edisonformation.fr/
194.1.147.90301 Moved Permanently 707 B IP 194.1.147.90:0
ASN #210250 K Media Tech Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 18:15:05 GMT
Content-Type: text/html
Content-Length: 707
Connection: keep-alive
location: https://edisonformation.fr/
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
x-turbo-charged-by: LiteSpeed
X-Edge-Location: WPX CLOUD/AMS02
Server: WPX CLOUD/AMS02
X-Cache-Status: MISS
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 18:14:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gp_UUum-4oIywgllgUDMCIk_OEG4a9xpqtN6e-8xMAR8Nqo2Z1Zm1Q==
Age: 63
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11492
Expires: Thu, 22 Sep 2022 21:26:37 GMT
Date: Thu, 22 Sep 2022 18:15:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: l0P51Kq19Iq2ZCvI1qWl3E42DtsxrOVQG__neXztPpvKdG9YdZ4EwA==
age: 49191
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:15:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f8f4755453f26ea47eabb97ad6012de8
93a446a05e86476aee3d6294697d89b5a7d99dac
ee2dd60d8b50403e5d4fd7bb7585fe459ab334a6fd1b61cd83724f6241cf8a6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE2DD60D8B50403E5D4FD7BB7585FE459AB334A6FD1B61CD83724F6241CF8A6D"
Last-Modified: Thu, 22 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Fri, 23 Sep 2022 00:14:14 GMT
Date: Thu, 22 Sep 2022 18:15:06 GMT
Connection: keep-alive
edisonformation.fr/
194.1.147.13200 OK 30 kB IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15561)
Hash 083a792783168cf19ae0e30a28169b0e
2425afb80fc733795282c10eee3e99f47ff4c47a
ae8ee89c3ae3ea7bf8ce0ca804c4835727131107a1643633f529b2a0bb3cf3d3
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/html; charset=UTF-8
content-length: 30058
cache-control: public, max-age=-113697,public
expires: Wed, 21 Sep 2022 10:40:09 GMT
last-modified: Wed, 21 Sep 2022 09:40:09 GMT
etag: "756a-632adbf9-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: EXPIRED
X-Firefox-Spdy: h2
edisonformation.fr/wp-includes/css/dist/block-library/style.min.css
194.1.147.13200 OK 11 kB URL HTTP/2 edisonformation.fr/wp-includes/css/dist/block-library/style.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 10946
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:48:00 GMT
etag: "15b64-63248ca0-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css
194.1.147.13200 OK 259 B URL HTTP/2 edisonformation.fr/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
Hash 49736e2d926fb2846e2df8fc0a1b69f8
0c415addd3603df8843209de4fc448ef5c443761
be091ce2d9948f24a59c9d1578557cd92e8180e2318dc0a21308ca180071f8d0
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 259
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:54:00 GMT
etag: "308-63248e08-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
194.1.147.13200 OK 3.6 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 3629
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "4b4f-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/css/frontend-lite.min.css
194.1.147.13200 OK 13 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/css/frontend-lite.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (65497)
Hash c6a04d5d41c625c74bdce3b22d1831f6
e2328bd62dfac2d9811f83a6061b1bf2f568f77e
ee43b20e36ff6e5e86e9045311af29fbd1b1b7b3f17a430fb1fc0cf3fa9b9a6d
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 12986
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "1a788-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/elementor/css/post-5.css
194.1.147.13200 OK 509 B URL HTTP/2 edisonformation.fr/wp-content/uploads/elementor/css/post-5.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (2055), with no line terminators
Hash 0c703d1231c3d02833000756686d811a
4b0b6b7983cbe23ec4eb4ce2b401550058c84819
c0c47975c1cb1d9a89285a42cbf9f36574f2f0fd9694ef7761feef08fd98399d
GET /wp-content/uploads/elementor/css/post-5.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 509
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:40:07 GMT
etag: "807-632adbf7-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css
194.1.147.13200 OK 1.5 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (11487)
Hash b60048d8aba9cb4eedde35028fcd46d6
ba5fc1be9f3abddcaf2c77e136c37d075528cb65
736c972e9990d4b8f99d2f4d1c834dbb07d803baa323eb036c668a3230821897
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 1533
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:10:06 GMT
etag: "2d0a-632ad4ee-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
194.1.147.13200 OK 12 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (59158)
Hash 178f113615fea1b059cb42a9fcc9bb3d
a309d33fbab460ecc17467c18f99825c03ce039c
9fc6c8540b2078cfcec74cbd21ef6cedf7e2a4ec99d46a4868111eb601572859
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 12380
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "e7d0-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css
194.1.147.13200 OK 4.0 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (26516)
Hash 32699c444a181cd316ee6cb56688144a
1366537c3db165e86947a2e963407283a1ea5b58
6b6910bbb4dacf40ae040c445dd7dd1871097c97a1520b6d5f528d7d88c072a4
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 3987
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "684e-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css
194.1.147.13200 OK 7.4 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash 806afc62d640eb03fccbd5fe46ed8666
31259bb9e403fbe379125ea0c562ac11d76dc4d7
f7ceb3661377e98e71ccebe4d91336ac77e4e62a84bff79a1e6f865f3d00c26f
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 7374
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:54:00 GMT
etag: "127a4-63248e08-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/elementor/css/global.css
194.1.147.13200 OK 9.0 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/elementor/css/global.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (8793), with CRLF, LF line terminators
Hash 8b90e5a29c2a229cf8c5211cd0bf3f0a
f3f7681ff931bf4c45da6ef5801916e3619cf29d
8cb847013de4f77a6a23e18b0e1289f5f86eb6e5e2e79d2bd6c22de30bfb7a75
GET /wp-content/uploads/elementor/css/global.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 8980
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:40:08 GMT
etag: "2b650-632adbf8-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/elementor/css/post-6.css
194.1.147.13200 OK 3.3 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/elementor/css/post-6.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (45082), with no line terminators
Hash baf68cceef0475d93e3e467147336f7e
b9f129b10ab5c789a0bf5137a56acd937d2ad6d0
1c01a49aec91f44a77f0401f473f06664899d91fe21de510333dd03eb84ec24d
GET /wp-content/uploads/elementor/css/post-6.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 3280
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:40:09 GMT
etag: "b01a-632adbf9-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/elementor/css/post-122.css
194.1.147.13200 OK 1.2 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/elementor/css/post-122.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (4468)
Hash e327b27209a27afe607b7d133cb0b2a0
6d91d9db91410f50492d8e2c587974a7b3d1fec4
2a02ea6aab4b96e04b26423863071d3807a5ce1c397d0102a5e2295538ffefe5
GET /wp-content/uploads/elementor/css/post-122.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 1221
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:40:09 GMT
etag: "2df4-632adbf9-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/elementor/css/post-129.css
194.1.147.13200 OK 789 B URL HTTP/2 edisonformation.fr/wp-content/uploads/elementor/css/post-129.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (5189), with no line terminators
Hash 887d65567490a2fe1ca2c35aa39b3820
af50ab16bc28a6c839c6a28f06632f7b72960fb5
e71583d47d77dccdddcdd50a007da874426ef730599d542253c9aa5a90b30994
GET /wp-content/uploads/elementor/css/post-129.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 789
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:40:09 GMT
etag: "1445-632adbf9-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/themes/hello-elementor/style.min.css
194.1.147.13200 OK 1.7 kB URL HTTP/2 edisonformation.fr/wp-content/themes/hello-elementor/style.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (6051), with no line terminators
Hash cfe4870b943b2ade39a643e3a3d6d809
f1f4e04c908b19fa0a5a5b09de5b6b1dfc113f05
00f239a7fb673f1d8ab2db67b74e0bae64d103e520ee209c18e21b5bff3fb509
GET /wp-content/themes/hello-elementor/style.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 1711
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 15:05:00 GMT
etag: "17a3-6324909c-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/themes/hello-elementor/theme.min.css
194.1.147.13200 OK 2.4 kB URL HTTP/2 edisonformation.fr/wp-content/themes/hello-elementor/theme.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (15672), with no line terminators
Hash 0c53a727a9801d2d872125ab96be97df
40616b12b4a9f2e4533f9adc6f965ca2b44581e0
8a69f47fdb908591cba1faa64f3807cbb3b82e12f0fe099c6bcbd31213f3bea9
GET /wp-content/themes/hello-elementor/theme.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 2418
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 15:05:00 GMT
etag: "3d38-6324909c-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/cookie-notice/css/front.min.css
194.1.147.13200 OK 967 B URL HTTP/2 edisonformation.fr/wp-content/plugins/cookie-notice/css/front.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (5334), with no line terminators
Hash 257736dab7a9c54a1338e598f350c8e0
35603628a42981badb8bbcbef232458df605d9a4
97da98b3c8e9a41c2d04eb9875f48a3fc5b98ce708baf76fe795d4236b107c6e
GET /wp-content/plugins/cookie-notice/css/front.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 967
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:54:00 GMT
etag: "14d6-63248e08-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
194.1.147.13200 OK 12 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 12133
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "e238-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
194.1.147.13200 OK 286 B URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 286
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "29d-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css
194.1.147.13200 OK 283 B URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (491)
Hash 453a93dc816be89f942ebb253ff199fb
01563d6019803e3ff2a94c5397e7e771ee6f440d
36beebcd3778e04c8973faa581d07c7e7dc0bac2a77f637379e7d110383ab5d7
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 283
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "2a5-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css
194.1.147.13200 OK 284 B URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (489)
Hash dc279c928e2924b07a4a7575f8070ee8
0196756cacdb61ef40483af7ea982b699b0933de
80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 284
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "2a3-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css
194.1.147.13200 OK 3.8 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (22127), with no line terminators
Hash ee1134bcbb23f0cfaf992183c1087a6f
f2d2be83e5a1012f232eae5d2b4ed71071613fd2
cd2720a78f53e52ebf656e1b69a9a8f7960462072834b5b016538add8c1479f9
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 3809
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:55:00 GMT
etag: "566f-63248e44-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js
194.1.147.13200 OK 4.0 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (14869)
Hash 564f097cf1c91789ede5935f27f4f879
7d08e220324006fe221bbc176df2051be8fc1f31
2de1ed7e80ab790199f4b3785fd3ac2494e039a96e55c67e76ea88244dfc93e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 4035
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "3acf-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-includes/js/jquery/jquery.min.js
194.1.147.13200 OK 30 kB URL HTTP/2 edisonformation.fr/wp-includes/js/jquery/jquery.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 30273
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:42:00 GMT
etag: "15db1-63248b38-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-includes/js/jquery/jquery-migrate.min.js
194.1.147.13200 OK 4.0 kB URL HTTP/2 edisonformation.fr/wp-includes/js/jquery/jquery-migrate.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 3995
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:42:00 GMT
etag: "2bd8-63248b38-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/cookie-notice/js/front.min.js
194.1.147.13200 OK 2.0 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/cookie-notice/js/front.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type C source, ASCII text, with very long lines (8750), with no line terminators
Hash a96c0f83522ef34892ab3722953bf3c7
140b12d376c14ac81b02bb6eee88c3c9bacb0478
daf9fbe2331e58518af4f06aafd164649cc399fe921299c57e2e4c046b942e83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-notice/js/front.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 1970
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:54:00 GMT
etag: "222e-63248e08-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js
194.1.147.13200 OK 12 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (41234), with no line terminators
Hash 7d2dff41a2cd3cb76fffd0832c630c7b
1bec11d39166b0b10e890590e605b1fefd244c21
3a405acba03ee25277fb3a017bf25cb926be7bc003e9bcc6c018b3c0217a1366
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 11979
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:55:00 GMT
etag: "a112-63248e44-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js
194.1.147.13200 OK 2.9 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (13218), with no line terminators
Hash 02a6797f8c705021db9993f19f04fd15
0606aa275d8c47a7e74aebe89fa35b62f12eabab
48c5e8b371f4c0e2e8d4277d410071c583b3c6a31a1fd38867d48ba72423b55a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 2896
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:55:00 GMT
etag: "33a2-63248e44-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/smartslider-backgroundanimation.min.js
194.1.147.13200 OK 5.7 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/smartslider-backgroundanimation.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (28062), with no line terminators
Hash e66669aeb18def890ec6de834fdae001
6cafaa27deb9178d9794932ff16b49b37cb28cc5
573f23287d4aac4235e464d3f942c5e03b990e5a1b7e48790ecb26c5fb12e3ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/smartslider-backgroundanimation.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 5671
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:55:00 GMT
etag: "6d9e-63248e44-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js
194.1.147.13200 OK 500 B URL HTTP/2 edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (1248), with no line terminators
Hash 48d0c1da38d076f3c7be9b3e713b47bb
65431b480e904c62a2569a74c214ff6b57b68437
a2d41dfdf9def396760974789eecbb9eb1dce36002bdd8af0dfe9cda8a5ca54a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 500
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:55:00 GMT
etag: "4e0-63248e44-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
194.1.147.13200 OK 905 B URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (11736)
Hash 7f8a841299b4629056a941fb4bddbf71
7fe3c944d3f99fddb3b486c1bcf996f3aa71b5da
8a008d181a4f03194f2f73898d49a9912832c12a5c302c3314bc0a520e589571
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 905
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "2dff-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
194.1.147.13200 OK 2.4 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: text/css; charset=UTF-8
content-length: 2442
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "4824-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js
194.1.147.13200 OK 4.7 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (12498), with no line terminators
Hash ff899be4be43c9aa981f9c089c97dedd
506e231204e3ba01c5891ba93f42b219efa200b6
8c14eff011eaa262446009e6fb30c941bcc08ee770a66934c49f7d4076620064
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 4695
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:17:11 GMT
etag: "30d2-632ad697-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js
194.1.147.13200 OK 953 B URL HTTP/2 edisonformation.fr/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (3164), with no line terminators
Hash 4a7d773f90facef221a9cfa11bdb2973
5ecb3100b641b2af7f7d56533a14b23fcaf15787
0fe42ed1de09f98dd0cc32f562d016a8d9cc13fcd0a0d407a11a66714c999fca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 953
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 15:05:00 GMT
etag: "c5c-6324909c-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/header-footer-elementor/inc/js/frontend.js
194.1.147.13200 OK 3.6 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/header-footer-elementor/inc/js/frontend.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
Hash f5cc445bac69ba3d60941ce27ea238dc
54eb89f0c70490da82e812766631cd67eb9be29a
32a0f1b26f9430afc3f9283e9f8a5c4df7910627b2a75ba58e1fe58b03cc41f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 3600
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:54:00 GMT
etag: "6aab-63248e08-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
194.1.147.13200 OK 2.2 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (5141)
Hash 11a09eb3f8095f34cefa3029aa381c64
cfc98d6be411e8cb44817c2146a08b2261fa355d
829c945db9dc945562d7f0dd726f296e90f1bf9b0076fe3e96291ca1db0807f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 2188
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:10:06 GMT
etag: "1440-632ad4ee-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
194.1.147.13200 OK 2.0 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (4918)
Hash addd6b2b47516aab871a8c846e4208eb
72c83f580bfc1ce85f6fc394e0bac5fc1446d8bf
6b1770e81200444e4cffdeee08a8af358f5e35edd3398a2e2f4a7fc62c2c5734
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 2044
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "135d-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
194.1.147.13200 OK 10 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash cb762f3d93a33a602d19b3994fe4e699
a9168bedc5f58243b41aaab73c68b32f6992635c
ca59fddd171412b6972463da0ac99bf372e17578816d3e79f4c247c34102a27d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 10420
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "80a1-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-includes/js/dist/vendor/regenerator-runtime.min.js
194.1.147.13200 OK 2.4 kB URL HTTP/2 edisonformation.fr/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 2354
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:42:00 GMT
etag: "194b-63248b38-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 22 Sep 2022 18:03:22 GMT
Expires: Thu, 22 Sep 2022 18:12:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: i6P5pIwaZ1vv688WELDz7t3idnss-ZP8jfGwpB5INu6Jb_e-9iX8ig==
Age: 704
edisonformation.fr/wp-includes/js/dist/vendor/wp-polyfill.min.js
194.1.147.13200 OK 6.9 kB URL HTTP/2 edisonformation.fr/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 1f5152610686781567fb3008c4429792
d0c0bddf5fb8603ed8e55c32f3093c2207f72471
75806ece853d0d76e655a433bd03548d3be6237ea1e4cacd5963f528bbe0d192
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 6872
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:42:00 GMT
etag: "4ac6-63248b38-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-includes/js/dist/hooks.min.js
194.1.147.13200 OK 1.6 kB URL HTTP/2 edisonformation.fr/wp-includes/js/dist/hooks.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 1575
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:42:00 GMT
etag: "132e-63248b38-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-includes/js/dist/i18n.min.js
194.1.147.13200 OK 3.7 kB URL HTTP/2 edisonformation.fr/wp-includes/js/dist/i18n.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
Hash f778ade6a70be55cbf039cfafb20fa7f
68d7a7f2d88907a038ec557ae0ab67f58d7bcdc5
88fd2a2f80a5ff9f70a6c4019d81f3bae8bc92623697454faa44f448cc43ad93
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 3717
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:42:00 GMT
etag: "27ee-63248b38-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5235
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:06 GMT
Last-Modified: Thu, 22 Sep 2022 16:47:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
edisonformation.fr/wp-content/plugins/elementor-pro/assets/js/frontend.min.js
194.1.147.13200 OK 5.5 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor-pro/assets/js/frontend.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (21374)
Hash 67e48785dcd857201122c8f46d2c7758
72ab94428b614ae30d4644aa48b4f570ca4a8ed7
19097c0a7dfc7529811bc5379d5784a750b220e547ddb74240c039d038315575
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 5506
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:10:06 GMT
etag: "53a9-632ad4ee-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
194.1.147.13200 OK 2.9 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 2867
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "2fa6-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-includes/js/jquery/ui/core.min.js
194.1.147.13200 OK 6.6 kB URL HTTP/2 edisonformation.fr/wp-includes/js/jquery/ui/core.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 6637
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:42:00 GMT
etag: "50eb-63248b38-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/js/frontend.min.js
194.1.147.13200 OK 12 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/js/frontend.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (40474)
Hash cf9df4d15291b14a459fdd30b118a1a4
450c2a4389a4d7e12fac3f1c49e79ca477521140
f109234d786cb6f29e805b2a5764f33f04b918bd76f4249ac94a3f39887facaf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 11703
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "9e41-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js
194.1.147.13200 OK 5.3 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (24339)
Hash 989e0ec543ec223f6a7e4d5f8a0dfa0a
e353a9242dff69a409677d8b9d20f5a5eafbbfd2
1150f735ebce4850c00d09484f8355a8dc8e81b65b3b6dba0abddb3099572efe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 5290
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:10:06 GMT
etag: "5f3e-632ad4ee-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
194.1.147.13200 OK 4.6 kB URL HTTP/2 edisonformation.fr/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 4619
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:42:00 GMT
etag: "48b9-63248b38-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edisonformation.fr/wp-content/uploads/2022/04/3-2.png
194.1.147.13200 OK 1.6 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/04/3-2.png
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7a3d361f730849a7ee08faace42cab30
4a941d18e7af8d78bb114f043a0a1cd45c873131
e11cbc5be90200578ab094aa4d7c35042da5f60591dde40873e45723f72d974e
GET /wp-content/uploads/2022/04/3-2.png HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/wp-content/uploads/elementor/css/post-6.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: image/webp
content-length: 1640
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:25:34 GMT
etag: "668-632ad88e-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/2022/04/9.png
194.1.147.13200 OK 228 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/04/9.png
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Size 228 kB (228534 bytes)
Hash 093f23e7aa0d6331b91ae99f017e4009
1c8e852011b745b44d887c589fda83dfe597be0c
00555d7ac281aa5266d3c17d0a775f1f25d9784259780006a3beea4e1e4bd147
GET /wp-content/uploads/2022/04/9.png HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/wp-content/uploads/elementor/css/post-6.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: image/webp
content-length: 228534
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:28:21 GMT
etag: "37cb6-632ad935-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/2022/03/video.png
194.1.147.13200 OK 0 B URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/03/video.png
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2022/03/video.png HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/wp-content/uploads/elementor/css/post-6.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: image/png
content-length: 0
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:33:41 GMT
etag: "0-632ada75-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edisonformation.fr/wp-content/uploads/2022/04/happy-woman-with-short-hairstyle-listening-to-music-by-earphones-and-having-fun-over-yellow-wall-scaled.jpg
194.1.147.13200 OK 54 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/04/happy-woman-with-short-hairstyle-listening-to-music-by-earphones-and-having-fun-over-yellow-wall-scaled.jpg
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 36f91d4b4c228ad05a98778176bfe6ea
7095585978f849cc4a5b9695bb5238cf3d191e4e
df113e14ef8b19157251eccf671c1da919628210bc617bc5c65953bb7fc164a6
GET /wp-content/uploads/2022/04/happy-woman-with-short-hairstyle-listening-to-music-by-earphones-and-having-fun-over-yellow-wall-scaled.jpg HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/wp-content/uploads/elementor/css/post-6.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: image/webp
content-length: 54088
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:23:36 GMT
etag: "d348-632ad818-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/2022/03/neonbrand-zFSo6bnZJTw-unsplash-1-1.png
194.1.147.13200 OK 304 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/03/neonbrand-zFSo6bnZJTw-unsplash-1-1.png
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Size 304 kB (304420 bytes)
Hash 1b2c1c60cf6afafa6ff644e9cc26a45e
0f6e037c5f55fb01582ccb82bac34f35d7e10c06
44d3f5425a33b689d7d127db10fabd0982a47a0ebdc4ead37f99129fceab1604
GET /wp-content/uploads/2022/03/neonbrand-zFSo6bnZJTw-unsplash-1-1.png HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/wp-content/uploads/elementor/css/post-6.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: image/webp
content-length: 304420
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:30:40 GMT
etag: "4a524-632ad9c0-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edisonformation.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 81847
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
142.250.74.163200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 25672, version 1.0\012- data
Hash fe3e5be2baa0126122ba9367ebab73c8
40bec99106dfab5f3721ed725483eb618a9016cd
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edisonformation.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:15:54 GMT
expires: Tue, 19 Sep 2023 21:15:54 GMT
cache-control: public, max-age=31536000
age: 248352
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edisonformation.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 81658
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
194.1.147.13200 OK 78 kB URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/font-woff2
content-length: 78196
cache-control: public, max-age=31536000,public
expires: Fri, 22 Sep 2023 18:15:06 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "13174-632acc17-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edisonformation.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:32:09 GMT
expires: Thu, 21 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 81777
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edisonformation.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 81847
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edisonformation.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 81658
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.191.222.112101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.222.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wybFe0tJH4ON/30+WyI5EQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fsqgFw50h7mlyG209zArS5eUOzw=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.w.org/images/core/emoji/14.0.0/svg/2764.svg
192.0.77.48200 OK 368 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/2764.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash 0483f2b648dcc986d01385062052ae1c
61bd815f1497863265a76d92623042835e5e7fe2
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
GET /images/core/emoji/14.0.0/svg/2764.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: image/svg+xml
content-length: 368
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/2022/03/fav-150x150.png
194.1.147.13200 OK 11 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/03/fav-150x150.png
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Hash eac578c7e001f985c384806b2a3d1c09
b3505dc9fd07fbe9b6216a0ef1be07d86c6ae4a7
f57dcf10067ef677c7094f2ad2f228a33952e00e18ea139f941b815a4645bf32
GET /wp-content/uploads/2022/03/fav-150x150.png HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:07 GMT
content-type: image/webp
content-length: 11174
cache-control: public, max-age=31536000,public
expires: Fri, 22 Sep 2023 10:18:15 GMT
last-modified: Wed, 21 Sep 2022 09:30:32 GMT
etag: "2ba6-632ad9b8-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/2022/03/fav.png
194.1.147.13200 OK 838 B URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/03/fav.png
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4358c38560a1ceefceb80ed866fcda66
c73804e94d09ced4cedf6bba912c74661ce3e6b1
1a2ec7e5423d83acf222a10cbf69469977432a2c498af5107e93e66f2367af06
GET /wp-content/uploads/2022/03/fav.png HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:07 GMT
content-type: image/webp
content-length: 838
cache-control: public, max-age=31536000,public
expires: Fri, 22 Sep 2023 18:15:07 GMT
last-modified: Wed, 21 Sep 2022 09:30:31 GMT
etag: "346-632ad9b7-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/2022/03/logotype_edison_formation_transparent-1024x157-1.png.webp
194.1.147.13200 OK 12 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/03/logotype_edison_formation_transparent-1024x157-1.png.webp
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Hash bac029bcd68d94be5c966ac137ebfca4
b8139ffdd55a2f910d61cefbdf259e0b478fe8af
9f17c739499d70292dfac4ceb7b720c33b1c6fa6e84f013cb49c356edc211ff6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/03/logotype_edison_formation_transparent-1024x157-1.png.webp HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:07 GMT
content-type: image/webp
content-length: 12524
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 09:30:33 GMT
etag: "30ec-632ad9b9-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
194.1.147.13200 OK 600 B URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type ASCII text, with very long lines (1320)
Hash 52fa8ecdce8e3e2e70a8a88077f9b09a
9b2c617aee8b2b9dc0b5aa28f0348bf6a62f6108
5d8ba35bc2e484706ff3c5c6236cc6a97a3d00252159050207d5d53e069751d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:07 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 600
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "54f-632acc17-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/64947e15/www-widgetapi.vflset/www-widgetapi.js
142.250.74.110200 OK 54 kB URL HTTP/2 www.youtube.com/s/player/64947e15/www-widgetapi.vflset/www-widgetapi.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (717)
Hash 6033744b362cbee7e4bc268ac2bfe715
ddee3cf6d2fc4dc3d07a8f602543903dca73e73a
e99370f6de547c56c42033ba649027425a71f8a54ee84052bf0763e4707b25ef
GET /s/player/64947e15/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 53539
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:48:38 GMT
expires: Thu, 21 Sep 2023 14:48:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
content-type: text/javascript
age: 98789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edisonformation.fr/wp-content/uploads/2022/05/logo_moncompteformation_rvb-300x177.png
194.1.147.13200 OK 12 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/05/logo_moncompteformation_rvb-300x177.png
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5088b2f03d7c227f0f2c89fc882700b8
cf627ffcb65b2bb87780f391887eebc8cd3e3347
c1d4fb93826b235b535e2b82bcdc29338d8a35cea0c4d5a26f8fd7406ae2d014
GET /wp-content/uploads/2022/05/logo_moncompteformation_rvb-300x177.png HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:07 GMT
content-type: image/webp
content-length: 11680
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:46 GMT
last-modified: Wed, 21 Sep 2022 09:19:58 GMT
etag: "2da0-632ad73e-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/2022/05/LogoQualiopi-150dpi-AvecMarianne-300x160.png.webp
194.1.147.13200 OK 18 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/05/LogoQualiopi-150dpi-AvecMarianne-300x160.png.webp
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 04b5eb7676888012ae40cf7ead43eaf9
4bc3b6d9f069a4cd132434f0598c27b475d5e208
40ad9780aa09654434c4c8bb65acd8b889b1987ca5953fe2436ce12c866a27f4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/05/LogoQualiopi-150dpi-AvecMarianne-300x160.png.webp HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:07 GMT
content-type: image/webp
content-length: 17608
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:46 GMT
last-modified: Wed, 21 Sep 2022 09:19:47 GMT
etag: "44c8-632ad733-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 452589
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.110200 OK 3.3 kB URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.110:0
File type ASCII text, with very long lines (509)
Hash e0d00c5f87cd0404d11eebc740d62216
dca0d28960fc56d780e0cd7008dfa8dd88ccad4d
515a75a0e65f81eb266acb99ab9871b5138aca9a453c376f26476215561a3ef2
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 22 Sep 2022 18:15:07 GMT
date: Thu, 22 Sep 2022 18:15:07 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=OlCvr9ll-gE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=3pVN-_qP0a8; Domain=.youtube.com; Expires=Tue, 21-Mar-2023 18:15:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+691; expires=Sat, 21-Sep-2024 18:15:07 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1b099985efaf8c67552ba2a67ae2a21
b464042a8dd957fd751bc03701e5907b85a02099
e715e3919eba0991fffa4e7123e5561c7190ec5cd6d10d64430be810650486a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 18:03:04 GMT
expires: Thu, 22 Sep 2022 18:18:04 GMT
cache-control: public, max-age=900
age: 724
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.194302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 22 Sep 2022 18:15:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 18:15:08 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04fcf7ddca845d2b087ec43ab5ff0d59
39060a9af77ba92e5db529ba7c79013d205c9423
1ae0d60b572f2075bddfe8ae2034ddd093150d0d18c72d967b3bb8c4abffb23e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 869888e1890c222872a5ff515e402f71
871286989c0d3639dba0a84b8e43b8f29414024a
0b4c15ba6ed6d9dc0b6a64ef4f9935061a66ff1dadf1827b202933b62b04f680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash cacf49085cb5f34336e5124954442408
afef969c1939609e2d21d28983da30d91de357d4
4f05845cf9100e8977546695f5279dbb013a0d03bb256e3cabf79f26f7bbfccc
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 18:15:08 GMT
server: ESF
cache-control: private
content-length: 30862
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/2022/03/team-1-1.png.webp
194.1.147.13200 OK 4.9 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/03/team-1-1.png.webp
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 59f309936a23a4c0731c0861769c7930
cb3e447f64e4f3f739b6debcd6b21b88fef543fd
3ff85b7229d98589d1e9d4b67546e4634b76c933b4990a4d32392650b6f0602d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/03/team-1-1.png.webp HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:08 GMT
content-type: image/webp
content-length: 4902
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:47 GMT
last-modified: Wed, 21 Sep 2022 09:30:44 GMT
etag: "1326-632ad9c4-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.com/js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36059)
Hash 653ca66c61b84cbd83869ee18f017d75
90a6545ff9e57c4b7aead2902a6b490020062f8d
9a2bb3e8ba9e5b19e7d5ceef273a3ef848af3472f0e779f6764037e78dfdccea
GET /js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:09:23 GMT
expires: Thu, 21 Sep 2023 05:09:23 GMT
cache-control: public, max-age=31536000
age: 133545
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/2022/03/team-1-4.png.webp
194.1.147.13200 OK 4.1 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/03/team-1-4.png.webp
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0bbf0185cceddcc98856d9f505f7429f
9383bdd3a3540fa772d139d2783dcbfe570bc937
e5cc33e42f0469e9814691fc4a69079e5056b51804a94bf8dc406a2c0469d426
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/03/team-1-4.png.webp HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:08 GMT
content-type: image/webp
content-length: 4060
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:47 GMT
last-modified: Wed, 21 Sep 2022 09:30:44 GMT
etag: "fdc-632ad9c4-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/uploads/2022/03/team-1-2.png.webp
194.1.147.13200 OK 4.7 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/03/team-1-2.png.webp
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8655b7068a9ae71fcf30a1baa9a91e28
ce36e1f417f53f10599ccbd1a18fda297d19d4e9
dd55f5e785d48a8c7278880f7e3dc488b6f4b01862b0714dfe4fbc2ff99a5fe1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/03/team-1-2.png.webp HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:08 GMT
content-type: image/webp
content-length: 4720
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:47 GMT
last-modified: Wed, 21 Sep 2022 09:30:44 GMT
etag: "1270-632ad9c4-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3566
Expires: Thu, 22 Sep 2022 19:14:34 GMT
Date: Thu, 22 Sep 2022 18:15:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3566
Expires: Thu, 22 Sep 2022 19:14:34 GMT
Date: Thu, 22 Sep 2022 18:15:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3566
Expires: Thu, 22 Sep 2022 19:14:34 GMT
Date: Thu, 22 Sep 2022 18:15:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 74459
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/zOeWgakv6N4/maxresdefault.webp
216.58.207.214200 OK 48 kB URL HTTP/2 i.ytimg.com/vi_webp/zOeWgakv6N4/maxresdefault.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa46653160e485cdf89050a1a6cae052
0a2cfbb5de56c108f854b5c26100aa921d4d3384
a2372c2b7c669ffc3a40403d2739868402fbab1d8eeeb3ae93bff3b35c5568a5
GET /vi_webp/zOeWgakv6N4/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48450
date: Thu, 22 Sep 2022 18:15:08 GMT
expires: Thu, 22 Sep 2022 20:15:08 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3566
Expires: Thu, 22 Sep 2022 19:14:34 GMT
Date: Thu, 22 Sep 2022 18:15:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UoQTXSP0LgR4LwELp2Avm27hUekfO9TU9yfvNbIlmUtB-FrU9MGRbg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:19 GMT
age: 73609
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: bc551b18-fddb-4502-8c11-b8de83d75def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwlKzF9FoAMFp_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329b578-7e030b2e0af1d1c309d2dde6;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 12:43:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dRyKwUtxiHGz_bqMMSlRKS1cDNhKm_g1ocpZLmE15k8owH789jueWA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:19:10 GMT
age: 71758
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:26 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 73602
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 74459
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: 18122f14-4c48-43b3-b312-218f3ae84d93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8EVfoAMF3dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-3d23a04565d70f3c5403007b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9zc5SsL1SB9GtwMkVWcNLJzC-MfOd-5TiQck5s6-MV23RWPqWPAgtA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 18:00:45 GMT
age: 863
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 09a7b0e5b84c483fa9df81e325092d4b
e57713307a2c18a615e3b5e9e21e83b249ecaa46
49478b42b349d714a37ed968b88193ac5269b4bb6dbdd73073bef8fe2092ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edisonformation.fr/wp-content/uploads/2022/03/team-1-3.png.webp
194.1.147.13200 OK 3.2 kB URL HTTP/2 edisonformation.fr/wp-content/uploads/2022/03/team-1-3.png.webp
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
File type RIFF (little-endian) data, Web/P image\012- data
Hash fba06ae8add778d645a709c12beb1005
220abb59f23e9c63872eff6339b591ebab407464
97353baa426ac2d0b32a2351117a0701cd15f4e11c685c0b791157dcbde1799a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/03/team-1-3.png.webp HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:08 GMT
content-type: image/webp
content-length: 3170
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:47 GMT
last-modified: Wed, 21 Sep 2022 09:30:43 GMT
etag: "c62-632ad9c3-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ba085eac40d709ceb1cce6ee214a9c46
0ab76ebd78db62b72713c6d169c93ea8e6666229
e27bcb5479eb67d000cde4edaba830a2bdd046d1160452c332638d7bb2df5d25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ba085eac40d709ceb1cce6ee214a9c46
0ab76ebd78db62b72713c6d169c93ea8e6666229
e27bcb5479eb67d000cde4edaba830a2bdd046d1160452c332638d7bb2df5d25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&mh=Ps&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7d&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1445000&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&mt=1663870201&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQs5UMNGj9X3YHLsQOdNRtOZsYnbkQVkf5jUfgj8U8d0CIE5bE14ezWH8GBE3qUZI4ZHr2rML3YymZKw6K0qmi58C&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&sq=0&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&mh=Ps&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7d&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1445000&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&mt=1663870201&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQs5UMNGj9X3YHLsQOdNRtOZsYnbkQVkf5jUfgj8U8d0CIE5bE14ezWH8GBE3qUZI4ZHr2rML3YymZKw6K0qmi58C&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&sq=0&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1069), with no line terminators
Hash 0557ee2a76d9688e3ca8444e120fbf24
81b0dc2102d49fb2cd09702a71c44f89798b24f3
de5379fefd9d93925dff310473852223edd8780f4215eaf812a1169bad01d677
GET /videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&mh=Ps&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7d&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1445000&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&mt=1663870201&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQs5UMNGj9X3YHLsQOdNRtOZsYnbkQVkf5jUfgj8U8d0CIE5bE14ezWH8GBE3qUZI4ZHr2rML3YymZKw6K0qmi58C&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 22 Sep 2022 18:15:08 GMT
Expires: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1069
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=251&source=youtube&requiressl=yes&mh=Ps&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7d&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1445000&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=audio%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&gir=yes&clen=7265&otfp=1&dur=15.421&lmt=1651166146613959&mt=1663870201&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMHAkd-s2oSvvRAmO2cBGLcbtzUYj_ZdvWJnC5rhhyL-AiEAyiVhRFj_RtEIHBXLFI7uv7FAfin35grY5HuCbmUgmeY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQs5UMNGj9X3YHLsQOdNRtOZsYnbkQVkf5jUfgj8U8d0CIE5bE14ezWH8GBE3qUZI4ZHr2rML3YymZKw6K0qmi58C&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&range=0-7264&rn=2&rbuf=0
91.90.45.173200 OK 1.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=251&source=youtube&requiressl=yes&mh=Ps&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7d&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1445000&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=audio%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&gir=yes&clen=7265&otfp=1&dur=15.421&lmt=1651166146613959&mt=1663870201&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMHAkd-s2oSvvRAmO2cBGLcbtzUYj_ZdvWJnC5rhhyL-AiEAyiVhRFj_RtEIHBXLFI7uv7FAfin35grY5HuCbmUgmeY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQs5UMNGj9X3YHLsQOdNRtOZsYnbkQVkf5jUfgj8U8d0CIE5bE14ezWH8GBE3qUZI4ZHr2rML3YymZKw6K0qmi58C&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&range=0-7264&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1039), with no line terminators
Hash dbebf5513d21b6b313e73774e7158e31
294e2f12317b1ab2c8f18364d6286ce08ec414b6
79a6cda12747e56e01256ce211f3c39ac5dd022308e3449896be31060ef5ae17
GET /videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=251&source=youtube&requiressl=yes&mh=Ps&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7d&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1445000&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=audio%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&gir=yes&clen=7265&otfp=1&dur=15.421&lmt=1651166146613959&mt=1663870201&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMHAkd-s2oSvvRAmO2cBGLcbtzUYj_ZdvWJnC5rhhyL-AiEAyiVhRFj_RtEIHBXLFI7uv7FAfin35grY5HuCbmUgmeY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQs5UMNGj9X3YHLsQOdNRtOZsYnbkQVkf5jUfgj8U8d0CIE5bE14ezWH8GBE3qUZI4ZHr2rML3YymZKw6K0qmi58C&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&range=0-7264&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 22 Sep 2022 18:15:08 GMT
Expires: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1039
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ba085eac40d709ceb1cce6ee214a9c46
0ab76ebd78db62b72713c6d169c93ea8e6666229
e27bcb5479eb67d000cde4edaba830a2bdd046d1160452c332638d7bb2df5d25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 18:15:08 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b6a275bf6369087cdaafd1924a96e179
82b45dcbb895f7cb7b3f121491233481930d7460
45737db16d2bda658e412d14a756c4788eaaf5761bbaf035188163ab341e29c1
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1216
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 18:15:08 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce5656803ff4d6e7c1114dc6a550770
2f2794f56b4e86ce4ea3bb54d6474bb73f3282e6
6f93e7a5fd8e27c2d4c738dca3659d3c28c268c533f427aaebaa45d2dd22cf10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce5656803ff4d6e7c1114dc6a550770
2f2794f56b4e86ce4ea3bb54d6474bb73f3282e6
6f93e7a5fd8e27c2d4c738dca3659d3c28c268c533f427aaebaa45d2dd22cf10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5goeen7d.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=251&source=youtube&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=audio%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&gir=yes&clen=7265&otfp=1&dur=15.421&lmt=1651166146613959&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMHAkd-s2oSvvRAmO2cBGLcbtzUYj_ZdvWJnC5rhhyL-AiEAyiVhRFj_RtEIHBXLFI7uv7FAfin35grY5HuCbmUgmeY%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Ps&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1663870428&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANfKwYJzmNHfGces6_MUbq7BC2VMbO2qVDU4Jh5BpkwZAiBzSZrQYEEnweXNhmKZwbwzzpPIJFU2AUNHpqQNwGa_rw%3D%3D&range=0-7264&rn=4&rbuf=0
173.194.150.183200 OK 1.0 kB URL HTTP/1.1 rr1---sn-5goeen7d.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=251&source=youtube&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=audio%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&gir=yes&clen=7265&otfp=1&dur=15.421&lmt=1651166146613959&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMHAkd-s2oSvvRAmO2cBGLcbtzUYj_ZdvWJnC5rhhyL-AiEAyiVhRFj_RtEIHBXLFI7uv7FAfin35grY5HuCbmUgmeY%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Ps&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1663870428&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANfKwYJzmNHfGces6_MUbq7BC2VMbO2qVDU4Jh5BpkwZAiBzSZrQYEEnweXNhmKZwbwzzpPIJFU2AUNHpqQNwGa_rw%3D%3D&range=0-7264&rn=4&rbuf=0
IP 173.194.150.183:0
File type ASCII text, with very long lines (1048), with no line terminators
Hash 528563aa840df0a4ba072ca7f7706337
20e24d0d31bfd58e42fa51dc5bdec0dabf40af68
a375529b6905fa4e1ddb38bb8358e32fcb33466d059b223687205fb816df3b86
GET /videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=251&source=youtube&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=audio%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&gir=yes&clen=7265&otfp=1&dur=15.421&lmt=1651166146613959&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMHAkd-s2oSvvRAmO2cBGLcbtzUYj_ZdvWJnC5rhhyL-AiEAyiVhRFj_RtEIHBXLFI7uv7FAfin35grY5HuCbmUgmeY%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Ps&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1663870428&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANfKwYJzmNHfGces6_MUbq7BC2VMbO2qVDU4Jh5BpkwZAiBzSZrQYEEnweXNhmKZwbwzzpPIJFU2AUNHpqQNwGa_rw%3D%3D&range=0-7264&rn=4&rbuf=0 HTTP/1.1
Host: rr1---sn-5goeen7d.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 22 Sep 2022 18:15:08 GMT
Expires: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1048
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-5goeen7d.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Ps&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1663870428&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgZjyXVIfEVaGSkqTcF3wASzXuQr1CrrfvUU6SdGyhw_sCIAWnf4UTTu3sQqBIx_ugq1DO8eORj1B_UpleqnuFBuXg&sq=0&rn=3&rbuf=0
173.194.150.183200 OK 1.1 kB URL HTTP/1.1 rr1---sn-5goeen7d.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Ps&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1663870428&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgZjyXVIfEVaGSkqTcF3wASzXuQr1CrrfvUU6SdGyhw_sCIAWnf4UTTu3sQqBIx_ugq1DO8eORj1B_UpleqnuFBuXg&sq=0&rn=3&rbuf=0
IP 173.194.150.183:0
File type ASCII text, with very long lines (1088), with no line terminators
Hash f2f0af0d4b82eb9b209290aeeab4285c
da92e3bc58a0cea1d66afe48449fe01da7b9c0ac
7a6556ff8e696ce0655ca29a0c9135a98886e5ce6bbe1cb04d8811b7cf379642
GET /videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Ps&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1663870428&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgZjyXVIfEVaGSkqTcF3wASzXuQr1CrrfvUU6SdGyhw_sCIAWnf4UTTu3sQqBIx_ugq1DO8eORj1B_UpleqnuFBuXg&sq=0&rn=3&rbuf=0 HTTP/1.1
Host: rr1---sn-5goeen7d.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 22 Sep 2022 18:15:08 GMT
Expires: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1088
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce5656803ff4d6e7c1114dc6a550770
2f2794f56b4e86ce4ea3bb54d6474bb73f3282e6
6f93e7a5fd8e27c2d4c738dca3659d3c28c268c533f427aaebaa45d2dd22cf10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9u74UnnM6aqwYZzh9J48_Vg2rZ3I512tZRL37Ewg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9u74UnnM6aqwYZzh9J48_Vg2rZ3I512tZRL37Ewg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 831d65f72760d83d0b8bdc2ed2328b03
38f3cac32b9c038c962984df11360bb57592c88d
cb2ed2ee8a4fa9029b41134ed01282c0dfabf7a9847eafd132eb50a40ade0125
GET /ytc/AMLnZu9u74UnnM6aqwYZzh9J48_Vg2rZ3I512tZRL37Ewg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vf0"
expires: Fri, 23 Sep 2022 18:15:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 22 Sep 2022 18:15:08 GMT
server: fife
content-length: 4102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr3---sn-5hnekn76.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&cm2rm=sn-capm-vnae7l,sn-5gols7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ps&mm=34&mn=sn-5hnekn76&ms=ltu&mt=1663869808&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOPnm6CQcEpNu7QS0s03nvP2PfoDhdFkbS2CZKIRbwMSAiAmjmOQ78oqSR9LAxsgaSvQtTQTBhDEW8Z7OBNiqZo5eA%3D%3D&sq=0&rn=6&rbuf=0&pot=DyDapluXn3wSIOLWnDKYO8GkS5oiSKZYeDQh_p7pZBT0UB1XkLBYU-Vi-3oZMxEA-OL9V_1LAp7SX6YIiAymx_dXPGHCBv0G3yMsnk-EaA8ne71CzzzdQNJUmZKe9qhGw-r7xWo=
209.85.226.8200 OK 276 B URL HTTP/1.1 rr3---sn-5hnekn76.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&cm2rm=sn-capm-vnae7l,sn-5gols7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ps&mm=34&mn=sn-5hnekn76&ms=ltu&mt=1663869808&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOPnm6CQcEpNu7QS0s03nvP2PfoDhdFkbS2CZKIRbwMSAiAmjmOQ78oqSR9LAxsgaSvQtTQTBhDEW8Z7OBNiqZo5eA%3D%3D&sq=0&rn=6&rbuf=0&pot=DyDapluXn3wSIOLWnDKYO8GkS5oiSKZYeDQh_p7pZBT0UB1XkLBYU-Vi-3oZMxEA-OL9V_1LAp7SX6YIiAymx_dXPGHCBv0G3yMsnk-EaA8ne71CzzzdQNJUmZKe9qhGw-r7xWo=
IP 209.85.226.8:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 4df8fcffecf246362e68f4ce86e12ce5
b7bb769750c12725c540eac566ae4b7984ec99e4
b2c8ca96928d815d4be27db225141a0c3ae6357d46d9331d3dab8848ccb8a6f5
GET /videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&cm2rm=sn-capm-vnae7l,sn-5gols7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ps&mm=34&mn=sn-5hnekn76&ms=ltu&mt=1663869808&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOPnm6CQcEpNu7QS0s03nvP2PfoDhdFkbS2CZKIRbwMSAiAmjmOQ78oqSR9LAxsgaSvQtTQTBhDEW8Z7OBNiqZo5eA%3D%3D&sq=0&rn=6&rbuf=0&pot=DyDapluXn3wSIOLWnDKYO8GkS5oiSKZYeDQh_p7pZBT0UB1XkLBYU-Vi-3oZMxEA-OL9V_1LAp7SX6YIiAymx_dXPGHCBv0G3yMsnk-EaA8ne71CzzzdQNJUmZKe9qhGw-r7xWo= HTTP/1.1
Host: rr3---sn-5hnekn76.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 24 Aug 2022 03:52:50 GMT
Content-Type: video/webm
Date: Thu, 22 Sep 2022 18:15:08 GMT
Expires: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 276
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr3---sn-5hnekn76.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=251&source=youtube&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=audio%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&gir=yes&clen=7265&otfp=1&dur=15.421&lmt=1651166146613959&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMHAkd-s2oSvvRAmO2cBGLcbtzUYj_ZdvWJnC5rhhyL-AiEAyiVhRFj_RtEIHBXLFI7uv7FAfin35grY5HuCbmUgmeY%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&cm2rm=sn-capm-vnae7l,sn-5gols7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ps&mm=34&mn=sn-5hnekn76&ms=ltu&mt=1663869808&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJicIZHyHq1WJ3zdqflT_wlrfDe9xVXRr2W3QnWsZ9LAAiEA5unUPP8Gkk_-mFaJ5-H-pH_Ko9KY_gGIUXOkvtHoxZ4%3D&range=0-7264&rn=5&rbuf=0&pot=DyDapluXn3wSIOLWnDKYO8GkS5oiSKZYeDQh_p7pZBT0UB1XkLBYU-Vi-3oZMxEA-OL9V_1LAp7SX6YIiAymx_dXPGHCBv0G3yMsnk-EaA8ne71CzzzdQNJUmZKe9qhGw-r7xWo=
209.85.226.8200 OK 7.3 kB URL HTTP/1.1 rr3---sn-5hnekn76.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=251&source=youtube&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=audio%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&gir=yes&clen=7265&otfp=1&dur=15.421&lmt=1651166146613959&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMHAkd-s2oSvvRAmO2cBGLcbtzUYj_ZdvWJnC5rhhyL-AiEAyiVhRFj_RtEIHBXLFI7uv7FAfin35grY5HuCbmUgmeY%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&cm2rm=sn-capm-vnae7l,sn-5gols7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ps&mm=34&mn=sn-5hnekn76&ms=ltu&mt=1663869808&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJicIZHyHq1WJ3zdqflT_wlrfDe9xVXRr2W3QnWsZ9LAAiEA5unUPP8Gkk_-mFaJ5-H-pH_Ko9KY_gGIUXOkvtHoxZ4%3D&range=0-7264&rn=5&rbuf=0&pot=DyDapluXn3wSIOLWnDKYO8GkS5oiSKZYeDQh_p7pZBT0UB1XkLBYU-Vi-3oZMxEA-OL9V_1LAp7SX6YIiAymx_dXPGHCBv0G3yMsnk-EaA8ne71CzzzdQNJUmZKe9qhGw-r7xWo=
IP 209.85.226.8:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 6673944bb90cb1feb66b12ea7954c70f
2f9b873a53ed6ce0413480833b03166b279d02d5
469df48d50345103b5c21a113edb0997e23ca4c81e0457e7a3a8ce2528d9eb0c
GET /videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=251&source=youtube&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=audio%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&gir=yes&clen=7265&otfp=1&dur=15.421&lmt=1651166146613959&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMHAkd-s2oSvvRAmO2cBGLcbtzUYj_ZdvWJnC5rhhyL-AiEAyiVhRFj_RtEIHBXLFI7uv7FAfin35grY5HuCbmUgmeY%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&cm2rm=sn-capm-vnae7l,sn-5gols7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ps&mm=34&mn=sn-5hnekn76&ms=ltu&mt=1663869808&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJicIZHyHq1WJ3zdqflT_wlrfDe9xVXRr2W3QnWsZ9LAAiEA5unUPP8Gkk_-mFaJ5-H-pH_Ko9KY_gGIUXOkvtHoxZ4%3D&range=0-7264&rn=5&rbuf=0&pot=DyDapluXn3wSIOLWnDKYO8GkS5oiSKZYeDQh_p7pZBT0UB1XkLBYU-Vi-3oZMxEA-OL9V_1LAp7SX6YIiAymx_dXPGHCBv0G3yMsnk-EaA8ne71CzzzdQNJUmZKe9qhGw-r7xWo= HTTP/1.1
Host: rr3---sn-5hnekn76.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 28 Apr 2022 17:15:46 GMT
Content-Type: audio/webm
Date: Thu, 22 Sep 2022 18:15:08 GMT
Expires: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 7265
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
yt3.ggpht.com/ytc/AMLnZu9u74UnnM6aqwYZzh9J48_Vg2rZ3I512tZRL37Ewg=s88-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 5.4 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9u74UnnM6aqwYZzh9J48_Vg2rZ3I512tZRL37Ewg=s88-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 88x88, components 3\012- data
Hash 61d51f5aa3f30f5f656ff7f083e265e5
c377129b44c3f7bf5cffbecd2533b79526d048c6
697516b14d7321cea1324b0236389b05d1f54ea0f5723b89cc2eac2248806879
GET /ytc/AMLnZu9u74UnnM6aqwYZzh9J48_Vg2rZ3I512tZRL37Ewg=s88-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vf0"
expires: Fri, 23 Sep 2022 18:15:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 22 Sep 2022 18:15:08 GMT
server: fife
content-length: 5371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rr3---sn-5hnekn76.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&cm2rm=sn-capm-vnae7l,sn-5gols7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ps&mm=34&mn=sn-5hnekn76&ms=ltu&mt=1663869808&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOPnm6CQcEpNu7QS0s03nvP2PfoDhdFkbS2CZKIRbwMSAiAmjmOQ78oqSR9LAxsgaSvQtTQTBhDEW8Z7OBNiqZo5eA%3D%3D&sq=1&rn=7&rbuf=0&pot=DyDapluXn3wSIOLWnDKYO8GkS5oiSKZYeDQh_p7pZBT0UB1XkLBYU-Vi-3oZMxEA-OL9V_1LAp7SX6YIiAymx_dXPGHCBv0G3yMsnk-EaA8ne71CzzzdQNJUmZKe9qhGw-r7xWo=
209.85.226.8200 OK 313 kB URL HTTP/1.1 rr3---sn-5hnekn76.googlevideo.com/videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&cm2rm=sn-capm-vnae7l,sn-5gols7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ps&mm=34&mn=sn-5hnekn76&ms=ltu&mt=1663869808&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOPnm6CQcEpNu7QS0s03nvP2PfoDhdFkbS2CZKIRbwMSAiAmjmOQ78oqSR9LAxsgaSvQtTQTBhDEW8Z7OBNiqZo5eA%3D%3D&sq=1&rn=7&rbuf=0&pot=DyDapluXn3wSIOLWnDKYO8GkS5oiSKZYeDQh_p7pZBT0UB1XkLBYU-Vi-3oZMxEA-OL9V_1LAp7SX6YIiAymx_dXPGHCBv0G3yMsnk-EaA8ne71CzzzdQNJUmZKe9qhGw-r7xWo=
IP 209.85.226.8:0
Size 313 kB (312886 bytes)
Hash 39e37f53f7b0e41ca6e3cd652dc6d40b
78b23c8c66d2b30e71af48d544c71a2d670b2c9c
0ec2bcf1b39ea25a5d49b4e0166dbd2319e3b5da360210f73def2ad9d9810a68
GET /videoplayback?expire=1663892108&ei=LKYsY_-1EsWSyQXpz6zADg&ip=91.90.42.154&id=o-AIwx0cKN9PRy25z4HeUgWpLnqLzEONk-vo2vSfkGjKlt&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=yR2vpy5-BVO-HTH9Ttuvsceh8DU9hms&vprv=1&mime=video%2Fwebm&ns=ELjOusNAqo7ABRlJ0hWFAIEI&otf=1&otfp=1&dur=0.000&lmt=1651166148460392&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=Kc41f2WpGXzB2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOMUa3Tfed832LhzD4MgiBI8HGyU69wBLq-2a-fSDjY7AiEA9m2uTNPBfGRwQryrFFngfaJ8A4sc3gPJw_JfmtHl6IU%3D&alr=yes&cpn=WSCLCEc6Ira2nT_u&cver=1.20220920.01.00&cm2rm=sn-capm-vnae7l,sn-5gols7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ps&mm=34&mn=sn-5hnekn76&ms=ltu&mt=1663869808&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOPnm6CQcEpNu7QS0s03nvP2PfoDhdFkbS2CZKIRbwMSAiAmjmOQ78oqSR9LAxsgaSvQtTQTBhDEW8Z7OBNiqZo5eA%3D%3D&sq=1&rn=7&rbuf=0&pot=DyDapluXn3wSIOLWnDKYO8GkS5oiSKZYeDQh_p7pZBT0UB1XkLBYU-Vi-3oZMxEA-OL9V_1LAp7SX6YIiAymx_dXPGHCBv0G3yMsnk-EaA8ne71CzzzdQNJUmZKe9qhGw-r7xWo= HTTP/1.1
Host: rr3---sn-5hnekn76.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 24 Aug 2022 03:52:50 GMT
Content-Type: video/webm
Date: Thu, 22 Sep 2022 18:15:08 GMT
Expires: Thu, 22 Sep 2022 18:15:08 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 312886
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js
194.1.147.13200 OK 0 B URL HTTP/2 edisonformation.fr/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edisonformation.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/x-javascript; charset=UTF-8
content-length: 25532
cache-control: public, max-age=31536000,public
expires: Thu, 21 Sep 2023 09:57:45 GMT
last-modified: Fri, 16 Sep 2022 14:55:00 GMT
etag: "1bb0d-63248e44-0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?display=swap&family=Roboto%3A300%2C400%2C300%2C400%2C300%2C400
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Roboto%3A300%2C400%2C300%2C400%2C300%2C400
IP 142.250.74.10:0
GET /css?display=swap&family=Roboto%3A300%2C400%2C300%2C400%2C300%2C400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 18:15:06 GMT
date: Thu, 22 Sep 2022 18:15:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CQuicksand%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CQuicksand%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CQuicksand%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 18:15:06 GMT
date: Thu, 22 Sep 2022 18:15:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
194.1.147.13200 OK 0 B URL HTTP/2 edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 194.1.147.13:0
ASN #210250 K Media Tech Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: edisonformation.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://edisonformation.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:15:06 GMT
content-type: application/font-woff2
content-length: 76764
cache-control: public, max-age=31536000,public
expires: Fri, 22 Sep 2023 18:15:06 GMT
last-modified: Wed, 21 Sep 2022 08:32:23 GMT
etag: "12bdc-632acc17-0;;;"
vary: Accept-Encoding
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2