Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60 viewport-width: 1920 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 Upgrade-Insecure-Requests: 1 Host: www.facebook.com

HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate X-Frame-Options: DENY X-XSS-Protection: 0 Strict-Transport-Security: max-age=15552000; preload content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Set-Cookie: fr=1oor1y6hx1N652OSm..Bgd255.Jj.AAA.0.0.Bgd255.AWV5DlVbsK8; expires=Tue, 13-Jul-2021 22:36:40 GMT; Max-Age=7775999; path=/; domain=.facebook.com; secure; httponly; SameSite=None Set-Cookie: sb=eW53YA9-EIP3LB-UeevweVO6; expires=Fri, 14-Apr-2023 22:36:41 GMT; Max-Age=63072000; path=/; domain=.facebook.com; secure; httponly; SameSite=None X-Content-Type-Options: nosniff Expires: Sat, 01 Jan 2000 00:00:00 GMT Vary: Accept-Encoding Pragma: no-cache x-fb-rlafr: 0 Content-Type: text/html; charset="utf-8" X-FB-Debug: njznuxunlnGfOchZL3M/Xfll4V7CEhO/jqcARGlc+gYs3EU8eiQ0FSbWv0kDMyUqQ6qhyeS1zuW/tYAi8DEzcA== Date: Wed, 14 Apr 2021 22:36:41 GMT Priority: u=3,i Transfer-Encoding: chunked Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 Connection: keep-alive

GET / HTTP/1.1 Connection: Keep-Alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60 viewport-width: 1920 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 Upgrade-Insecure-Requests: 1 Host: www.facebook.com

HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate X-Frame-Options: DENY X-XSS-Protection: 0 Strict-Transport-Security: max-age=15552000; preload content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Set-Cookie: fr=1JQ7IUDrZ60d2HbNj..Bgd25_.rL.AAA.0.0.Bgd25_.AWXkD7V_Bu8; expires=Tue, 13-Jul-2021 22:36:46 GMT; Max-Age=7775999; path=/; domain=.facebook.com; secure; httponly; SameSite=None Set-Cookie: sb=f253YIS4UUWvT69_ktQvcED2; expires=Fri, 14-Apr-2023 22:36:47 GMT; Max-Age=63072000; path=/; domain=.facebook.com; secure; httponly; SameSite=None X-Content-Type-Options: nosniff Expires: Sat, 01 Jan 2000 00:00:00 GMT Vary: Accept-Encoding Pragma: no-cache x-fb-rlafr: 0 Content-Type: text/html; charset="utf-8" X-FB-Debug: qUpxOdnlh648odG6kGdymMEwleeM9N3of4YAN7VuYm8vznlHcRXtcQHSiUsLTOizYrqRJv8IaB/sQr68f2WB0A== Date: Wed, 14 Apr 2021 22:36:47 GMT Transfer-Encoding: chunked Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 Connection: keep-alive

GET /macros/s/AKfycbyeDUociDSMjODhy_ZapM5zzyoJ3zrch9n5IUJeKIM3UQOEtZs/exec?loc=KR&app=Staoism&payoutcents=0.08&ver=3.5&ip=175.208.134.150 HTTP/1.1 Connection: Keep-Alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60 viewport-width: 1920 Host: script.google.com

HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Wed, 14 Apr 2021 22:36:56 GMT Referrer-Policy: origin X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Accept-Ranges: none Vary: Accept-Encoding Transfer-Encoding: chunked

GET /18hh57 HTTP/1.1 Connection: Keep-Alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60 viewport-width: 1920 Host: iplogger.org

HTTP/1.1 200 OK Server: nginx Date: Wed, 14 Apr 2021 22:36:57 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: PHPSESSID=tk9onrms1nvgtneom5s4q1olp0; path=/; HttpOnly Pragma: no-cache Set-Cookie: clhf03028ja=175.208.134.150; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=260608374; path=/ Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:01 GMT Answers: whoami: 58149afe84e6908d185d00c0e4340f3899f9bb38dcbdea3b271effc65ef0bb5a Strict-Transport-Security: max-age=31536000; preload X-Frame-Options: DENY

GET /json/ HTTP/1.1 Connection: Keep-Alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60 viewport-width: 1920 Host: ip-api.com

HTTP/1.1 200 OK Date: Wed, 14 Apr 2021 22:36:38 GMT Content-Type: application/json; charset=utf-8 Content-Length: 275 Access-Control-Allow-Origin: * X-Ttl: 60 X-Rl: 44

GET /api/fbtime HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60 Host: uyyge5w3ye.2ihsfa.com

HTTP/1.1 200 OK Server: nginx Date: Wed, 14 Apr 2021 22:36:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.3.23

POST /api/?sid=92468&key=165d0df49d4f7de7b67582d2a0345a1b HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60 Content-Length: 266 Host: uyyge5w3ye.2ihsfa.com

HTTP/1.1 200 OK Server: nginx Date: Wed, 14 Apr 2021 22:36:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.3.23