faumainc.com/
104.193.143.234301 Moved Permanently 229 B IP 104.193.143.234:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 33373c8f870a94e69696ab4bcec696a9
5743d39067ccddfbe10150c8dc8e2d13fa2d14aa
a4f1e293afc70f6e3e383c438f70d9224d5e3c7a141d1f101306ea0a05125677
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 16 Dec 2022 03:46:05 GMT
Server: Apache
Location: https://faumainc.com/
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10667
Expires: Fri, 16 Dec 2022 06:43:52 GMT
Date: Fri, 16 Dec 2022 03:46:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8336
Expires: Fri, 16 Dec 2022 06:05:01 GMT
Date: Fri, 16 Dec 2022 03:46:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 16 Dec 2022 03:33:58 GMT
content-type: application/json
age: 727
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12007
Expires: Fri, 16 Dec 2022 07:06:12 GMT
Date: Fri, 16 Dec 2022 03:46:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sawjSmTAU2cB5BqJxtbhfPbN18Jf8H2NL8ZNN2C5n1NKH11AtHRDSrvAHsyUhJNVQM8afFf6f3o=
x-amz-request-id: 4QN7HZ2ENWHDGBFG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 16 Dec 2022 02:51:10 GMT
age: 3296
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 03:46:06 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 16 Dec 2022 03:08:00 GMT
age: 2286
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lightgallery/1.9.0/css/lightgallery.min.css
188.114.98.224200 OK 3.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/lightgallery/1.9.0/css/lightgallery.min.css
IP 188.114.98.224:0
File type ASCII text, with very long lines (21027), with no line terminators
Hash 654e0092276be3e43d5f47419c3b9232
d31f8a0b71665653be4c87e50227b50aa29a4ff3
a5f9138a60c172f525a3c6bc5e62b581c335813bb5208c0eb140eb678a391e42
GET /ajax/libs/lightgallery/1.9.0/css/lightgallery.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 03:46:06 GMT
content-type: text/css; charset=utf-8
content-length: 3339
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f86acc0-5223"
last-modified: Wed, 14 Oct 2020 07:46:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 23372
expires: Wed, 06 Dec 2023 03:46:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upZbajqUJY5nD1vVKvBT0M%2F5NhcMJG9SLEyK6LqSWXoDyqEWz2TnDMC9YjzIQ1rg0lqEVfSetwJoaFIn%2FS4z2x9iEWZaoyVN1oMMLMjk4CogCdkmf8jhbS1Hb3avVexGFG5TG0Xt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77a46e176ebdb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6c9f05fb499af4966a29ef3512602332
4b9a332ca18810028ea54c3b867feed1c49267e3
75342aaa31f02e9359554002a384b25bad7e12352bb89859068d07a62d4c2e2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 140
Cache-Control: max-age=98254
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Etag: "639ac640-117"
Expires: Sat, 17 Dec 2022 07:03:40 GMT
Last-Modified: Thu, 15 Dec 2022 07:01:20 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b9f0adeb27a19629aeff6f34de67f3ad
3876d1b871d7da6d18de23c2edb301eb30728066
c5744a90c8f66629aa2331465a32afe0d430b36d16fd98bc821e370f1b24463c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 802
Cache-Control: max-age=106456
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Etag: "639ae3b4-1d7"
Expires: Sat, 17 Dec 2022 09:20:22 GMT
Last-Modified: Thu, 15 Dec 2022 09:07:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
faumainc.com/assets/front/grid-gallery/jquery.scripttop.min.css
104.193.143.234200 OK 1.5 kB URL HTTP/2 faumainc.com/assets/front/grid-gallery/jquery.scripttop.min.css
IP 104.193.143.234:0
File type ASCII text, with very long lines (1509), with no line terminators
Hash a8c18e5cdb70f5701d53552100ad4763
539a2ab84f24525b3b39c65a9be247609b71f9e7
8edefcaa585efc6915fd740adb3c222dc5101992dd5cc02c58cf7aad3f02e193
GET /assets/front/grid-gallery/jquery.scripttop.min.css HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Sep 2020 12:59:38 GMT
accept-ranges: bytes
content-length: 1509
content-type: text/css
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6c9f05fb499af4966a29ef3512602332
4b9a332ca18810028ea54c3b867feed1c49267e3
75342aaa31f02e9359554002a384b25bad7e12352bb89859068d07a62d4c2e2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6593
Cache-Control: max-age=104707
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Etag: "639ac640-117"
Expires: Sat, 17 Dec 2022 08:51:13 GMT
Last-Modified: Thu, 15 Dec 2022 07:01:20 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
faumainc.com/assets/front/grid-gallery/lightbox.css
104.193.143.234200 OK 6.3 kB URL HTTP/2 faumainc.com/assets/front/grid-gallery/lightbox.css
IP 104.193.143.234:0
Hash 387eadffce778c179af1d46fdf8de031
bc2e78507911db036f58fd73aafaf426bba68e71
e1652253d606b2411067f3d95405195713249752683a034b4acc0b082da2062f
GET /assets/front/grid-gallery/lightbox.css HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Sep 2020 19:40:48 GMT
accept-ranges: bytes
content-length: 6340
content-type: text/css
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f8d21614a5f07dffe6f4fb52c6133ce1
aefac3c1cd05fd22634f71247cd4dd2e6fa1be88
b0f085491438d08c58906100ae4ddc2fea2e4b34b333c8f3a5a2258fdfd7a51e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
faumainc.com/assets/front/js/google.translate.js
104.193.143.234200 OK 1.7 kB URL HTTP/2 faumainc.com/assets/front/js/google.translate.js
IP 104.193.143.234:0
File type ASCII text, with very long lines (766), with CRLF line terminators
Hash 74b5c6471e9ceb308638e7c28ee488d1
796b3d7b3d6fa8e5fd337ed349e1b1a5c89ee801
9d9d6a89eb7e8aba7a071d39dafd4d525cd650c37a4f659644978012237c8cc8
Analyzer Verdict Alert fortinet Phishing
GET /assets/front/js/google.translate.js HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Sep 2020 21:55:56 GMT
accept-ranges: bytes
content-length: 1732
content-type: application/javascript
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lightgallery/1.9.0/js/lightgallery-all.min.js
188.114.98.224200 OK 12 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/lightgallery/1.9.0/js/lightgallery-all.min.js
IP 188.114.98.224:0
File type ASCII text, with very long lines (31964)
Hash ec5739c877eebf263bae8fd527d26b59
1c74ff1a768a4385f050065354281e2ae70791b2
17a1de9f2513d7a4c2758e5d4ce4ada9b3a46ecc8369f46c694d90edf0b5e4cd
GET /ajax/libs/lightgallery/1.9.0/js/lightgallery-all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 03:46:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 12012
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f86acc0-dc36"
last-modified: Wed, 14 Oct 2020 07:46:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 127555
expires: Wed, 06 Dec 2023 03:46:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCNyAmvZDBnkwvvzDQ8RA2oNZcYmtJBJeJMLU3jqLC%2BJPe3ZlI%2FDjgB4CCQbVIIBDS%2B771qFuuR9X%2BMxKO1JBRd9v%2F%2FEWu1WpUHfIVicJR%2BJAAi2mdEsEGxODvvvWJTUPkORwIwn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77a46e17aedfb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
151.101.65.229200 OK 2.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
IP 151.101.65.229:0
File type ASCII text, with very long lines (16263)
Hash bd3ea59ca12635e32402ec20cb196249
b1bfdaba4a00c2932245ff9eabea38016f9c9069
b99f8f79de257275fdbf6a8e0eb4652b0d69429552234b1f444c08ae85000341
GET /npm/select2@4.1.0-rc.0/dist/css/select2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.0-rc.0
x-jsd-version-type: version
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 16 Dec 2022 03:46:06 GMT
age: 22582872
x-served-by: cache-fra19146-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2162
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css
188.114.98.224200 OK 3.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css
IP 188.114.98.224:0
File type ASCII text, with very long lines (57790)
Hash ff6b787c5ff15f7b97e551a6d8a2849e
18229205ca4f08163d2abf04dfe21e01a4565248
dd1520af68e81f23c6cc87b999d755e3bf9075258121e621a9f51a51833248f0
GET /ajax/libs/animate.css/3.7.0/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 03:46:06 GMT
content-type: text/css; charset=utf-8
content-length: 3541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-e283"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 731458
expires: Wed, 06 Dec 2023 03:46:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5ZXdwe1EtzavbPFWq%2BmD0sfsCGqEP7GmlMxtt%2BaNbKCn7zJXa%2FouRvJX9EIU0v%2BY3lnlmmiLi9fwPjFqs9qloIrm9pnDG8tihTFKroj7xbpGhWANMu5yRIPFcAM936ULJeMoMkN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77a46e17bee2b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js
151.101.65.229200 OK 20 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js
IP 151.101.65.229:0
File type Unicode text, UTF-8 text, with very long lines (64127)
Hash 2ff9038e0ea149f83bacea6b898eef55
3930c67bc04d95145979becfea88e72fe99a25f0
49e5cc9c21a15e435371877c9b98450667b8e236d84df33d4b8ec182b7d5dd13
GET /npm/select2@4.1.0-rc.0/dist/js/select2.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.1.0-rc.0
x-jsd-version-type: version
etag: W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 16 Dec 2022 03:46:06 GMT
age: 16015701
x-served-by: cache-fra19130-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20012
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
151.101.65.229200 OK 7.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (21060)
Hash 1f61c1b15b25ba046056238766ff3a43
2b8db740e4e913e9dc87a6060dea2a6b17ad0ec8
fe78a2c604b4757dd5d114e0efb7e74c8f4acfe840bf6b6c01517205744a7648
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://faumainc.com
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.1
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 16 Dec 2022 03:46:06 GMT
age: 17452572
x-served-by: cache-fra19126-FRA, cache-bma1637-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7503
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
216.58.207.234200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 00:55:30 GMT
expires: Fri, 15 Dec 2023 00:55:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 96636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash e00080045860b059252cda45a9a6239d
dbcee023c6284155a42d50a20c59af0c78ec55ea
7e7bd341ec4d232c23fe8bcf6745e80b2427f02e536812831d8f927de2835c45
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 03:46:06 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2F546CDBABE1CB617F8EF709CF2488696626C93B"
Expires: Fri, 16 Dec 2022 15:00:00 GMT
Last-Modified: Fri, 16 Dec 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1697
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77a46e182a96b4f3-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6c9f05fb499af4966a29ef3512602332
4b9a332ca18810028ea54c3b867feed1c49267e3
75342aaa31f02e9359554002a384b25bad7e12352bb89859068d07a62d4c2e2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 95
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Last-Modified: Fri, 16 Dec 2022 03:44:31 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
faumainc.com/assets/front/js/sweet-alert.min.js
104.193.143.234200 OK 41 kB URL HTTP/2 faumainc.com/assets/front/js/sweet-alert.min.js
IP 104.193.143.234:0
File type ASCII text, with very long lines (40808), with no line terminators
Hash f3b8ce97ff6ce324da6232da353adf40
2a3daabc70232c6350ab48d32605dc4a6ac1f1fa
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
Analyzer Verdict Alert fortinet Phishing
GET /assets/front/js/sweet-alert.min.js HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Sep 2020 23:44:00 GMT
accept-ranges: bytes
content-length: 40808
content-type: application/javascript
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/owl-carousel/owl.carousel.min.css
104.193.143.234200 OK 3.4 kB URL HTTP/2 faumainc.com/assets/front/owl-carousel/owl.carousel.min.css
IP 104.193.143.234:0
File type ASCII text, with very long lines (3184)
Hash b2752a850d44f50036628eeaef3bfcfa
fba46353cf90450ef3d362a123f1e7af3e8c561e
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
GET /assets/front/owl-carousel/owl.carousel.min.css HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 22 Apr 2018 05:22:10 GMT
accept-ranges: bytes
content-length: 3351
content-type: text/css
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7ded1896628f431acd2e4a3d10ea3142
ad603e2b43da4629ede29f9f193ae5df09f3cbb8
dd4d3d2048b29affb30ddbbcf8112131cecdb15b0030a612c1d99cce54ab0132
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.253.52101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.253.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HFBT7ip4yqK78bsR04YVSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fGtLTwFk6iOer3K3LUnx4Uh+CyI=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 371baf8f9095ee3dd632a9ca15da8c7c
6300df62d8650fb94442fdbaa9b12acd4abcddfd
961dba83ddd0cf1c1c7028687f4b5ffb98dc8609045a8f73ea59e49ebfbe5a1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 371baf8f9095ee3dd632a9ca15da8c7c
6300df62d8650fb94442fdbaa9b12acd4abcddfd
961dba83ddd0cf1c1c7028687f4b5ffb98dc8609045a8f73ea59e49ebfbe5a1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7ded1896628f431acd2e4a3d10ea3142
ad603e2b43da4629ede29f9f193ae5df09f3cbb8
dd4d3d2048b29affb30ddbbcf8112131cecdb15b0030a612c1d99cce54ab0132
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
faumainc.com/assets/front/grid-gallery/GridHorizontal.js
104.193.143.234200 OK 4.5 kB URL HTTP/2 faumainc.com/assets/front/grid-gallery/GridHorizontal.js
IP 104.193.143.234:0
File type ASCII text, with CRLF line terminators
Hash 64990d5c312908f110db2caa6ae524ed
86347f770fded3410be29536aee3f2993eb5cd2b
1285914f30a352225daad31c34ed23e012c354cbc1b6143d604d00f70f8aadf5
Analyzer Verdict Alert fortinet Phishing
GET /assets/front/grid-gallery/GridHorizontal.js HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Sep 2020 20:04:20 GMT
accept-ranges: bytes
content-length: 4463
content-type: application/javascript
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/js/main.js
104.193.143.234200 OK 5.1 kB URL HTTP/2 faumainc.com/assets/front/js/main.js
IP 104.193.143.234:0
File type ASCII text, with CRLF line terminators
Hash 6fb721dec2ac73dea6a8683b2d83feaf
cd7727900fbb3c395751fbf10b26f18a929bde04
264ef0ffc71e30ffd3528ae15ff891040f91642da8ae7a82b7ceb32b3610e53f
Analyzer Verdict Alert fortinet Phishing
GET /assets/front/js/main.js HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Nov 2021 21:58:20 GMT
accept-ranges: bytes
content-length: 5066
content-type: application/javascript
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/fonts/fontawesome/css/all.css
104.193.143.234200 OK 73 kB URL HTTP/2 faumainc.com/assets/front/fonts/fontawesome/css/all.css
IP 104.193.143.234:0
Hash 4dce5bbb129034eed4e25f00baabd8b3
69decc19da92dc2bd864265f16fd737d95e55ad6
1e628a2b756298c0c23863d3c759a9ff921a8a9e8158c672e473212dcfb8a3d1
GET /assets/front/fonts/fontawesome/css/all.css HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jul 2020 02:59:48 GMT
accept-ranges: bytes
content-length: 73117
content-type: text/css
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/s/player/a0703e0f/www-player.css
216.58.207.206200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/a0703e0f/www-player.css
IP 216.58.207.206:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 12c224a05a50ec216eb026a7ddd40dfa
5e7c6908c414efae1db8803dc3e0e768f4583b67
e9a2f274c08edbcc81e33d35dc28013c9c17672b6af0249b3dd3d21048963777
GET /s/player/a0703e0f/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/44Wp3WE1AHs?loop=1&rel=1&controls=1&showinfo=0?cc_load_policy=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49901
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 15:54:14 GMT
expires: Thu, 14 Dec 2023 15:54:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Dec 2022 01:16:44 GMT
content-type: text/css
age: 129113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
faumainc.com/assets/front/grid-gallery/imagesloaded.pkgd.min.js
104.193.143.234200 OK 5.6 kB URL HTTP/2 faumainc.com/assets/front/grid-gallery/imagesloaded.pkgd.min.js
IP 104.193.143.234:0
File type ASCII text, with very long lines (5477), with CRLF line terminators
Hash 81545aed80e2c8b710b729bea178621b
049173b82e68c40492961bb95ddacefb44eab680
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc
Analyzer Verdict Alert fortinet Phishing
GET /assets/front/grid-gallery/imagesloaded.pkgd.min.js HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Sep 2020 18:31:44 GMT
accept-ranges: bytes
content-length: 5600
content-type: application/javascript
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/css/style.css
104.193.143.234200 OK 97 kB URL HTTP/2 faumainc.com/assets/front/css/style.css
IP 104.193.143.234:0
File type ASCII text, with CRLF line terminators
Hash 88e45801292e9477c0beb238631eb225
1c9c867651d2f64ea5faa2727d127869695c3fc1
4089d4cd99230277a363946195376739e994eb08ec6ef9373ccdf99274b6b442
GET /assets/front/css/style.css HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Nov 2021 03:10:06 GMT
accept-ranges: bytes
content-length: 96876
content-type: text/css
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 371baf8f9095ee3dd632a9ca15da8c7c
6300df62d8650fb94442fdbaa9b12acd4abcddfd
961dba83ddd0cf1c1c7028687f4b5ffb98dc8609045a8f73ea59e49ebfbe5a1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
142.250.74.106200 OK 3.6 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
IP 142.250.74.106:0
Hash 45cd6e72eca8b172d2f6ae9556f4cabd
06ca9a8efcf0733a96c7196eaa2e65569191a877
ac75c5202139acdc1e92699d5743684c1c22e98086145c44427451c0c75d27e9
GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Dec 2022 03:46:06 GMT
date: Fri, 16 Dec 2022 03:46:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
faumainc.com/assets/front/logo/footer-logo-vt.png
104.193.143.234200 OK 3.6 kB URL HTTP/2 faumainc.com/assets/front/logo/footer-logo-vt.png
IP 104.193.143.234:0
File type PNG image data, 320 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 3073ac5cab00b6f7622d289831c954cd
6c13e3998be5efe1feab7bce32ec75aae099bfec
acc5fecb2ec03a116dfc565d219e97ba0bb4e536b5338c1c921caa2f055a3cf8
GET /assets/front/logo/footer-logo-vt.png HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Sep 2020 04:19:42 GMT
accept-ranges: bytes
content-length: 3559
content-type: image/png
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/image/recognized-by/3.png
104.193.143.234200 OK 5.9 kB URL HTTP/2 faumainc.com/assets/front/image/recognized-by/3.png
IP 104.193.143.234:0
File type PNG image data, 200 x 62, 8-bit colormap, non-interlaced\012- data
Hash 363d6cb57eef39376cc72798ac6b73f3
4f7d2a72beccbe1a02b46b54604f101872d638dc
a980e4c3aeaca824390d67b4dc1962636cd9205b3d6da3e24ae5f6b47bac0c15
GET /assets/front/image/recognized-by/3.png HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Sep 2020 21:22:12 GMT
accept-ranges: bytes
content-length: 5854
content-type: image/png
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/image/fb.png
104.193.143.234200 OK 5.6 kB URL HTTP/2 faumainc.com/assets/front/image/fb.png
IP 104.193.143.234:0
File type PNG image data, 117 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash e1932ba7648aee1e3aa695164216b065
2c5e974f34363a21ef70442af120b58835c78a70
d67d9cc7151ffe8b1578d5ea67a544636f163e532afc57306d8f82b3aa80ca6e
GET /assets/front/image/fb.png HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Dec 2020 21:43:08 GMT
accept-ranges: bytes
content-length: 5595
content-type: image/png
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/owl-carousel/owl.carousel.min.js
104.193.143.234200 OK 44 kB URL HTTP/2 faumainc.com/assets/front/owl-carousel/owl.carousel.min.js
IP 104.193.143.234:0
File type ASCII text, with very long lines (31997)
Hash f416f9031fef25ae25ba9756e3eb6978
e2a600e433df72b4cfde93d7880e3114917a3cbe
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Analyzer Verdict Alert fortinet Phishing
GET /assets/front/owl-carousel/owl.carousel.min.js HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 22 Apr 2018 05:22:10 GMT
accept-ranges: bytes
content-length: 44342
content-type: application/javascript
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/image/recognized-by/4.jpg
104.193.143.234200 OK 7.1 kB URL HTTP/2 faumainc.com/assets/front/image/recognized-by/4.jpg
IP 104.193.143.234:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 197x197, segment length 16, baseline, precision 8, 148x56, components 3\012- data
Hash 754cbf60d823ab3e4ff9d105aff98862
f3f576e89f00f92973557550eea995b27fce6dce
43bb346b6a4fa17b922f8bdcdc9ee6def3eecad739a2334fd32bc947c63382b7
GET /assets/front/image/recognized-by/4.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Sep 2020 05:15:54 GMT
accept-ranges: bytes
content-length: 7061
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/image/recognized-by/8.png
104.193.143.234200 OK 8.3 kB URL HTTP/2 faumainc.com/assets/front/image/recognized-by/8.png
IP 104.193.143.234:0
File type PNG image data, 184 x 69, 8-bit/color RGB, non-interlaced\012- data
Hash db67db9e29f391890800ea2f3e444af5
1b8592123081a6585d5433bf9a9c9e99341f8775
dbc9eb4ff517949cfe8961fd8977b51add7ac14bbe436c2690a1f9ed613f4954
GET /assets/front/image/recognized-by/8.png HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Dec 2020 20:14:14 GMT
accept-ranges: bytes
content-length: 8315
content-type: image/png
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/grid-gallery/lightbox.js
104.193.143.234200 OK 64 kB URL HTTP/2 faumainc.com/assets/front/grid-gallery/lightbox.js
IP 104.193.143.234:0
File type Unicode text, UTF-8 text, with very long lines (905), with CRLF, LF line terminators
Hash 2f48edd259857e4f5e0e6c2d2ce46aa6
ae0eebb369c38c269eb56956555b2fe491d81039
a5a18ce4c50ad8b2754ad79db73a38a53d657e907f84bf2c5829b2f7e0b5868a
Analyzer Verdict Alert fortinet Phishing
GET /assets/front/grid-gallery/lightbox.js HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Sep 2020 13:53:46 GMT
accept-ranges: bytes
content-length: 64350
content-type: application/javascript
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/image/recognized-by/7.png
104.193.143.234200 OK 10 kB URL HTTP/2 faumainc.com/assets/front/image/recognized-by/7.png
IP 104.193.143.234:0
File type PNG image data, 184 x 69, 8-bit/color RGB, non-interlaced\012- data
Hash 7984d5743a95da3426a6b28110a9ae10
2074dc62eb3846cbc4f41cdf98ba7c8cdc779d7c
07b4c1d95a28d63317695971e7c58d71d5652d4b168eccd19ce10be46a1ef8fd
GET /assets/front/image/recognized-by/7.png HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Dec 2020 20:15:00 GMT
accept-ranges: bytes
content-length: 10147
content-type: image/png
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/header-footer/img_1636733295_618e916f7bc51.png
104.193.143.234200 OK 11 kB URL HTTP/2 faumainc.com/upload/header-footer/img_1636733295_618e916f7bc51.png
IP 104.193.143.234:0
File type PNG image data, 350 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 47e5ed377835388709854758c88c965e
942c37411c8cef3b881e4873bbae78d1c4ab2e40
9679669178a0fa94365f520949045082afac56ab9dfffcd8912ded940de57ace
GET /upload/header-footer/img_1636733295_618e916f7bc51.png HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Nov 2021 03:08:16 GMT
accept-ranges: bytes
content-length: 11005
content-type: image/png
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/image/recognized-by/10.png
104.193.143.234200 OK 10 kB URL HTTP/2 faumainc.com/assets/front/image/recognized-by/10.png
IP 104.193.143.234:0
File type PNG image data, 80 x 69, 8-bit/color RGB, non-interlaced\012- data
Hash 83891301a44a7548af882e2f037c3fcb
9e511d70bd54acf0c0ced0a975995ff79b795b6f
e1d45d3186fe7219d8917098f645097ee869628873e991a81e433d0904b39392
GET /assets/front/image/recognized-by/10.png HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Dec 2020 21:47:56 GMT
accept-ranges: bytes
content-length: 10541
content-type: image/png
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/header-footer/img_1636733451_618e920bbccf6.png
104.193.143.234200 OK 11 kB URL HTTP/2 faumainc.com/upload/header-footer/img_1636733451_618e920bbccf6.png
IP 104.193.143.234:0
File type PNG image data, 350 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 47e5ed377835388709854758c88c965e
942c37411c8cef3b881e4873bbae78d1c4ab2e40
9679669178a0fa94365f520949045082afac56ab9dfffcd8912ded940de57ace
GET /upload/header-footer/img_1636733451_618e920bbccf6.png HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Nov 2021 03:10:52 GMT
accept-ranges: bytes
content-length: 11005
content-type: image/png
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/client-review/img_1636278706_6187a1b27e5d.jpg
104.193.143.234200 OK 12 kB URL HTTP/2 faumainc.com/upload/client-review/img_1636278706_6187a1b27e5d.jpg
IP 104.193.143.234:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 225x225, components 3\012- data
Hash 49f5c5e5e5a73eb869002d3d8ae52d9d
4de8b3187a4ab846a559971d122652a90cbb7713
b2afc22a132f7ea78e1c49e9e0b07e43ced7f3178fa9816739b46fe6aaa5a201
GET /upload/client-review/img_1636278706_6187a1b27e5d.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Nov 2021 20:51:48 GMT
accept-ranges: bytes
content-length: 12451
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/client-review/img_1636278706_6187a1b27e5da.jpg
104.193.143.234200 OK 12 kB URL HTTP/2 faumainc.com/upload/client-review/img_1636278706_6187a1b27e5da.jpg
IP 104.193.143.234:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 225x225, components 3\012- data
Hash 49f5c5e5e5a73eb869002d3d8ae52d9d
4de8b3187a4ab846a559971d122652a90cbb7713
b2afc22a132f7ea78e1c49e9e0b07e43ced7f3178fa9816739b46fe6aaa5a201
GET /upload/client-review/img_1636278706_6187a1b27e5da.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Nov 2021 20:51:48 GMT
accept-ranges: bytes
content-length: 12451
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/assets/front/image/recognized-by/9.png
104.193.143.234200 OK 14 kB URL HTTP/2 faumainc.com/assets/front/image/recognized-by/9.png
IP 104.193.143.234:0
File type PNG image data, 184 x 69, 8-bit/color RGB, non-interlaced\012- data
Hash 3641b1e0452ca6fb5cf1d5d5fe36b4a8
03ce309934778a0e0a0a9734faeb2a623622e505
dcadf96eab9b36db2cfa6b30eb19fd6efa4b45ec057972aad68fdd3426f836e9
GET /assets/front/image/recognized-by/9.png HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Dec 2020 22:17:14 GMT
accept-ranges: bytes
content-length: 13458
content-type: image/png
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/service-photo/img_1636868006_61909fa66ef58.jpg
104.193.143.234200 OK 25 kB URL HTTP/2 faumainc.com/upload/service-photo/img_1636868006_61909fa66ef58.jpg
IP 104.193.143.234:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 485x321, components 3\012- data
Hash 7a1b747dbaa643fb469c3846c6f1240b
b4832aa9cb4eb992f4c4887ac44a4da5005d8dcc
713f0619d4fe1a1f339494aa0bc30f10e578aeec6aeccda6cd711813b521c1a3
GET /upload/service-photo/img_1636868006_61909fa66ef58.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 14 Nov 2021 05:33:26 GMT
accept-ranges: bytes
content-length: 25284
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/slider-image/img_1637007138_6192bf2280e4b.jpg
104.193.143.234200 OK 52 kB URL HTTP/2 faumainc.com/upload/slider-image/img_1637007138_6192bf2280e4b.jpg
IP 104.193.143.234:0
File type PNG image data, 1920 x 686, 8-bit/color RGB, non-interlaced\012- data
Hash 3966570456936bee04721237f8c8e0e9
aa5cf9ffb5f00120e602b81e014b64b79038c533
58c0bb5952256e4ac90eb8fcc821235552990057ec577d463ba8beabedbe4edd
GET /upload/slider-image/img_1637007138_6192bf2280e4b.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 20:12:18 GMT
accept-ranges: bytes
content-length: 52367
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/service-photo/img_1637006935_6192be57e469c.jpg
104.193.143.234200 OK 62 kB URL HTTP/2 faumainc.com/upload/service-photo/img_1637006935_6192be57e469c.jpg
IP 104.193.143.234:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 820x536, components 3\012- data
Hash af06c3ec6fcc53fec7ef2b1a0849a144
27f39db6298e17ae8faf0c82bbb458d6d960cd70
87c73d9925bc064738d8744963a395762fc1865ce310998037c1b3016beaf6bd
GET /upload/service-photo/img_1637006935_6192be57e469c.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 20:08:55 GMT
accept-ranges: bytes
content-length: 62339
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/slider-image/img_1636856668_6190735c58b66.jpg
104.193.143.234200 OK 88 kB URL HTTP/2 faumainc.com/upload/slider-image/img_1636856668_6190735c58b66.jpg
IP 104.193.143.234:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x570, components 3\012- data
Hash 302237ba19ed3e416442289bf9ee2e7e
129cf94f0b573dbc3905227bf1eb5f5ba89c8edd
7ca2a7003556e51423cf8cd0884d60ea1c01cc4ee0796a75307367752f214ab1
GET /upload/slider-image/img_1636856668_6190735c58b66.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 14 Nov 2021 02:24:28 GMT
accept-ranges: bytes
content-length: 88545
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/slider-image/img_1637006352_6192bc1039a00.jpg
104.193.143.234200 OK 199 kB URL HTTP/2 faumainc.com/upload/slider-image/img_1637006352_6192bc1039a00.jpg
IP 104.193.143.234:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [\012- TIFF image data, big-endian, direntries=3, software=Adobe Photoshop CC 2014 (Windows)], baseline, precision 8, 1440x570, components 3\012- data
Size 199 kB (199053 bytes)
Hash 8f2dd26916664dff891ba0ca9890adc7
5f4226130b47dacc50389a05cb0679237b464165
931aa9e499cfc6c28ca1e7d81737116c6a1f1d42786a569acc01513f92f8f926
GET /upload/slider-image/img_1637006352_6192bc1039a00.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 19:59:12 GMT
accept-ranges: bytes
content-length: 199053
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/slider-image/img_1637006478_6192bc8e8a633.jpg
104.193.143.234200 OK 212 kB URL HTTP/2 faumainc.com/upload/slider-image/img_1637006478_6192bc8e8a633.jpg
IP 104.193.143.234:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x570, components 3\012- data
Size 212 kB (211881 bytes)
Hash 17d984518c6f921feba6c6c1e79b8657
d58a188611a036cf37bce8ce940c0e935dc1227d
0d5f147e2568523509641661e61327783e469b0567c16103226a0419c02aa3a9
GET /upload/slider-image/img_1637006478_6192bc8e8a633.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 20:01:18 GMT
accept-ranges: bytes
content-length: 211881
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/slider-image/img_1637006441_6192bc695a9de.jpg
104.193.143.234200 OK 252 kB URL HTTP/2 faumainc.com/upload/slider-image/img_1637006441_6192bc695a9de.jpg
IP 104.193.143.234:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x570, components 3\012- data
Size 252 kB (251585 bytes)
Hash 5637fbc2591dd96aefaab2e0544d3618
39cfad4c9207e8b0b990d7b60b8647e39375ab69
5f4dd27cdb238266dd07aac82a664c764c1bd48b00d0159077bfda99a512a03e
GET /upload/slider-image/img_1637006441_6192bc695a9de.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 20:00:41 GMT
accept-ranges: bytes
content-length: 251585
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/slider-image/img_1636853921_619068a1045b7.jpg
104.193.143.234200 OK 249 kB URL HTTP/2 faumainc.com/upload/slider-image/img_1636853921_619068a1045b7.jpg
IP 104.193.143.234:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2200x1086, components 3\012- data
Size 249 kB (249122 bytes)
Hash abc71f8bf3d86efb2d5e9d158281ae94
3a2006aef77d5d099f50f132803a65c52db817fb
21b401d527641c4c50d07b91ab8624550330aaba23022b50e3577fbc33fbc79f
GET /upload/slider-image/img_1636853921_619068a1045b7.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 14 Nov 2021 01:38:41 GMT
accept-ranges: bytes
content-length: 249122
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/service-photo/img_1636867922_61909f52f2dea.jpg
104.193.143.234200 OK 327 kB URL HTTP/2 faumainc.com/upload/service-photo/img_1636867922_61909f52f2dea.jpg
IP 104.193.143.234:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 849x565, components 3\012- data
Size 327 kB (326641 bytes)
Hash 8c7a22fb8a7a46a41b75e38bc0995be5
f76e9340f128d1588eae23a1cb3eeeeed3c9e0eb
8bdea4595a0a800c81fe640860fc30ebcd98efc7bb26cd1ae097a0b3709abffd
GET /upload/service-photo/img_1636867922_61909f52f2dea.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 14 Nov 2021 05:32:02 GMT
accept-ranges: bytes
content-length: 326641
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/slider-image/img_1636852271_6190622f512b5.jpg
104.193.143.234200 OK 553 kB URL HTTP/2 faumainc.com/upload/slider-image/img_1636852271_6190622f512b5.jpg
IP 104.193.143.234:0
File type PNG image data, 927 x 414, 8-bit/color RGB, non-interlaced\012- data
Size 553 kB (553264 bytes)
Hash 3e6356963b54eae937750b4d6eb26e45
11b38c805266b8297d317d147f69590cfc6ad964
33a902ff63cb8325ed7b19f751e77de8e1152b332e814ea4358b35355868e829
GET /upload/slider-image/img_1636852271_6190622f512b5.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 14 Nov 2021 01:11:11 GMT
accept-ranges: bytes
content-length: 553264
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://faumainc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:34:15 GMT
expires: Thu, 14 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 115912
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://faumainc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:33:56 GMT
expires: Thu, 14 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 115931
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/EoTVtB-cSps?loop=1&rel=1&controls=1&showinfo=0?cc_load_policy=0
216.58.207.206200 OK 42 kB URL HTTP/2 www.youtube.com/embed/EoTVtB-cSps?loop=1&rel=1&controls=1&showinfo=0?cc_load_policy=0
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 05ac969b3a435f0043b124c52131ed27
8a664d91c68bd8bbd77c7fc75feefb03499440db
0faa55a15e32d9df8620dce40161dc6e58f360df7d446fddad43ef9e2ed0d4fc
GET /embed/EoTVtB-cSps?loop=1&rel=1&controls=1&showinfo=0?cc_load_policy=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Dec 2022 03:46:07 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Nk3quxDZhEY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=mYOC7v95FeU; Domain=.youtube.com; Expires=Wed, 14-Jun-2023 03:46:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+997; expires=Sun, 15-Dec-2024 03:46:06 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 16:40:43 GMT
expires: Fri, 15 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 39924
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://faumainc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:33:54 GMT
expires: Thu, 14 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 115933
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://faumainc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:13 GMT
expires: Sat, 09 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 569574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/44Wp3WE1AHs?loop=1&rel=1&controls=1&showinfo=0?cc_load_policy=0
216.58.207.206200 OK 109 kB URL HTTP/2 www.youtube.com/embed/44Wp3WE1AHs?loop=1&rel=1&controls=1&showinfo=0?cc_load_policy=0
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Size 109 kB (108841 bytes)
Hash de2f6a0182123ea4c906c7a97ac7e8ef
c7c33a35aaa0cc3265aaa5dd9ce31cec8bd7945f
51dd6dc8021021fe6bc849183282ce6cff181941ac9eee145032224cd8c43d79
GET /embed/44Wp3WE1AHs?loop=1&rel=1&controls=1&showinfo=0?cc_load_policy=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Dec 2022 03:46:07 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=EWn0YaC7U2c; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=-mOulDromAk; Domain=.youtube.com; Expires=Wed, 14-Jun-2023 03:46:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+937; expires=Sun, 15-Dec-2024 03:46:06 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
188.114.99.224200 OK 38 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
IP 188.114.99.224:0
File type ASCII text, with very long lines (65326)
Hash daf4d6897e1cc838018dd12af5342971
ec187ccce4b5f8909cd0f4cca3b26ac10303a620
4638b2487734c9a55f4a7b93f00c0a7c98ac4bef3c3b59d84ecb80f40e96c2fc
GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://faumainc.com
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 03:46:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 10/04/2022 16:29:47
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d58907fc785d3500c83a01e49858222a
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77a46e17ab66b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
faumainc.com/upload/header-footer/img_1636733257_618e9149346e2.png
104.193.143.234200 OK 3.4 kB URL HTTP/2 faumainc.com/upload/header-footer/img_1636733257_618e9149346e2.png
IP 104.193.143.234:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 0069258d96066d66e40297c47f5d4908
d48aee935dac558672d1e19ee728fc0a4fe9aa3f
464c91c64fcb6ac6303c3ccbb8086ab8ef2a039be094507512b562e513223cc9
GET /upload/header-footer/img_1636733257_618e9149346e2.png HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Nov 2021 03:07:38 GMT
accept-ranges: bytes
content-length: 3350
content-type: image/png
date: Fri, 16 Dec 2022 03:46:07 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 555d5f8ec20f82dee19df8138d5e4089
1afc389f7bd05c154890d93c835fe7fb7e09a109
58775b6c6b1471ca0e71cc02bc7ca6bcc62405f6c3d358082adb02504e3376fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 03:36:04 GMT
expires: Fri, 16 Dec 2022 03:51:04 GMT
cache-control: public, max-age=900
age: 604
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 16 Dec 2022 03:46:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 16 Dec 2022 03:46:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 555d5f8ec20f82dee19df8138d5e4089
1afc389f7bd05c154890d93c835fe7fb7e09a109
58775b6c6b1471ca0e71cc02bc7ca6bcc62405f6c3d358082adb02504e3376fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64e4713c6a6c50b04568b649c8c75ee4
f5ab3abfd798fe68af2b608d2dfba492675d0cb1
65305e9bbdb4ff07a4fccb67598d03d9648afd0d984645c85e62fdc1af6f5ba2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 16 Dec 2022 03:46:08 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 30 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 42b5a4828c17615ef8d6232aa3df9b62
e73da08affa15e40613301b313d5a1a72531b9cd
b806ec27fe75e31988528d86a7f0b8ff642b4532e3d1a80aebadb4ee93b39e66
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 16 Dec 2022 03:46:08 GMT
server: ESF
cache-control: private
content-length: 30541
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2923
Expires: Fri, 16 Dec 2022 04:34:51 GMT
Date: Fri, 16 Dec 2022 03:46:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2923
Expires: Fri, 16 Dec 2022 04:34:51 GMT
Date: Fri, 16 Dec 2022 03:46:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2923
Expires: Fri, 16 Dec 2022 04:34:51 GMT
Date: Fri, 16 Dec 2022 03:46:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2923
Expires: Fri, 16 Dec 2022 04:34:51 GMT
Date: Fri, 16 Dec 2022 03:46:08 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d8728b37979eb7ff6c3ad5a96091d4ce
988859950d480caa2fe23e14d5f29df17827dc6d
a33db1e064a2e10cb01ecc3184b4f65f134f93a10647c67602bfcea6d0c56740
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15091f4c-2105-4edd-b96f-b5940e3ba64a.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15091f4c-2105-4edd-b96f-b5940e3ba64a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6687764dac3b78ac0875863d82d1c43
cf0b4f1a944611c48d6880fad9e6e8f59f4ede85
891d55811df9c641d6661226a40eaed5ca69478d13037c6d36d4b05e66cbd09a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15091f4c-2105-4edd-b96f-b5940e3ba64a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7626
x-amzn-requestid: c645ee0a-505b-4d4c-92d9-97e6478a6f6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRNQHhsoAMFR1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9587-6d1dbf0f75a3eb86447ea1ed;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nAAGytoUBz85kCx2laWIg2Uph14YBoBrQsXCsF9giKy0LaxEbuUy8Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:15:46 GMT
age: 19822
etag: "cf0b4f1a944611c48d6880fad9e6e8f59f4ede85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d9d95001bfc942895a41fb4bbd50c56
67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9
042c3809a802ef44ff6de8a270194cdf69cc3ba9d8f5192110dda7829d2d52d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5710
x-amzn-requestid: 9e587daa-7632-4765-a8c5-6cea13058bac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJEp6IAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-63c04fa4691c32f914301a3d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qj7aKHjYDmSpAkdiFXcYQ5fL2bIwo2KEYkDvvKo-_YBToKJVM2GWng==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:12:29 GMT
age: 20019
etag: "67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c89c607de35e59fa4b8f79762af0f269
362e1b907abcaccb16b3750c21ed04e4fa91f04c
7b9a28ad984bc7544d0798ff38cf8e1ce9f2f21a0112c18ee127a7566ba683e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5791
x-amzn-requestid: 2fb8518c-1fe3-426e-94ed-eea686005473
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRKYHeoIAMFgKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9575-0e312c40469090d033c6fc6a;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6olOOvZFj56PITpWNzTgBluV3ax4I4WaJdqPJR_XigifUWYFKhOuaQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:00:51 GMT
etag: "362e1b907abcaccb16b3750c21ed04e4fa91f04c"
content-type: image/jpeg
age: 20717
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35786)
Hash ab1d51e6cf1d842260dab25a4332649c
0c814f9168dff9647a797787c2109a568904fedb
4b4e6a92912d486accd192aec1f4ba5ffee3658019c01e98199976a192941f09
GET /js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 15:29:55 GMT
expires: Thu, 14 Dec 2023 15:29:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 130573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce463890-21e1-4f66-9e83-55a0b1f4cdb4.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce463890-21e1-4f66-9e83-55a0b1f4cdb4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15ed7eaf6a31427864e97802a56a4833
ebcc35a17e229b4cdc3507dc9bfd5e76f176f353
3c73b5a7f669d501456b9979e45661e8c468d93767560a20c6769e26f78567e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce463890-21e1-4f66-9e83-55a0b1f4cdb4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6667
x-amzn-requestid: 319440af-a363-41c4-a839-9473a0342698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQKFJzoAMFaIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-60b281d84363326d472a663c;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2EQbb7AVIS9HAEgZBhARFGEAqs9MALYHAkfsyxrCb2Gd1QF8Op_EpA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 21:56:47 GMT
age: 20961
etag: "ebcc35a17e229b4cdc3507dc9bfd5e76f176f353"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7368b60db0458b59ffc968f09b85fdd5
f359f9799d0f0dc7dccfbadeaf922b4050a5e692
26aa7f684080dace9064fc7973c6a5761985c69e73373fb24c644ab2efe26c54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12482
x-amzn-requestid: edd7e693-4c4a-4203-8b12-c044825947bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRJvGAUIAMF1gA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9571-151a50943b420ba86ab61dda;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2_hiNnfY5YgkEcpyudYVs_Hwtj-XQG-kkNbOo9BctRm6Hj3rSDIPOw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 21:46:51 GMT
age: 21557
etag: "f359f9799d0f0dc7dccfbadeaf922b4050a5e692"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.35200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.35:0
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 569577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 18:33:08 GMT
expires: Fri, 15 Dec 2023 18:33:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 33180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2cbde49c28ba1915fa5c8584ee9668b2
9e1791bac9c23f5d91960378a6a9ae586f86f503
bd7285690a03950af52bc6e1c51598abe33da5e4ad7313b4e6b41b437532a0fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 459b0e2e1e84a27321aadac6d5784344
47a0fdd5656516fa4c982fb490297439516036fc
7293dacbdb3e84808a3e7030e069f39ee21c245db078cbc849236516b0b6c9af
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 16 Dec 2022 03:46:08 GMT
server: ESF
cache-control: private
content-length: 30701
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6a5856e313c453b220b7f7473f348b9b
8e85a7a18222023fadc28abd9d485cb0f7c6ec9d
9ee803de7680a72d4f74f034ff15e8f7fca61147cf071db05d37e7b5806e5f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/44Wp3WE1AHs/sddefault.jpg
142.250.74.182200 OK 66 kB URL HTTP/2 i.ytimg.com/vi/44Wp3WE1AHs/sddefault.jpg
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 1ca70380a14a123e271d9e52fc5f78e6
2c06c4daa13caca07521a763e32f2f2cb837ebe9
42e7048d2f097d91b5f275b96f83537eaf7e80a4cf6d9ffb9c9095f01ea72edb
GET /vi/44Wp3WE1AHs/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 66018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 03:46:08 GMT
expires: Fri, 16 Dec 2022 05:46:08 GMT
cache-control: public, max-age=7200
etag: "1593207318"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu_u8VRqjt4gyuMY7XkOipamSZWJp2reK39028ZE=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_u8VRqjt4gyuMY7XkOipamSZWJp2reK39028ZE=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 3ffba753eaee3ca16483b4974054971d
3c16b8ddb7725ea5ce6624af4ffb2683bc1c1269
579c51df7accfe057d23b71bca3fd9d43c24d4327287d005c3321111a7867faf
GET /ytc/AMLnZu_u8VRqjt4gyuMY7XkOipamSZWJp2reK39028ZE=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2969
x-xss-protection: 0
date: Fri, 16 Dec 2022 02:39:10 GMT
expires: Sun, 06 Nov 2022 08:10:59 GMT
cache-control: public, max-age=86400, no-transform
age: 4018
etag: "v10"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2cbde49c28ba1915fa5c8584ee9668b2
9e1791bac9c23f5d91960378a6a9ae586f86f503
bd7285690a03950af52bc6e1c51598abe33da5e4ad7313b4e6b41b437532a0fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6a5856e313c453b220b7f7473f348b9b
8e85a7a18222023fadc28abd9d485cb0f7c6ec9d
9ee803de7680a72d4f74f034ff15e8f7fca61147cf071db05d37e7b5806e5f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 03:46:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff5600a9-abac-4be1-9383-2a946591869a.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff5600a9-abac-4be1-9383-2a946591869a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2de9241c6178764134b54782af425d3a
e092ce0f55db8a0ca6073449e28231af11aafe5c
9840e9d2607d483367feac0da72e2532964ee36e253b3f79b7a971feccab0bfb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff5600a9-abac-4be1-9383-2a946591869a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7307
x-amzn-requestid: 2c955fd6-749c-42b8-a4ae-0c49ec17465e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNR6QHqKIAMF_Wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b96a7-59c21567574d186d6e3e426a;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:50:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j6DSZ5WrFgLLdoMWm0prtfy6faAoqJNY7SZR366mWzc8Gg0g5-5xzw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:21:29 GMT
age: 19486
etag: "e092ce0f55db8a0ca6073449e28231af11aafe5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/s/player/a0703e0f/player_ias.vflset/en_US/base.js
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/s/player/a0703e0f/player_ias.vflset/en_US/base.js
IP 216.58.207.206:0
GET /s/player/a0703e0f/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/44Wp3WE1AHs?loop=1&rel=1&controls=1&showinfo=0?cc_load_policy=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 599079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 15:54:14 GMT
expires: Thu, 14 Dec 2023 15:54:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Dec 2022 01:16:44 GMT
content-type: text/javascript
age: 129113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
faumainc.com/
104.193.143.234200 OK 0 B IP 104.193.143.234:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache, private
pragma: no-cache
date: Fri, 16 Dec 2022 03:46:06 GMT
content-encoding: gzip
vary: Accept-Encoding
set-cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; path=/
XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; expires=Fri, 16-Dec-2022 05:46:06 GMT; Max-Age=7200; path=/; samesite=lax
fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D; expires=Fri, 16-Dec-2022 05:46:06 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
faumainc.com/upload/service-photo/img_1636869460_6190a554b6ece.jpg
104.193.143.234200 OK 0 B URL HTTP/2 faumainc.com/upload/service-photo/img_1636869460_6190a554b6ece.jpg
IP 104.193.143.234:0
GET /upload/service-photo/img_1636869460_6190a554b6ece.jpg HTTP/1.1
Host: faumainc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faumainc.com/
Cookie: PHPSESSID=0c183fb6a087ab37148d4c8860fd5e61; XSRF-TOKEN=eyJpdiI6Im1EL21vZWZNNzVaa1ZuWndUYTFRcEE9PSIsInZhbHVlIjoiUVZvcU82dURCZkp5aUNYNG1FSjZYa2VKc0wwdjFnY2cwc0R1VU1RdW9raVJQVHI2TTBJUmU3Y1BiN2dQeXQxenFGMElQMHZMUmprN2NVNFRYYi8xREJMZUR6VEQ5Vjg2bVNqM1BiSW03TlcvWFdCODlPNmxMU0FMTzF0YXVYQ24iLCJtYWMiOiIyZGVhZjY2YjM5MzczYmQwMjE3YzE1ODRkOWVmMGYxZTA2M2I2Y2ZkMmJhODg5MzMwZmM4MmFlZTQ2ZGMxOGIwIiwidGFnIjoiIn0%3D; fauma_innovative_inc_session=eyJpdiI6IlRObzhmWHl5a0dJdjd2dCtlbEpteVE9PSIsInZhbHVlIjoidTBIcWhtSEExc3JyOHY4L3BxOEt2ckhJeFBMN0g1aFZPSTlFT3ptTERXYndiUHdHYTZKN1BTZGRkd1A1anc4eTgwRE9LcWozODRmRC9yQ0Jrc0NVc0dXajV1S3BLT1VtMDQ5VFdIL3l3RVc3YW9ockFoanR3VzFSQlpTWE4rbHYiLCJtYWMiOiJjMzFkZDYwZjU2ZmU3OGMwZDdhM2Q2NTM5YmYyOGU4ODJiNGQ5ZmU5YTU5Mzk1ZWY0ODQ2NDMxMWE5ODZjYTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 14 Nov 2021 05:57:40 GMT
accept-ranges: bytes
content-length: 44799
content-type: image/jpeg
date: Fri, 16 Dec 2022 03:46:06 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/s/player/a0703e0f/www-embed-player.vflset/www-embed-player.js
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/s/player/a0703e0f/www-embed-player.vflset/www-embed-player.js
IP 216.58.207.206:0
GET /s/player/a0703e0f/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/44Wp3WE1AHs?loop=1&rel=1&controls=1&showinfo=0?cc_load_policy=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99941
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 15:56:49 GMT
expires: Thu, 14 Dec 2023 15:56:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Dec 2022 01:16:44 GMT
content-type: text/javascript
age: 128958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
188.114.99.224200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
IP 188.114.99.224:0
GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://faumainc.com
Connection: keep-alive
Referer: https://faumainc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 03:46:06 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 11/11/2022 02:42:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b130ac16b397c6a2374c28730987f1fc
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77a46e179b5bb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2