firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 19:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IdCFWq_2eL6JbPvyIlgQ1Hg3rTzYOMIEgoIuQziYxkz3_RdZsBFCyA==
Age: 3509
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2420
Expires: Wed, 28 Sep 2022 20:54:28 GMT
Date: Wed, 28 Sep 2022 20:14:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Z-J2BIFos2LCu1TN5QGKVWLOba5wBOz-8uC0I8NbW5x8eiydSOY5lQ==
age: 53143
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93a8f6ad543cf4a24be427774be6178b
c6c19500b9ae441dbef9b4388741dde0ccc3a3ed
0493323bf7e65e90ac72d4a342cc86bdf64d0b5dc8815f6363d13619a6269d96
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0493323BF7E65E90AC72D4A342CC86BDF64D0B5DC8815F6363D13619A6269D96"
Last-Modified: Mon, 26 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 29 Sep 2022 02:14:09 GMT
Date: Wed, 28 Sep 2022 20:14:09 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 20:14:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ineditf.com/indexx.php
81.88.53.29200 OK 16 kB IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (891)
Hash 181b7e8faf98f161c16ef0a9d465c521
23616636680a51a627ce0dcafcd327abdb10d19a
543e9fbfef022e511d7aa5aa6cdb7bc1ad5eb545b6e49c03df71f9c8f04d8942
Analyzer Verdict Alert openphish Interac e-Transfer
fortinet Phishing
GET /indexx.php HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/8.0.23
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15504
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/activityi.html
81.88.53.29200 OK 887 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/activityi.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5bc75ba11f81a22385a0ae9e793667e3
d10c4324bd473f46357a6c5b39471d77ac89100b
e22951dfe9ba6e7647dc20d03c0c9d64b8bc4aadb4092ef8909875b7942856d0
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/activityi.html HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "6427e-c4a-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 887
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/linkid.js
81.88.53.29200 OK 852 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/linkid.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (1335)
Hash 2c9c1e44353bad2e6b729ad8674710e4
d00b7ce9bc66f3e76a107ae6f137727fa5995791
c1968f88dfb5ce136d3362a784a98f1972ce3cac12f7c06a3d599e180257d0a0
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/linkid.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "642fe-621-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 852
content-type: application/javascript
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/interac-jqm.css
81.88.53.29200 OK 270 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/interac-jqm.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (697), with no line terminators
Hash 7534f41656e4508b99ceb183c1ca89c9
48417527d4a27f1dfeb4d0d0d1504643e6d4e4bd
4e64762a044954fd877be125196a9a9b4c4f2604bb3c7d8946a96af4f0757905
GET /INTERAC%20e-Transfer_fichiers/interac-jqm.css HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "642f8-2b9-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 270
content-type: text/css
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/analytics.js
81.88.53.29200 OK 12 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/analytics.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (1640)
Hash 616ccec12342c51d39c4ba1f2c5d43d0
6301c8e1466345500439a9d1151a7a591ade58a8
6f85ec6ee2e96425c5a499983302fa9c509cff923b27b10167b78bfd9518fdc7
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/analytics.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64285-6c9d-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11595
content-type: application/javascript
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/jquery-ui.css
81.88.53.29200 OK 139 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/jquery-ui.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash 77e6cda27d3dfbb54647e9e08d52c3ca
6bc021fef9917cf472ca3c4a1a3981c278612d8b
852cc3c0f3d89d86d71e8049f029a2934ee8afddebb4d5b10e7d29d872bc990e
GET /INTERAC%20e-Transfer_fichiers/jquery-ui.css HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "642f9-87-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 139
content-type: text/css
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/gtm.js
81.88.53.29200 OK 22 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/gtm.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type Unicode text, UTF-8 text, with very long lines (10041)
Hash f98b32b2888b43de60985c4bef251de1
49a653bf8361c813eaa98df41a83b781382d8089
73ac8eb82b93720891f637e5698abccb08cce259ca0e8745447281a814eff3a9
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/gtm.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64290-e1cc-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 22505
content-type: application/javascript
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/jquery.css
81.88.53.29200 OK 10 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/jquery.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (65398)
Hash 096c6c317eaf522a549ce33d4608eaf1
ea753d0988eecaffb9f984936352cd329577aedd
58b371aee6ced564d0ac1655703d7493a37c102aa8ed20cd24f383e99e00294e
GET /INTERAC%20e-Transfer_fichiers/jquery.css HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "642fb-10c68-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10222
content-type: text/css
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/jquery-ui.js
81.88.53.29200 OK 5.0 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/jquery-ui.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (13097), with no line terminators
Hash f23a381026a69389281b8a3ce0361491
44be0ba5fc1f63c9336d561acacb42d52b5f66c9
1c1fcc79ff9c1a1faa340a90b8c7da0afd9aa3da0776402abc669d534c625c9f
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/jquery-ui.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "642fa-3329-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5045
content-type: application/javascript
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/jquery_002.css
81.88.53.29200 OK 13 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/jquery_002.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 50ad6ea9221d2e7bf413afa578770e5a
d7893a623d15c746534dc04bb814ec8106ccb215
6cb039913485b9e837526a095aa0b9708e57c5cfa7a475afc59fe00201d08f58
GET /INTERAC%20e-Transfer_fichiers/jquery_002.css HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "642fd-1ef5f-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12925
content-type: text/css
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/jquery.js
81.88.53.29200 OK 56 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/jquery.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 82329b340367362bae73f85e74cb037a
7fb80dbd914e6c299c36308976fd9413e825b128
c9b62f81c192b105009b99c2e3a223f1a34ca51e2d469428bff71cd28800be9f
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/jquery.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "642fc-30d0e-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 55460
content-type: application/javascript
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/gatewayInitJS.js
81.88.53.29200 OK 261 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/gatewayInitJS.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (389)
Hash 466ea54d2d14b76616a4a0e38d350f93
c50ae8c0cd1e286da42ec4aa21a51121c4bd54ff
e4d944a44f3b502312ffe7f35a92521f095b7502ef200bc0ec0e3a0f96706748
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/gatewayInitJS.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "6428d-1c8-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 261
content-type: application/javascript
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/generalCSS.css
81.88.53.29200 OK 3.9 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/generalCSS.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (16962), with no line terminators
Hash fb37c65e9b085e20f750e68168c3d719
959b8e89a929d78118e5b05483b1b32fa15358d6
4f820ff28193eaaaf9e4b30c88d0d41a4d83cdbd93f74127fbca40a0867ed41d
GET /INTERAC%20e-Transfer_fichiers/generalCSS.css HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "6428e-4242-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3872
content-type: text/css
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/navJS.js
81.88.53.29200 OK 384 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/navJS.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (422)
Hash 92a9da232cf39e8fcf68120dad16392c
b82769570500f44c5fcd6b561dc30ba98b83d133
25e686d2bc8cf36e7afced283e4eaaedf2cf16e530e7a861b1c2de81ccb7ba73
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/navJS.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "64304-33a-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 384
content-type: application/javascript
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_003.svg
81.88.53.29200 OK 1.6 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_003.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 847f6156142a8661b2fd48170e71a2c4
eed4fc73a22fd7f74adaba05fa7f275a74f06bfe
3e7cf9dc0da3b32233c10f4617010e8a0509b48867ebfcba22dd3e852fc02e90
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_003.svg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64308-143a-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1621
content-type: image/svg+xml
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/atb.png
81.88.53.29200 OK 24 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/atb.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type PNG image data, 1280 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a9a907f7e3e07d47638677d69b22233
62e1951d1f4b18e55660b91365450d211f5f68fd
094d934d457220b698180fec8869efd2e660617ef5c4cde0beee2d565f2d45a5
GET /INTERAC%20e-Transfer_fichiers/atb.png HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64286-5f52-5d763cc7c8500"
accept-ranges: bytes
content-length: 24402
content-type: image/png
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/question-mark.svg
81.88.53.29200 OK 687 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/question-mark.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (758)
Hash 6f4a2388eba7c4ed3b9ba461cb3dfe76
3f29a78be2eadb03b3e33852da4800dc6bd51f80
93d5050c9d294809859ec6b66c41aaf40138adeeb1a919a30c608e6ad1c1f67a
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/question-mark.svg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64306-4c5-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 687
content-type: image/svg+xml
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/allModuleJS.js
81.88.53.29200 OK 5.4 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/allModuleJS.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (2136)
Hash fa7439f278f5c5cf7ee2855875d4e7d0
108f7869972d63fcf7aadb1d31d2b7ddd71be4a8
1c48ae739b71e890577621b1909aa2f1a80b9b16e6bbf9f5ebf35d846ee7f8ee
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/allModuleJS.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "64284-5953-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5420
content-type: application/javascript
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/nav-logo.svg
81.88.53.29200 OK 2.7 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/nav-logo.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 90812ce2aad058af7e5b6425a6c13bf0
561ae8d75c0c992cad2fa7cbe7d817c6462acd4e
79fe6d320ad3e942f2a71b3ba6629c2010f8a0aa6b1c61ef799c53a230583090
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/nav-logo.svg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64303-1d47-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2745
content-type: image/svg+xml
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/GTIe8CSS.css
81.88.53.29200 OK 6.0 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/GTIe8CSS.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (31904), with no line terminators
Hash c062bcfc97ed8509fdf0b4425df0b76b
74c983dd991dc3bd7d54a719e35e59b9e129a698
91cbc91af62f2f2e9f1a053f2efa071c0694dc0296eab177d276539eb331d13d
GET /INTERAC%20e-Transfer_fichiers/GTIe8CSS.css HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "6428f-7ca0-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6004
content-type: text/css
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/desj.png
81.88.53.29200 OK 3.7 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/desj.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type PNG image data, 403 x 125, 8-bit colormap, non-interlaced\012- data
Hash 4278f83f255df16adfe09508db4c8cab
81dbba55eceb89518d8166de3a8328c48b651264
7216e7d5b16f868bfb6b957d7e216ae8cba3595feefb16192e31f95bcf0e727e
GET /INTERAC%20e-Transfer_fichiers/desj.png HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "6428b-e97-5d763cc7c8500"
accept-ranges: bytes
content-length: 3735
content-type: image/png
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/mot.jpg
81.88.53.29200 OK 6.5 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/mot.jpg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 394x222, components 3\012- data
Hash e6d32407de0c1e524a0988b138d40c7b
bc4c5d2ae32177bd98622b1b85f441b0c57377ac
3ed11bc953873717966f08d8ab4c4424f63dfd8ea184eceee7214c9eb85f964b
GET /INTERAC%20e-Transfer_fichiers/mot.jpg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64302-1995-5d763cc7c8500"
accept-ranges: bytes
content-length: 6549
content-type: image/jpeg
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_007.svg
81.88.53.29200 OK 1.5 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_007.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 01e882b010ede8051c77624d98c92064
048a85f91f3d40c217780e34d70c2b9d466964d5
6aa100ec505dde22f8b029077a86d7437455a7663169b12dc139f24e7da3a73e
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_007.svg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "6430b-f23-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1538
content-type: image/svg+xml
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/meri.png
81.88.53.29200 OK 5.2 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/meri.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type PNG image data, 441 x 114, 8-bit colormap, non-interlaced\012- data
Hash 773a9ef4874528ac29d748a34c60e7a8
cd356b6996706eb27731543d8271c609b1192850
05fe5e795ecda25ad8410df06fd848112c88b9aa75458caafc9fc8276362fceb
GET /INTERAC%20e-Transfer_fichiers/meri.png HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "64301-146c-5d763cc5e0080"
accept-ranges: bytes
content-length: 5228
content-type: image/png
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/pc.png
81.88.53.29200 OK 4.1 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/pc.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type PNG image data, 482 x 104, 8-bit colormap, non-interlaced\012- data
Hash 5120dce8a8f4f410b27032a0ff8291f5
a119a21c49ab490f96ead1191a8ec7cdff383586
1268ec2ae11982ea5617e2694a5be6017d078cdbd95610874e5715be14b7ebc1
GET /INTERAC%20e-Transfer_fichiers/pc.png HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64305-1027-5d763cc7c8500"
accept-ranges: bytes
content-length: 4135
content-type: image/png
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_010.svg
81.88.53.29200 OK 2.5 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_010.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6b17ee9e5c1f9e53f3bb4e6d75fcf5e5
a660ae2025f2a9cb04c7a735a515844384f2d980
8d993e5e8fac311de67175976b1e6ce02c325c271714c4f34aa9936a2b62e399
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_010.svg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "6430c-14fa-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2509
content-type: image/svg+xml
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_011.svg
81.88.53.29200 OK 585 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_011.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d891e1666cb7a2fbc9eb52d5c0f8714b
1bddac9818ad43cf8cc42dd13d958cf61a3c3b59
476deb1d4a7a46b01d55c3579b25e48b381d3464572135acb3ead93d5d3ec5f9
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_011.svg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "6430d-3c4-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 585
content-type: image/svg+xml
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/CIBC_logo.svg
81.88.53.29200 OK 1.6 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/CIBC_logo.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 3b45d8dd5b5a0ed44491fa8ae740c276
988fba3163c62950d2cc0a4311a33727baf64306
dbacf08a27c4e8aff1fad45c5761e50d4e5782031d87db2a7bd83c7b6fac9ed4
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/CIBC_logo.svg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64288-d52-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1636
content-type: image/svg+xml
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_013.svg
81.88.53.29200 OK 1.8 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_013.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 57566b27daf2c01ba629e34597b7850d
fb821e20161d3a1eaa093c7470ec02a8db30b033
24f7ce5cf408afa0ca0e6791c2d54ab9e0e079906d25d2622f051153131b3349
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_013.svg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "6430f-122a-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1789
content-type: image/svg+xml
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_012.svg
81.88.53.29200 OK 2.5 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_012.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d278076e6523caba30d5f0145c1393f5
32c4fb38262b798e33711c37f25a272f7f969ae5
0b5af221f02975dec35eeae8daa0463ca8689c4e8dab3aea8dcc31e25ae42a79
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_012.svg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "6430e-1bec-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2458
content-type: image/svg+xml
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/footer-logo-en.svg
81.88.53.29200 OK 9.6 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/footer-logo-en.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 605a657ccb7f03fb0c97fe310e2df2ab
93dd26d820a3a86bdbe77ae8a8fe8a76fac28232
e7023bfce55688ed4af3cc2cfcd2857b9099b81cdc7f6a09aaf7b028b38a5f3b
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/footer-logo-en.svg HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "6428c-82c9-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9613
content-type: image/svg+xml
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/vendorJS.js
81.88.53.29200 OK 51 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/vendorJS.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash f66813a1b81cbc966ac14159203fcd74
f59b300d34d6718e0c1bb677e2bdf0371ceaa456
7879fdb56ed4e8c5995f2a0cfc5a009b1e19f3410590fc3b36c248c18827e8dd
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/vendorJS.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64312-26c52-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 51111
content-type: application/javascript
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/activityi_data/a_002.gif
81.88.53.29200 OK 42 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/activityi_data/a_002.gif
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /INTERAC%20e-Transfer_fichiers/activityi_data/a_002.gif HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/INTERAC%20e-Transfer_fichiers/activityi.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64282-2a-5d763cc7c8500"
accept-ranges: bytes
content-length: 42
content-type: image/gif
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.gif
81.88.53.29200 OK 42 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.gif
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /INTERAC%20e-Transfer_fichiers/activityi_data/a.gif HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/INTERAC%20e-Transfer_fichiers/activityi.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64280-2a-5d763cc7c8500"
accept-ranges: bytes
content-length: 42
content-type: image/gif
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.html
81.88.53.29200 OK 246 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type HTML document text\012- exported SGML document, ASCII text
Hash 1450f4aee73dee0fb49b5cfe04eea41d
d31bda338241a1ba0b849d9d8a404531174793c7
74b0399ac4d32ca99e66b5a47cdd0e963668eb02743c861cabf66254c48dbfdd
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/activityi_data/a.html HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/INTERAC%20e-Transfer_fichiers/activityi.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64281-1d7-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 246
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/activityi_data/conversion.js
81.88.53.29200 OK 5.4 kB URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/activityi_data/conversion.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (956)
Hash cf85935e855c1d038a7a801fd486574e
b487966f97abfa1edc0f1fa1caaf68ab8388071d
46c9f808693667e3a0dd3a8b69c785284aa35db824818fa3f02ae5bc6a036e01
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/activityi_data/conversion.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/INTERAC%20e-Transfer_fichiers/activityi.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64283-371a-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5421
content-type: application/javascript
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 19:29:33 GMT
Expires: Wed, 28 Sep 2022 20:26:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dEm2VFsTpVmNZT0fyGyDN-PuKe0-JA7ZtU0PzmvRZYb_tI32AlC5fg==
Age: 2676
upload.wikimedia.org/wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/1200px-Laurentian_Bank_of_Canada_logo.svg.png
91.198.174.208200 OK 24 kB URL HTTP/2 upload.wikimedia.org/wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/1200px-Laurentian_Bank_of_Canada_logo.svg.png
IP 91.198.174.208:0
File type PNG image data, 1200 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash b2ba0a626f3d1c3a79eacaa7857d489d
3db11508b6083869feb401f2c56b5927f2c4d1cd
c85bd673696df783cd1cf6f65b78792ca322b4aa638dfb5529855fbb5830b4b1
GET /wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/1200px-Laurentian_Bank_of_Canada_logo.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:02:23 GMT
content-type: image/png
content-length: 24368
etag: b2ba0a626f3d1c3a79eacaa7857d489d
last-modified: Thu, 15 Feb 2018 11:53:30 GMT
server: ATS/8.0.8
age: 43906
x-cache: cp3055 hit, cp3051 miss
x-cache-status: hit-local
server-timing: cache;desc="hit-local", host;desc="cp3051"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
x-client-ip: 91.90.42.154
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ineditf.com/resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html
81.88.53.29404 Not Found 1.9 kB URL HTTP/2 ineditf.com/resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash 073135632b543b068b634f7424bd33ad
eb631f825b2c4b1c8f3de3004f073c75ec8ed000
1e16d0f39f5d741e662c43103381f768226e87c4ee3264abc66538750155b484
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Cookie: _ga=GA1.2.243919261.1664396047; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 46c38360f02ad797c49a88aa3cf64629
d319f374995c6ccc8cec3482ed52da0870f31b9c
42e5aee3e47056744c06e1d5b72e76a1be18344ec6b950af743dd746c18ed458
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j47&aip=1&a=958043836&t=pageview&_s=1&dl=https%3A%2F%2Fineditf.com%2Findexx.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGAAgAAB~&jid=990623398&cid=243919261.1664396047&tid=UA-53324311-2>m=GTM-5SR238&z=2023843371
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j47&aip=1&a=958043836&t=pageview&_s=1&dl=https%3A%2F%2Fineditf.com%2Findexx.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGAAgAAB~&jid=990623398&cid=243919261.1664396047&tid=UA-53324311-2>m=GTM-5SR238&z=2023843371
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j47&aip=1&a=958043836&t=pageview&_s=1&dl=https%3A%2F%2Fineditf.com%2Findexx.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGAAgAAB~&jid=990623398&cid=243919261.1664396047&tid=UA-53324311-2>m=GTM-5SR238&z=2023843371 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Wed, 28 Sep 2022 01:13:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 68461
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j47&aip=1&a=958043836&t=pageview&_s=1&dl=https%3A%2F%2Fineditf.com%2Findexx.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGCAgAAB~&jid=1105075091&cid=243919261.1664396047&tid=UA-53324311-1>m=GTM-5SR238&z=544356559
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j47&aip=1&a=958043836&t=pageview&_s=1&dl=https%3A%2F%2Fineditf.com%2Findexx.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGCAgAAB~&jid=1105075091&cid=243919261.1664396047&tid=UA-53324311-1>m=GTM-5SR238&z=544356559
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j47&aip=1&a=958043836&t=pageview&_s=1&dl=https%3A%2F%2Fineditf.com%2Findexx.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGCAgAAB~&jid=1105075091&cid=243919261.1664396047&tid=UA-53324311-1>m=GTM-5SR238&z=544356559 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Wed, 28 Sep 2022 01:13:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 68461
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 18:41:09 GMT
expires: Wed, 28 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 5581
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-1&cid=243919261.1664396047&jid=1105075091&_u=SGCAgAAB~&z=1950921503
64.233.165.155200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-1&cid=243919261.1664396047&jid=1105075091&_u=SGCAgAAB~&z=1950921503
IP 64.233.165.155:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-1&cid=243919261.1664396047&jid=1105075091&_u=SGCAgAAB~&z=1950921503 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ineditf.com/resources/newgateway/vendor/jquery.mobile-1.4.5/jquery.mobile.structure-1.4.5.min.html
81.88.53.29404 Not Found 1.5 kB URL HTTP/2 ineditf.com/resources/newgateway/vendor/jquery.mobile-1.4.5/jquery.mobile.structure-1.4.5.min.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash 88ed44713f988e3e94102f35c29c2786
171c8aa35b0006db126c5a2107e3b417babdf132
b9175b7eb5148244fb7ad048bff4c4bbfafc078144b3473f29b2a6a3e91af3cb
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery.mobile-1.4.5/jquery.mobile.structure-1.4.5.min.html HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Cookie: _ga=GA1.2.243919261.1664396047; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/981124174/?random=1664396047074&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php
142.250.74.2302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/981124174/?random=1664396047074&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php
IP 142.250.74.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/981124174/?random=1664396047074&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&sscte=1&crd=CJqqsQI
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ineditf.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.js
81.88.53.29404 Not Found 1.4 kB URL HTTP/2 ineditf.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash 0e9b9e90f351bc6a9a30e5d77dc5e6fb
e4c0f32e13da47029244d721b98e0b272077d95d
4d3cd9d74997ba304c893a85b3e367058e0e8ed31f5273641eac64fdd12c1c08
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.js HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Cookie: _ga=GA1.2.243919261.1664396047; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/r/collect?v=1&_v=j47&aip=1&a=958043836&t=event&ni=1&_s=1&dl=https%3A%2F%2Fineditf.com%2Findexx.php&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=SGCAAAABI~&jid=2038532787&cid=243919261.1664396047&tid=UA-53324311-1&_r=1>m=GTM-5SR238&z=1808395707
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/r/collect?v=1&_v=j47&aip=1&a=958043836&t=event&ni=1&_s=1&dl=https%3A%2F%2Fineditf.com%2Findexx.php&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=SGCAAAABI~&jid=2038532787&cid=243919261.1664396047&tid=UA-53324311-1&_r=1>m=GTM-5SR238&z=1808395707
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&_v=j47&aip=1&a=958043836&t=event&ni=1&_s=1&dl=https%3A%2F%2Fineditf.com%2Findexx.php&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=SGCAAAABI~&jid=2038532787&cid=243919261.1664396047&tid=UA-53324311-1&_r=1>m=GTM-5SR238&z=1808395707 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/954740125/?random=1664396047248&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php
142.250.74.2302 Found 76 B URL HTTP/2 www.googleadservices.com/pagead/conversion/954740125/?random=1664396047248&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php
IP 142.250.74.2:0
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/conversion/954740125/?random=1664396047248&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&sscte=1&crd=CJqqsQI
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f9b485cf94d88ef8c835c0f1a9dd397
07ef0ce794ab8cd9f0b1564c5f2ac4acb18f8f83
b396d74e533e944041f2737e98f2c872f772bd19a328cfac562f28c82438a1fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash afa078b70d80b6b5afcd913b9a626159
ccce4ced1c0e2aacb3c9de29c995e69084fdd851
b39fd4ba1a0a96216d68eaddf1ce8dd67c4cceae45f90c29e4b3093300873d08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash afa078b70d80b6b5afcd913b9a626159
ccce4ced1c0e2aacb3c9de29c995e69084fdd851
b39fd4ba1a0a96216d68eaddf1ce8dd67c4cceae45f90c29e4b3093300873d08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&sscte=1&crd=CJqqsQI
142.250.74.66302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&sscte=1&crd=CJqqsQI
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&sscte=1&crd=CJqqsQI HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ineditf.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&random=1638686405
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Sep-2022 20:29:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&sscte=1&crd=CJqqsQI
142.250.74.66302 Found 76 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&sscte=1&crd=CJqqsQI
IP 142.250.74.66:0
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/viewthroughconversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&sscte=1&crd=CJqqsQI HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ineditf.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&random=994854530
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Sep-2022 20:29:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&sscte=1&crd=CJqqsQI
142.250.74.66302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&sscte=1&crd=CJqqsQI
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&sscte=1&crd=CJqqsQI HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ineditf.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&random=2760638304
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Sep-2022 20:29:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.42.148.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.148.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fZRuGmCGysdF5PGBB7RyZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lhWG5RxjulW4ZwBEHJTOHtnkLHw=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&random=1638686405
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&random=1638686405
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&random=1638686405 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ineditf.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&random=1638686405&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&random=2760638304
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&random=2760638304
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&random=2760638304 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ineditf.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&random=2760638304&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&random=994854530
142.250.74.164302 Found 76 B URL HTTP/2 www.google.com/pagead/1p-conversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&random=994854530
IP 142.250.74.164:0
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/1p-conversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&random=994854530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ineditf.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&random=994854530&ipr=y&prhg=0
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7ed37e03b72b8da3fb7f6c476ae9a1f
c335157b42102c71f5431bc295b2b2542af781d4
66ad71fe8fc69a39c7852c1b8e1fe1308e8ccaf2a147ed1c3a6866d3b248f9a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&random=1638686405&ipr=y&prhg=0
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&random=1638686405&ipr=y&prhg=0
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/979606057/?random=2030989998&cv=8&fst=1664396047074&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y9qWAtaJygWmnbqYCQ&random=1638686405&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ineditf.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&random=2760638304&ipr=y&prhg=0
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&random=2760638304&ipr=y&prhg=0
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/981124174/?random=1416145265&cv=8&fst=1664396047074&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y-zDAsqtygXCi7TwBw&random=2760638304&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ineditf.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&random=994854530&ipr=y&prhg=0
142.250.74.3200 OK 76 B URL HTTP/2 www.google.no/pagead/1p-conversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&random=994854530&ipr=y&prhg=0
IP 142.250.74.3:0
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/1p-conversion/954740125/?random=1478796858&cv=8&fst=1664396047074&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fineditf.com%2Findexx.php&ref=https%3A%2F%2Fineditf.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=Eqs0Y_bAAqeIxdwPp_-_oAI&random=994854530&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ineditf.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14507
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 20:14:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14507
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 20:14:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14507
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 20:14:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14507
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 20:14:11 GMT
Connection: keep-alive
ineditf.com/resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css
81.88.53.29404 Not Found 8.9 kB URL HTTP/2 ineditf.com/resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash 90db0de386013d773ad7bcbb818085ff
9d51fff0bd752919c080c1a70b410a1db67cf32a
d0623fe1c61925622a1ff1b1c94d9b205add3f57c502fe7b5295dc57c9dd7016
GET /resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Cookie: _ga=GA1.2.243919261.1664396047; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1; _gat_UA-53324311-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 80713
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 80733
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:39:01 GMT
age: 81310
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 80647
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 80888
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ineditf.com/resources/newgateway/vendor/jquery.mobile-1.4.5.min.html
81.88.53.29404 Not Found 0 B URL HTTP/2 ineditf.com/resources/newgateway/vendor/jquery.mobile-1.4.5.min.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery.mobile-1.4.5.min.html HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Cookie: _ga=GA1.2.243919261.1664396047; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/getAllFisandCus.do?lang=en
81.88.53.29404 Not Found 0 B URL HTTP/2 ineditf.com/getAllFisandCus.do?lang=en
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Analyzer Verdict Alert fortinet Phishing
GET /getAllFisandCus.do?lang=en HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Cookie: _ga=GA1.2.243919261.1664396047; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1; _gat_UA-53324311-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/favicon.ico
81.88.53.29404 Not Found 0 B IP 81.88.53.29:0
ASN #39729 Register S.p.A.
GET /favicon.ico HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Cookie: _ga=GA1.2.243919261.1664396047; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1; _gat_UA-53324311-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css
81.88.53.29404 Not Found 0 B URL HTTP/2 ineditf.com/resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
GET /resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Cookie: _ga=GA1.2.243919261.1664396047; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/simpl.png
81.88.53.29200 OK 0 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/simpl.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
GET /INTERAC%20e-Transfer_fichiers/simpl.png HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "64311-2dce9-5d763cc7c8500"
accept-ranges: bytes
content-length: 187625
content-type: image/png
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/www.googletagmanager.com/gtm5445.html?id=GTM-5SR238
81.88.53.29404 Not Found 0 B URL HTTP/2 ineditf.com/www.googletagmanager.com/gtm5445.html?id=GTM-5SR238
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Analyzer Verdict Alert fortinet Phishing
GET /www.googletagmanager.com/gtm5445.html?id=GTM-5SR238 HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Cookie: _ga=GA1.2.243919261.1664396047; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.html
81.88.53.29404 Not Found 0 B URL HTTP/2 ineditf.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.html HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Cookie: _ga=GA1.2.243919261.1664396047; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2
ineditf.com/INTERAC%20e-Transfer_fichiers/hsbc.png
81.88.53.29200 OK 0 B URL HTTP/2 ineditf.com/INTERAC%20e-Transfer_fichiers/hsbc.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
GET /INTERAC%20e-Transfer_fichiers/hsbc.png HTTP/1.1
Host: ineditf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ineditf.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "64291-b4f-5d763cc5e0080"
accept-ranges: bytes
content-length: 2895
content-type: image/png
date: Wed, 28 Sep 2022 20:14:09 GMT
server: Apache
X-Firefox-Spdy: h2