-48e9-9ac6-a02e66cc043c.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
content-length: 1850
x-amz-id-2: B9S2SS5xRL2wHnp/HtGnsUUP2yBe9OH62MC7Tngd7dH4v0UfVO/o6FpUNt4a4XpDKBpQXKwPGFk=
last-modified: Tue, 04 Apr 2023 05:37:47 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "1cd4c3fb58f32351dbf6959a38382611"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8852c9d1cebc9c69-SIN
timing-allow-origin: 22120960.fs1.hubspotusercontent-na1.net
x-amz-cf-id: gWHx3sYhyhTWb5mXYW7OMkvuYt0XXGEIxf45QhGTbSbyARAEuZj7XQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 27ms
26ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100italic%2C100%2C300italic%2C300%2C400italic%2C400%2C500italic%2C500%2C700italic%2C700%2C900italic%2C900&ver=5.8.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.genians.co.kr
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 06:07:51 GMT
x-content-type-options: nosniff
age: 187048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 06:07:51 GMT

OPTIONS
H2 200 d93724b2-8be0-4cd4-adda-a9ee3cd1c0b5
api.channel.io/front/v6/elastic/plugins/ Frame 0
0 342ms
151ms Preflight 3.38.63.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.channel.io/front/v6/elastic/plugins/d93724b2-8be0-4cd4-adda-a9ee3cd1c0b5?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.38.63.222 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-63-222.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.genians.co.kr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin,content-type,accept,accept-language,x-access-key,x-access-secret,x-account,x-session,x-personal,x-cafe24-iam,x-shopify-iam,x-color-me-iam,x-iwchannel-iam,x-shopby-iam
access-control-allow-methods: OPTIONS,GET,PUT,POST,DELETE,HEAD,PATCH
access-control-allow-origin: https://www.genians.co.kr
access-control-max-age: 1800
content-length: 0
date: Fri, 17 May 2024 10:05:19 GMT
vary: Origin

GET
H2 200 d93724b2-8be0-4cd4-adda-a9ee3cd1c0b5 Show response
api.channel.io/front/v6/elastic/plugins/ Frame E738 1013 B
1 KB 185ms
185ms Fetch
application/json 3.38.63.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.channel.io/front/v6/elastic/plugins/d93724b2-8be0-4cd4-adda-a9ee3cd1c0b5?
Requested by: Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-core-20240517173153.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.38.63.222 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-63-222.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: be2ef9513f30e6326bd118d2edefa3eee03e3454eec3eb53f95d6bbf3769251b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: zh
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.genians.co.kr
access-control-expose-headers: Date,Content-Disposition,x-account,x-session
access-control-allow-credentials: true
content-length: 500

GET
H2 200 fe412cec37a66 Show response
display.popt.in/APIRequest/ 1 KB
4 KB 634ms
287ms XHR
application/json 172.67.69.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.popt.in/APIRequest/fe412cec37a66?domain=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&referrer=&previous_url=&cookies=%20poptin_old_user%3Dtrue%20poptin_user_id%3D0.m5ypazpoht%20poptin_previous_url%3D%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=%ED%8E%98%EC%9D%B4%EC%8A%A4%EB%B6%81%EA%B3%BC%20MS%EA%B4%80%EB%A6%AC%EC%BD%98%EC%86%94%EC%9D%84%20%ED%99%9C%EC%9A%A9%ED%95%9C%20Kimsuky%20APT%20%EA%B3%B5%EA%B2%A9%20%EB%B0%9C%EA%B2%AC&origin_landing_page=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c518a009cc76014db8cd70e53b4fb544cff9802fda04b7b6c42056af52b8aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://bc.popt.in https://.mybigcommerce.com https://.jumpseller.com https://.myshopline.com https://.myshopify.com https://*.grisynava.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
content-security-policy: frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LLp61ZFquVqYuCM4O%2ByHVIJLP1nQLsX9ItFkcZ1jKKh%2F2F44vWlCIP7sgfZ%2F5uIPN9FIRrrnf2L7qeazACEGxwJXpcDCQPBACGuA2GcA16PIB7yiLfU3pyI%2BoEwTdNipcbQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials: true
cf-ray: 8852c9d5aaa05cdd-SIN
access-control-allow-headers: Origin, Content-Type
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 134 B
474 B 277ms
270ms XHR
application/json 104.16.109.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=22120960&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.109.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24655d63648401169e7eb2efb286b2e8ea73ba1d3ef93b59937b8601db9c52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2f97ae68-c11a-40da-874a-741f1a5cf315
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2f97ae68-c11a-40da-874a-741f1a5cf315
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.genians.co.kr
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-lw8xd
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8852c9d38b663f81-SIN

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 433 B
1 KB 284ms
284ms Fetch
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=22120960&currentUrl=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&contentId=166722337865

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a2ea1838-55f2-4286-ac05-51c2d2326dd5
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a2ea1838-55f2-4286-ac05-51c2d2326dd5
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.genians.co.kr
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkZh94yNCq6fHDGpEpUV63FqB3gNp58ctCpBykevcvEov7FXIuFUi2Se6wkzyKCet%2BiA2EwuRBiCOT%2F3YiDZRAjN%2Bze98mgS%2F7LJOcgZHtZBjx9sYFp3%2BSL4lauIMLxZ8W6xQAtFrUjhyr6cIrM%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8852c9d39fb8a8f4-SIN
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-9ls2q

GET
H2 200 cf-location Show response
js.hs-banner.com/v2/ 2 B
145 B 383ms
37ms Fetch
text/plain 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/22120960/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58d9e33c417379bdf294f2e6907c186c529d7691e73867a82207314837701bea

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1500
cf-ray: 8852c9d76e3c499c-SIN
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 288 KB
101 KB 399ms
31ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2W7KLK

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

8be200964978a4e975a2168f9845fa3c7659d754b43fa10e17bea726722d10d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103026
x-xss-protection: 0
last-modified: Fri, 17 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 10:05:19 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 188 B
1 KB 681ms
309ms XHR
application/json 104.18.241.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=22120960

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.241.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e54f34cac3c5b256b0497d00f2102720987e18d1c90a23d1dfc243157aa7e79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3c7dd625-eae4-444b-baa1-764e70c72f12
content-encoding: br
x-envoy-upstream-service-time: 22
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3c7dd625-eae4-444b-baa1-764e70c72f12
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.genians.co.kr
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-tv82p
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4wlS18gXNHO6Eg2g%2FjyXLL003gAduNv6Nhl6Ry4TfGWZWZt8whGEzhYSNh9dCCEvmFgo5rEaQcmuQsHEzFR6uLGlPGcpZ1e4Y306sAUPpyS3GqAjM1uOZUGmG%2BCZV7d"}],"group":"cf-nel","max_age":604800}
cf-ray: 8852c9d79b1181cb-SIN
access-control-allow-headers: *

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 630ms
271ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 10:05:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 8e37ef5d-2c2a-4785-99d2-0c00206c65a2
x-envoy-upstream-service-time: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8e37ef5d-2c2a-4785-99d2-0c00206c65a2
Last-Modified: Fri, 17 May 2024 10:05:20 GMT
Server: cloudflare
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-qhrwc
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 8852c9d7a94e9c15-SIN

POST
H2 200 boot Show response
api.channel.io/front/v6/elastic/plugins/d93724b2-8be0-4cd4-adda-a9ee3cd1c0b5/ Frame E738 3 KB
2 KB 263ms
100ms Fetch
application/json 3.38.63.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.channel.io/front/v6/elastic/plugins/d93724b2-8be0-4cd4-adda-a9ee3cd1c0b5/boot
Requested by: Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-core-20240517173153.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.38.63.222 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-63-222.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: fae003b4fc33d5f42a87da9bd732b7b6cf0034a0a276f6b4038b3acd4202b6c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: zh
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:19 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.genians.co.kr
access-control-expose-headers: Date,Content-Disposition,x-account,x-session
access-control-allow-credentials: true
content-length: 1614

GET
H2 200 chatbot-button_120.png
cf.channel.io/pub-file/81231/63f5686d06bf66734124/ 9 KB
9 KB 170ms
15ms Image
binary/octet-stream 52.84.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.channel.io/pub-file/81231/63f5686d06bf66734124/chatbot-button_120.png
Requested by: Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.229.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-229-83.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19b82556de8762c916d3c4a099fc384b465440c97da11ed1fb4ff97a4f7cc2c8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:36:29 GMT
via: 1.1 a29e907d5a7ced98e0f8ec2a4ffc01b4.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 00:57:18 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 80932
x-amz-server-side-encryption: AES256
etag: "0dfff07d83dd2fe1d680a264b61d6669"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
content-disposition: attachment; filename="tmp-2917841787"
accept-ranges: bytes
content-length: 9045
x-amz-cf-id: BgSzdkBDV83Mieknw4pSiszzaaDxlrq458lzR3lTxR6m4LdkjPVBRw==

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 401ms
47ms Ping
image/gif 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p3p5&rnd=1519131580.1715940320&url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&dma_cps=-&dma=0&npa=1&gtm=45He45f0n81K2W7KLKv894175417za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2W7KLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 10:05:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
105 KB 36ms
35ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EE19W68R3B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2W7KLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

2a74f47d3396b80b0fb84fe73572784c739f48592ab9a5bee3921d444cb9d2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107411
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 May 2024 10:05:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 397ms
27ms Script
text/javascript 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2W7KLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 May 2024 08:08:28 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7012
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 17 May 2024 10:08:28 GMT

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5&rnd=1519131580.1715940320&url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&dma=0&npa=0&gtm=45He45f0n81...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5&rnd=1519131580.1715940320&url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&dma=0&npa=0&gt...

42 B
588 B

266ms
18ms

Ping
image/gif

74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5&rnd=1519131580.1715940320&url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&dma=0&npa=0&gtm=45He45f0n81K2W7KLKv894175417za200&auid=1508471037.1715940320

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 May 2024 10:05:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 May 2024 10:05:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5&rnd=1519131580.1715940320&url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&dma=0&npa=0&gtm=45He45f0n81K2W7KLKv894175417za200&auid=1508471037.1715940320
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 409ms
19ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-EE19W68R3B&gtm=45je45f0v869590874z8894175417za200&_p=1715940319551&_gaz=1&gcs=G111&gcd=13r3r3r3r5&npa=0&dma=0&gdid=dZTQ1Zm&cid=1031941682.1715940320&ul=zh-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715940320&sct=1&seg=0&dl=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&dt=%ED%8E%98%EC%9D%B4%EC%8A%A4%EB%B6%81%EA%B3%BC%20MS%EA%B4%80%EB%A6%AC%EC%BD%98%EC%86%94%EC%9D%84%20%ED%99%9C%EC%9A%A9%ED%95%9C%20Kimsuky%20APT%20%EA%B3%B5%EA%B2%A9%20%EB%B0%9C%EA%B2%AC&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3241
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EE19W68R3B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 10:05:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.genians.co.kr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 415ms
19ms Ping
text/plain 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EE19W68R3B&cid=1031941682.1715940320&gtm=45je45f0v869590874z8894175417za200&aip=1&dma=0&gcs=G111&gcd=13r3r3r3r5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EE19W68R3B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 10:05:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.genians.co.kr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 418ms
22ms Image
image/gif 142.251.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EE19W68R3B&cid=1031941682.1715940320&gtm=45je45f0v869590874z8894175417za200&aip=1&dma=0&gcs=G111&gcd=13r3r3r3r5&npa=0&frm=0&z=1681115963

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 10:05:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
89 KB 23ms
22ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-356648715

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

1e17ea3aff415a88f2ee6d415dffa9007af99d565de550c2f08ed07a72fd69ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91384
x-xss-protection: 0
last-modified: Fri, 17 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 10:05:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
89 KB 27ms
26ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-356648715&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2W7KLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

9089bae46160145b967d4f39c738418f9fa5975f429674ee4daf8163b29f070a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91421
x-xss-protection: 0
last-modified: Fri, 17 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 10:05:20 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/356648715/ 4 KB
2 KB 362ms
21ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/356648715/?random=1715940320297&cv=11&fst=1715940320297&bg=ffffff&guid=ON&async=1&gtm=45be45f0za200&gcd=13r3r3r3r5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&hn=www.googleadservices.com&frm=0&tiba=%ED%8E%98%EC%9D%B4%EC%8A%A4%EB%B6%81%EA%B3%BC%20MS%EA%B4%80%EB%A6%AC%EC%BD%98%EC%86%94%EC%9D%84%20%ED%99%9C%EC%9A%A9%ED%95%9C%20Kimsuky%20APT%20%EA%B3%B5%EA%B2%A9%20%EB%B0%9C%EA%B2%AC&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1508471037.1715940320&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-356648715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

b2a720c967e8f89828d3a2cf3c07be77677c931ade2bc96684fad7db01a5a882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 10:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1545
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 20ms
19ms XHR
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=532788155&t=pageview&_s=1&dl=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&ul=zh-sg&de=UTF-8&dt=%ED%8E%98%EC%9D%B4%EC%8A%A4%EB%B6%81%EA%B3%BC%20MS%EA%B4%80%EB%A6%AC%EC%BD%98%EC%86%94%EC%9D%84%20%ED%99%9C%EC%9A%A9%ED%95%9C%20Kimsuky%20APT%20%EA%B3%B5%EA%B2%A9%20%EB%B0%9C%EA%B2%AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GDAAEABAAAAACAAIk~&jid=2129006211&gjid=2070267724&cid=1031941682.1715940320&tid=UA-53075482-2&_gid=559927292.1715940320&_r=1&_slc=1&gtm=45He45f0n81K2W7KLKv894175417za200&gcs=G111&gcd=13r3r3r3r5&dma=0&gcu=1&sst.gcut=2&z=665311275

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 May 2024 10:05:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.genians.co.kr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 16ms
16ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=532788155&t=pageview&_s=1&dl=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&ul=zh-sg&de=UTF-8&dt=%ED%8E%98%EC%9D%B4%EC%8A%A4%EB%B6%81%EA%B3%BC%20MS%EA%B4%80%EB%A6%AC%EC%BD%98%EC%86%94%EC%9D%84%20%ED%99%9C%EC%9A%A9%ED%95%9C%20Kimsuky%20APT%20%EA%B3%B5%EA%B2%A9%20%EB%B0%9C%EA%B2%AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEAAAAABAAAAAAAAIk~&cid=1293629865.1715940320&tid=UA-53075482-2&_gid=264074612.1715940320&gtm=45He45f0n81K2W7KLKv894175417za200&gcs=G100&gcd=13p3p3p3p5&dma_cps=-&dma=0&npa=1&z=1132145428

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 14:03:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72117
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
api.channel.io/front/v6/channels/81231/ Frame E738 559 B
984 B 104ms
103ms Fetch
application/json 3.38.63.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.channel.io/front/v6/channels/81231/events
Requested by: Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-core-20240517173153.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.38.63.222 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-63-222.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: 4204dfc50963a65f171bd3573a19acdb4d8ba59b741a176b8799c81e3eace5f3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: zh
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:20 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.genians.co.kr
access-control-expose-headers: Date,Content-Disposition,x-account,x-session
access-control-allow-credentials: true
content-length: 419

GET
H2 200 /
www.google.com/pagead/1p-user-list/356648715/ 42 B
108 B 25ms
23ms Image
image/gif 142.251.175.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/356648715/?random=1715940320297&cv=11&fst=1715940000000&bg=ffffff&guid=ON&async=1&gtm=45be45f0za200&gcd=13r3r3r3r5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&hn=www.googleadservices.com&frm=0&tiba=%ED%8E%98%EC%9D%B4%EC%8A%A4%EB%B6%81%EA%B3%BC%20MS%EA%B4%80%EB%A6%AC%EC%BD%98%EC%86%94%EC%9D%84%20%ED%99%9C%EC%9A%A9%ED%95%9C%20Kimsuky%20APT%20%EA%B3%B5%EA%B2%A9%20%EB%B0%9C%EA%B2%AC&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1508471037.1715940320&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqxYfgC4zVHhnFejlcK9IIsVGvoALIAw&random=651980104&rmt_tld=0&ipr=y

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.103 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 10:05:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/356648715/ 42 B
154 B 22ms
21ms Image
image/gif 142.251.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/356648715/?random=1715940320297&cv=11&fst=1715940000000&bg=ffffff&guid=ON&async=1&gtm=45be45f0za200&gcd=13r3r3r3r5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&hn=www.googleadservices.com&frm=0&tiba=%ED%8E%98%EC%9D%B4%EC%8A%A4%EB%B6%81%EA%B3%BC%20MS%EA%B4%80%EB%A6%AC%EC%BD%98%EC%86%94%EC%9D%84%20%ED%99%9C%EC%9A%A9%ED%95%9C%20Kimsuky%20APT%20%EA%B3%B5%EA%B2%A9%20%EB%B0%9C%EA%B2%AC&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1508471037.1715940320&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqxYfgC4zVHhnFejlcK9IIsVGvoALIAw&random=651980104&rmt_tld=1&ipr=y

Requested by

Host: www.genians.co.kr
URL: https://www.genians.co.kr/blog/threat_intelligence/facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 10:05:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arrow-bottom%20(2).svg
22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/Assets_2022/ 229 B
986 B 37ms
35ms Image
image/svg+xml 172.64.146.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://22120960.fs1.hubspotusercontent-na1.net/hubfs/22120960/Assets_2022/arrow-bottom%20(2).svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.132 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa95983475c5978ac0014107c2ff7f6829a94e9e074132fa63c5f3a473ff9922

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-92568463468,FD-89624073500,P-22120960,FLS-ALL
age: 44390
x-amz-request-id: PFE93BP6J6DJSGT7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-92568463468,FD-89624073500,P-22120960,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"307db8384ce25a9e38ca43d3c0fdb1d7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669066184458
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:20 GMT
via: 1.1 c11768c6b1b5ff333d5fbf47fdd112fe.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Q4FHuz.epDqnJYekqPHVfV7DeUfpyi.L
x-amz-cf-pop: TLV50-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-92568463468,FD-89624073500,P-22120960,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: 1Rgrsm8isb1pI6MXeU+MS9M2q2BPpsasdOOINt/OsPzB2ZnA6nADHSGP2mpN29b8MaiAr2+eQ8IBnRX84ofE1zN74muy8YdHpX60ilZZ+IA=
last-modified: Mon, 21 Nov 2022 21:29:45 GMT
server: cloudflare
cf-ray: 8852c9dc9a3c9c69-SIN
timing-allow-origin: 22120960.fs1.hubspotusercontent-na1.net
x-amz-cf-id: 8vXNj2ZIU05W5fUrOALRZjb0-pUI7hSM8hFcOJ70A6dakr6WUVhIRQ==

GET
H2 200 443540904527933 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 228ms
228ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/443540904527933?v=2.9.156&r=stable&domain=www.genians.co.kr&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

d3cbc40cedac4907ff9798cf03997c527a7d0c1b7250c31bf139bc58d7c5b1da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 May 2024 10:05:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=75, mss=1392, tbw=77671, tp=-1, tpl=-1, uplat=213, ullat=0
pragma: public
x-fb-debug: DnbPzghBHzb9LGGIiL2Pqw/q1kfpv05yh44fATMcDiOEOkgTeBL3yHLMZkzZ7dVXCTPBMD41bGJtNgrqUW+NbQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
440 B 313ms
297ms Image
image/gif 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=zh-sg&bfp=1493791015&v=1.1&a=22120960&pi=166722337865&ct=blog-post&ccu=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&cpi=166722337865&cgi=160042930800&lpi=166722337865&lvi=166722337865&lvc=ko&pu=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&t=%ED%8E%98%EC%9D%B4%EC%8A%A4%EB%B6%81%EA%B3%BC+MS%EA%B4%80%EB%A6%AC%EC%BD%98%EC%86%94%EC%9D%84+%ED%99%9C%EC%9A%A9%ED%95%9C+Kimsuky+APT+%EA%B3%B5%EA%B2%A9+%EB%B0%9C%EA%B2%AC&cts=1715940320737&vi=11bbea874a223ddbbb685ea421b0d532&nc=true&u=85125318.11bbea874a223ddbbb685ea421b0d532.1715940320729.1715940320729.1715940320729.1&b=85125318.1.1715940320731&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e3c397e3-fed8-4731-899c-aef9d394ed02
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e3c397e3-fed8-4731-899c-aef9d394ed02
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3qGFN7jGcqilyAK1oxKILn4Z5oHJRVUlV9oScaShHAewlrH9EQJbkPkd%2B4Df9X2O19UYoE1anzyJyijaGM2smfr6FPwb6V2XSnOAqiB9%2FfsObyoqqQIY5FIx22y550Ds2Ns8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-v5zn2
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8852c9dcdbf6604d-SIN
x-robots-tag: none

GET
H/1.1 200
OK counters.gif
perf.hsforms.com/embed/v3/ 35 B
1 KB 281ms
272ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 10:05:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: fc127ead-98c9-458b-ae02-38436e00ba20
x-envoy-upstream-service-time: 3
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fc127ead-98c9-458b-ae02-38436e00ba20
Last-Modified: Fri, 17 May 2024 10:05:21 GMT
Server: cloudflare
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rcnzv
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 8852c9dccb46449f-SIN

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
533 B 310ms
296ms Image
image/gif 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22171685cc-9b9c-403c-9d26-fe85cdedf487%22%2C%22a7b062e5-779b-42b1-a6fd-caa07f004bdc%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=zh-sg&bfp=1493791015&v=1.1&a=22120960&pi=166722337865&ct=blog-post&ccu=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&cpi=166722337865&cgi=160042930800&lpi=166722337865&lvi=166722337865&lvc=ko&pu=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&t=%ED%8E%98%EC%9D%B4%EC%8A%A4%EB%B6%81%EA%B3%BC+MS%EA%B4%80%EB%A6%AC%EC%BD%98%EC%86%94%EC%9D%84+%ED%99%9C%EC%9A%A9%ED%95%9C+Kimsuky+APT+%EA%B3%B5%EA%B2%A9+%EB%B0%9C%EA%B2%AC&cts=1715940320742&vi=11bbea874a223ddbbb685ea421b0d532&nc=true&u=85125318.11bbea874a223ddbbb685ea421b0d532.1715940320729.1715940320729.1715940320729.1&b=85125318.1.1715940320731&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1e981fbb-55c8-46cc-b260-2186cf9c97ad
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1e981fbb-55c8-46cc-b260-2186cf9c97ad
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwHnFCCBOeYTxDsBOLh4%2B7RmFoTkQVOYnvlq%2Fg5tBDksM31DURF5tDKxAE5Bq47PG5qS8pwyJJ04SPZb8PxIyLqHvwCkmh%2BK%2Bzodd%2FvXHDnT6lij1V%2BYVQMAXcS7HNGzVHCf"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-qz296
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8852c9dcdbf7604d-SIN
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
546 B 794ms
780ms Image
image/gif 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22e223f582-cb41-426f-8322-1305288cd3ea%22%2C%22f059c695-73b6-4e9b-aa8c-e223ecd2dba0%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=zh-sg&bfp=1493791015&v=1.1&a=22120960&pi=166722337865&ct=blog-post&ccu=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&cpi=166722337865&cgi=160042930800&lpi=166722337865&lvi=166722337865&lvc=ko&pu=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&t=%ED%8E%98%EC%9D%B4%EC%8A%A4%EB%B6%81%EA%B3%BC+MS%EA%B4%80%EB%A6%AC%EC%BD%98%EC%86%94%EC%9D%84+%ED%99%9C%EC%9A%A9%ED%95%9C+Kimsuky+APT+%EA%B3%B5%EA%B2%A9+%EB%B0%9C%EA%B2%AC&cts=1715940320745&vi=11bbea874a223ddbbb685ea421b0d532&nc=true&u=85125318.11bbea874a223ddbbb685ea421b0d532.1715940320729.1715940320729.1715940320729.1&b=85125318.1.1715940320731&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1ae69a8e-b610-49d7-90f3-0227423d064f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1ae69a8e-b610-49d7-90f3-0227423d064f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LkM002O0n1GzX1fLDss2tvDUVgljQid9%2B0ntpccoKDJKhfLbI1p6CU5cRhGvXo23w7EO6AgAwiNgFzGxT3bGmIiwuMuvHXL0XJRl3uYCLlAVdy7bnpuhzZV%2FVW8T9wDs03to"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-d8gbc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8852c9dcdbf4604d-SIN
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 343ms
337ms XHR
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=22120960&utk=11bbea874a223ddbbb685ea421b0d532&__hstc=85125318.11bbea874a223ddbbb685ea421b0d532.1715940320729.1715940320729.1715940320729.1&__hssc=85125318.1.1715940320731&contentId=166722337865&currentUrl=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06858ff9d09152c9c198377a6927d0f74a3b371f7981d677698a9ba2f82a8dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 10:05:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4ff39199-a624-469c-ba33-8ea0b6965fb8
content-encoding: br
x-envoy-upstream-service-time: 26
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4ff39199-a624-469c-ba33-8ea0b6965fb8
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.genians.co.kr
x-evy-trace-virtual-host: all
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUS6vwpXLixDSIIRD%2Fgpq03sd8%2FkaanaHN1oOYKJMLH1wOhCo9pI1DJjOO8bS2wdk1eD2FB7gY%2BDnGK8kKEYyRrh4xCnAlEICSOmaCu571F2493npwY64HE6qnRX%2F6o%2BSLtJ"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8852c9dcef98a8f4-SIN

GET
H2 200 fav.ico
www.genians.co.kr/hubfs/ 4 KB
2 KB 55ms
55ms Other
image/vnd.microsoft.icon 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genians.co.kr/hubfs/fav.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a68897131bd92b061d63a3e79e7166827107c22c378593b11daf9b299a59e85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-99796790952,P-22120960,FLS-ALL
age: 523909
x-amz-request-id: TB20PVPB4WX64BYX
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99796790952,P-22120960,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"f98785ce6b641d9e98b8226b1feb352b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674620953489
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 17 May 2024 10:05:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 8eba96584a898f8a357fb6316ffd8f16.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: z69OVcLqnfr4YJikkZwSS.NHfyp2ewod
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-99796790952,P-22120960,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cwib6KvvldCnU7lI5zf9s4n+F9SZr4Q2NaBGlyIuiui1QB0rlG7oPz+mOeUOhouuIvv/xwtRwEU=
last-modified: Wed, 25 Jan 2023 04:29:14 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7n2NqehqNvSZEvy48%2BF4MgxkDhSfS2pNxmaoxAr5jTm%2BrMWT4m%2Fvq%2FRCmPiwixCZs5eJrY%2BWltCFJT9fk0ezKG0YH%2BbWrKhNnYbE2qbkdG8oB0Xj9SZP2EEw31clZxvSGFXg"}],"group":"cf-nel","max_age":604800}
cf-ray: 8852c9dcd9165f6f-SIN
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: se8RU23bBtK2dhFaYN5WjRCo9go3q_LJJHd9o_z2M9LTOekjFHSR-A==

GET
H2 200 /
www.facebook.com/tr/ 0
125 B 15ms
14ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=443540904527933&ev=PageView&dl=https%3A%2F%2Fwww.genians.co.kr%2Fblog%2Fthreat_intelligence%2Ffacebook&rl=&if=false&ts=1715940320984&sw=1600&sh=1200&ud[external_id]=11bbea874a223ddbbb685ea421b0d532&v=2.9.156&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.2.1715940318848.1649494089&cs_est=true&ler=empty&cdl=API_unavailable&it=1715940318438&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.genians.co.kr/blog/threat_intelligence/facebook
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=10, mss=1392, tbw=3132, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 May 2024 10:05:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.genians.co.kr/	1970-01-20 20:39:02	Name: __cf_bm Value: VV0gFFWV8Q5htUVwQ7sKu3H6rk1zncgE59GBXJkDbls-1715940317-1.0.1.1-STeRT6mpXKcIJyqMUbWiu423MxhjTg9UQOPyFiG3pz3l6JXiPhYIIe3sE9JxvtWPO0x.FGPIkEP9lQ3hBAyE7w
.www.genians.co.kr/	1969-12-31 23:59:59	Name: __cfruid Value: 3b2ce596c04fcc3169fd04df550403374e4fcb58-1715940317
www.genians.co.kr/	1970-01-21 06:15:00	Name: conv_person Value: {"$visitNum":1,"$fvDate":1715940318}
www.genians.co.kr/	1970-01-20 20:41:53	Name: poptin_old_user Value: true
www.genians.co.kr/	1970-01-21 05:24:36	Name: poptin_user_id Value: 0.m5ypazpoht
.hubspot.com/	1970-01-20 20:39:02	Name: __cf_bm Value: T1kqJ2s3BTKQlstzUFdauT1Juj.L9ZUjUdWtNHKrRr4-1715940318-1.0.1.1-lH_9yZ7gmo36o8DvZPZlU2PFdJNvMU.kKWzYKK.E5zswFqW6AmjyUsIQPPxvsLeT2be8vPzwUHdk.xMCOE6DYg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: rH8fvf8IAnxuAgzD4pACfaECDO6L8qesO23r53bPCc0-1715940318837-0.0.1.1-604800000
.genians.co.kr/	1970-01-20 22:48:36	Name: _fbp Value: fb.2.1715940318848.1649494089
www.genians.co.kr/	1970-01-20 20:39:00	Name: poptin_previous_url Value:
app.convertful.com/	1969-12-31 23:59:59	Name: session Value: ij4e3i0n47qg8nh8ngm7inr0f5
app.convertful.com/	1970-01-20 20:39:02	Name: site_56470_session_id Value: b8d5bcf6a10844dc00fe5bdf99d9d50de3018584~56470
www.genians.co.kr/	1970-01-21 06:15:00	Name: conv_session Value: {"start":1715940318,"shown":[],"startUrl":"https://www.genians.co.kr/blog/threat_intelligence/facebook","referrer":"","expires":1715942119,"isNew":true,"pageViews":1}
.channel.io/	1970-01-21 05:24:36	Name: x-veil-id Value: a2f6da4e-5091-45f4-b64e-2c3b1f961b1f
.genians.co.kr/	1970-01-21 05:24:36	Name: ch-veil-id Value: a2f6da4e-5091-45f4-b64e-2c3b1f961b1f
.genians.co.kr/	1970-01-20 20:39:02	Name: ch-session-81231 Value: eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzZXMiLCJrZXkiOiI4MTIzMS02NjQ3MmJkZmNhMzI0Y2MwOWI0YyIsImlhdCI6MTcxNTk0MDMxOSwiZXhwIjoxNzE4NTMyMzE5fQ.-XeQhSSrYZ3TNtZFFYUkrB7qE71bYpqPnLhNauZJ-UE
www.genians.co.kr/	1970-01-21 05:24:36	Name: poptin_user_ip Value: 222.164.32.45
www.genians.co.kr/	1970-01-21 05:24:36	Name: poptin_user_country_code Value: false
www.genians.co.kr/	1970-01-20 21:22:12	Name: poptin_session_account_ae642fe17c566 Value: true
www.genians.co.kr/	1970-01-20 20:39:02	Name: poptin_session Value: true
www.genians.co.kr/	1970-01-20 21:22:12	Name: poptin_c_visitor Value: true
.genians.co.kr/	1970-01-20 22:48:36	Name: _gcl_au Value: 1.1.1508471037.1715940320
.genians.co.kr/	1970-01-21 06:15:00	Name: _ga_EE19W68R3B Value: GS1.1.1715940320.1.0.1715940320.60.0.0
.hsforms.com/	1970-01-20 20:39:02	Name: __cf_bm Value: pvmD3NNeSJqRSxHKuoPbR6jAE8BDks1nDWBKvmOGhlI-1715940320-1.0.1.1-QHJI5l2uRJgZUcI5afQGQUBOso.HKQOsYQOnfh8dy4Oor7mmORlY3NnfLJ8LZL8..yX3tkDIz3CBFEhDCqjW3w
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: J16Oph8ItgA30n1kz0ysmxiPN_aVfdkQvULq8XH66yM-1715940320201-0.0.1.1-604800000
front-ws.channel.io/	1970-01-20 20:49:05	Name: AWSALBCORS Value: dyi5Kx0/CLnNGEsCn/bVn4pYlmB+Y1O1w4Usx5yywuddhU1oaF5pPqqyO3innH7vzpHexeGfYpJGC3PJuopW+qEPpOF3nKxHCLooNJmbbrbxzI2Y/FpLIAzTepHJ
.genians.co.kr/	1970-01-21 06:15:00	Name: _ga Value: GA1.3.1031941682.1715940320
.genians.co.kr/	1970-01-20 20:40:26	Name: _gid Value: GA1.3.559927292.1715940320
.genians.co.kr/	1970-01-20 20:39:00	Name: _gat_UA-53075482-2 Value: 1
api.channel.io/	1970-01-20 20:49:05	Name: AWSALBCORS Value: 2+xKN5CC1jOxRK7UMCf4Uyx46giSFJ2BGd7svtRe1mOSawarwQQoII6gTPy3ygNRQvUpR3pZV8PWOKSr4JojmpvqoLh8MfOTR4CVS2Py++tfr6gqcSyFXwLITyIj
.doubleclick.net/	1970-01-20 20:39:01	Name: test_cookie Value: CheckForPermission
.genians.co.kr/	1970-01-21 00:58:12	Name: __hstc Value: 85125318.11bbea874a223ddbbb685ea421b0d532.1715940320729.1715940320729.1715940320729.1
.genians.co.kr/	1970-01-21 00:58:12	Name: hubspotutk Value: 11bbea874a223ddbbb685ea421b0d532
.genians.co.kr/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.genians.co.kr/	1970-01-20 20:39:02	Name: __hssc Value: 85125318.1.1715940320731

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/939333007162424?v=2.9.156&r=stable&domain=www.genians.co.kr&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.genians.co.kr/blog/threat_intelligence/facebook Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22120960.fs1.hubspotusercontent-na1.net
ajax.googleapis.com
analytics.google.com
api.channel.io
api.hubapi.com
app.convertful.com
app.hubspot.com
cdn.channel.io
cdn.popt.in
cdnjs.cloudflare.com
cf.channel.io
connect.facebook.net
cta-service-cms2.hubspot.com
display.popt.in
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.hubspot.com
js.sentry-cdn.com
no-cache.hubspot.com
pagead2.googlesyndication.com
perf-na1.hsforms.com
perf.hsforms.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.genians.co.kr
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
104.16.109.254
104.16.117.116
104.16.118.116
104.17.175.201
104.17.176.91
104.17.223.152
104.17.24.14
104.18.140.17
104.18.241.108
104.18.80.204
104.19.175.188
13.33.88.78
142.250.4.95
142.251.175.103
142.251.175.94
151.101.2.217
157.240.235.1
157.240.235.35
172.253.118.155
172.64.146.132
172.64.153.27
172.67.69.47
172.67.70.112
199.60.103.31
216.239.32.181
216.239.34.178
3.38.63.222
52.84.229.83
64.233.170.94
74.125.130.97
74.125.200.157
74.125.24.155
74.125.24.95
018834bd8fbdf2624a8f08731aa7567c5239bf6a2b3a37285e52c2ba3d040df9
01d9e00a6f21b8d4273ced29fded683f1b64f000420677471e62da53c58274a6
0248654794364bbb3b6f0a28142f22097bb1aab1f3de68bf8a0f6d5068e90c17
06858ff9d09152c9c198377a6927d0f74a3b371f7981d677698a9ba2f82a8dbc
0dd1be9e11aeea4a2399c1bdad0daa0f19f03220df3aaf8637ccf3c69908e349
11de9f2f18aa06705fc1b20caf704567cb86fea3c3f73210a00411fe0df3de36
14e4e7f93227616e2e47d8e36c75921821f97d95dc3c6ad85414711508a703bc
19b82556de8762c916d3c4a099fc384b465440c97da11ed1fb4ff97a4f7cc2c8
1a181d606a65a1597ca293fb524850219f19b23f6bc7b89476614ddb15e8de49
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e17ea3aff415a88f2ee6d415dffa9007af99d565de550c2f08ed07a72fd69ff
270d6a130b11f25f8d2423607674f4aa218b0f829b2df3a286d6a1b43c76af75
275e255b6cc0db0a3fc78b2fe2f7fe4f69aaa8535d5303c42fcf83546deb8485
2a74f47d3396b80b0fb84fe73572784c739f48592ab9a5bee3921d444cb9d2b1
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2ed6b47ea21af5e751f6702b03da104978777add0fd75df4e4cedb1b015334da
30d34b0c7c6e17e244f63c948e81cedad01623c0ec5ac941722af8b2198d3851
3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3
35969a28552ca202ff27576f6c6c772ff33554d65b2885544328ea889d6052f1
36d909bb67cb3550a76118fc42780b69a80365ee3686ea1ab80b1f1de8b76ebf
377b1cab84eff8ab7ae41600307bb1cae178f2dea582d2658133a628cb42b65b
4204dfc50963a65f171bd3573a19acdb4d8ba59b741a176b8799c81e3eace5f3
4274a8517ab6de432e5c268c7be4d3714e4ebf0195304fac838e0a554575afa0
4bcc4e96f1cf00230baefd446120c1e0d85d08335ffa8d07dd67da2535b93dfb
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
58c518a009cc76014db8cd70e53b4fb544cff9802fda04b7b6c42056af52b8aa
58d9e33c417379bdf294f2e6907c186c529d7691e73867a82207314837701bea
5ba72404f10d3334dc22edc8768ce022912d0207178fe5b63d4c43cd655d5124
6291dfb4cb5c4c6d1d03ce9700fced21a16ae00efca8e8a290aca005c04b953c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b46737ec17d04244eb04c2c164cf604b1d41e5176e524a536eefdda3de056a5
6f1c37ed2c907787e9312f03082562a5609471564706765a41461a586699b727
7cc3c0cacc5eea5ed712a54d02440f3b86ff2dd1a0382a26133634ad5c2294c3
7d64ddb83b0420242c658aed3d81d2485a3a888ff01a696868b9f6397b799f87
828a49558961d12d520f31a04957d50caab7af6ecb73c4b33c4d0527e7381159
82d1b96059dc0b80248c1479fd57f467c051afd33cfdd4d1ae925dc2d5adad97
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86e4fd73c11565b418bc291dfd7ad145ac3f0c59a485662af13c154e6f51e8dc
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
881cb6ba2493ebaf3da1e21b9f128ec38203214dbafdf3a5b58d8b97db6e031d
89584e221540543008e88fecdff9657c65676e7c4931691768e816a9f3375ec5
897f11f7ee77a6709c521d1198f7c0e15afc426206da9a052092bb89aafc5592
8a68897131bd92b061d63a3e79e7166827107c22c378593b11daf9b299a59e85
8be200964978a4e975a2168f9845fa3c7659d754b43fa10e17bea726722d10d6
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
9089bae46160145b967d4f39c738418f9fa5975f429674ee4daf8163b29f070a
90f48a71b4ff0b07308674b4a8d3f73faef08cf0529fe1311b2f2dc95824efae
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
9236f20b1a46c1c66a0e99f7ad6415dee87fc1db86e6b902fcd3e2680f302cea
9451920be76fe934e924ff94523287cccbed1686cc2055ff0f4795a79727b163
972d3a6eab1ff85ee07fe022dbe9bac480a62447afa9c8407acbb4e9a0caa763
980c50844e3159514aff19388aba2d4cb1f4e55c4483454666d1d2220dccbe78
9859ed95c152f2cdffa8a84f55cc8c9986d7feb4fd7f64ccdfc7f6ea7e1453fd
99638cf918a36ae5912b6e521489ec6f3c8cb82e2e21e2f43941b86f8b223aa6
9b1ccc8462830d8895b610d1f8c26c2463d5f09467c5d950329c0264bfb410f3
9b879928082038ce615bf66e6f4839a9f81780498d3b5bdd6d0fefd4c624c2ac
9d9b0825f13f69bc7a5ed7d71e62719a24969e2a035f8ac596829e22e99d53af
9ee5c21fba72db5037f82a272693e5db4bb73ab1059a340dcffc9bee28f670c1
a407054bd5f0a1dc6df703826af349d50acdde0ff2c10d5b6add722ba8b779dc
a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941
a6bb2c230f4eef5cf697e4eb7c758ecc0fe986e0f26ffa1b1e9d0b353fa3766a
a7d9347ee436bce21bc7e27c564113e3ab9f19fb39abce8fe57126481389a75a
aa95983475c5978ac0014107c2ff7f6829a94e9e074132fa63c5f3a473ff9922
aa9d23aa52b83780406a22fb3f51b98d2b55dce7d399a52d4972cfc1cf62e394
ad649608c26d49f53d7fa6e6a635dd3b862942f0e6688cd02f46fe3b6f05894b
b24655d63648401169e7eb2efb286b2e8ea73ba1d3ef93b59937b8601db9c52e
b2a0a199cdce22f15b9d583c19b685fc371f8eed6138439d79c51504600adfc2
b2a720c967e8f89828d3a2cf3c07be77677c931ade2bc96684fad7db01a5a882
b2ad0d857acb011242b1e51998d1da1787755b13a939e52a9e33b03c6bf79d4f
b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66
b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1
be2ef9513f30e6326bd118d2edefa3eee03e3454eec3eb53f95d6bbf3769251b
c12ed84dcce39a214dc326c095de32385ff4e7c32bafe027b2b61ecdcb3c7a96
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
ce6346e4f1b1ce6aebfa9d5b120f69d7c3994dc604fc1868941df9ceb57eb8cf
cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972
cf6683ec2fb825072bc67ba2b4831425951dc365245d5334ca6f2150f50e1590
d0bdd14796daf75544de42d2b34b6ef0afb7fc042ef22a8eddb4119d0541ad9a
d3132a0d9d745064386d9d8c938997e5bfffcc7b3e3e1d76c9ac24aa2e6d1e83
d3cbc40cedac4907ff9798cf03997c527a7d0c1b7250c31bf139bc58d7c5b1da
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8f830abed231072b7a748232a5b58b93d25c997c5b9a26d9620b2985b43fc8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54f34cac3c5b256b0497d00f2102720987e18d1c90a23d1dfc243157aa7e79e
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ed626958a30b6f69d1f12c9cc733eaf8c41790c3b61073b7d91bfcba18d9c4ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef61f745ab49ef3bbdb192b7f791f9d645caa5f89817f099470397b13e742ea8
efb5dc6835aeb8a8e1615ca49df1828cfaf708dc73651c5f1c651f2d2ab3907a
efdac532a62c61456e138c7e3c5b2e56674b39b8f29c1396b4568f59380833ba
f0ffe4bd782cb5d84d9f56cd9040878e2130ef9e3bf89a539c21a5e762f9c32d
f358b276808b1949c6adeadb05f680d29656c6a8af1e67784d98fe4684c71a33
f35d41f9e3c6837803647e11b42a2d168503f619e03e2966fa4c424e34973108
f456cdb0762281ddf6d92890b29fb72d953cf75ada51c5edc9e2003a2295172d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52
fae003b4fc33d5f42a87da9bd732b7b6cf0034a0a276f6b4038b3acd4202b6c9
fb2e2a6c4daa34833f012f2c077c590373e5ff304e7592347f2a50d40a381e11
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

www.genians.co.kr Open in urlscan Pro 199.60.103.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

117 Requests

99 %HTTPS

0 %IPv6

26 Domains

39 Subdomains

33 IPs

4 Countries

2231 kBTransfer

5941 kBSize

34 Cookies

17 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.genians.co.kr Open in urlscan Pro
199.60.103.31 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

99 %
HTTPS

0 %
IPv6

26
Domains

39
Subdomains

33
IPs

4
Countries

2231 kB
Transfer

5941 kB
Size

34
Cookies

117 HTTP transactions
0 data transactions