r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7203
Expires: Tue, 04 Oct 2022 14:13:22 GMT
Date: Tue, 04 Oct 2022 12:13:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 11:40:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L8hIJTLGkUNTgW3UnjTKI4Q8gLtkrHdLVxnVqeNqRo2asI31BQx3kg==
Age: 1953
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1073a68ed38c8e3575e889224db944c
ee2a7a3e2da77a8540131f9ffaa0a20d4dd486bd
a9fb1f7ade7c8a79d2ee83e9b7215e66dc89ac733b11079297a8f4b9aceae1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5230
Expires: Tue, 04 Oct 2022 13:40:29 GMT
Date: Tue, 04 Oct 2022 12:13:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +U0hfXPCEde4dRg8sOQZ1uDfbMkeqV9gG9LV8AGNEwJOJ8T5qvsLneJlhmlBW15jirom+QxeUp4=
x-amz-request-id: 70B3A3SR51PNGQFD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Oct 2022 11:54:14 GMT
age: 1146
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:13:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.regionic.info/jmb/?p=212063
83.166.138.58200 OK 15 kB URL HTTP/1.1 www.regionic.info/jmb/?p=212063
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 871c7cc788c40cc95ccd55890cb3fbe5
1b2e7ccff89688a861b50152bfb9106a67158bdd
6db22480a0599ba542f8b8a3cd4b404714b10bfcd4fd9cd33943e4e36365a06c
Analyzer Verdict Alert fortinet Phishing
GET /jmb/?p=212063 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:19 GMT
Server: Apache
Link: <http://www.regionic.info/jmb/index.php?rest_route=/>; rel="https://api.w.org/", <http://www.regionic.info/jmb/index.php?rest_route=/wp/v2/posts/212063>; rel="alternate"; type="application/json", <http://www.regionic.info/jmb/?p=212063>; rel=shortlink
Upgrade: h2
Connection: Upgrade
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.regionic.info/jmb/wp-content/themes/twentyten/style.css
83.166.138.58200 OK 5.9 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/themes/twentyten/style.css
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (535)
Hash 46b42de88554440913c99c306577b122
2c29e19ea1e71895b1b41138a59173dab15dfea5
2fe9193a48d8bb81f482b0cb299456e793d709bc5e86aee1426705d5e03f3743
GET /jmb/wp-content/themes/twentyten/style.css HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:18:20 GMT
ETag: "5c67-52d39c977a300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5945
Content-Type: text/css
static.bufferapp.com/js/button.js
104.16.139.31301 Moved Permanently 0 B URL HTTP/1.1 static.bufferapp.com/js/button.js
IP 104.16.139.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/button.js HTTP/1.1
Host: static.bufferapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 12:13:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 13:13:20 GMT
Location: https://static.buffer.com/js/button.js
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754dd4baf99d0b02-OSL
www.reddit.com/static/button/button1.js?newwindow=1&url=http://www.regionic.info/jmb/?p=212063
151.101.85.140301 Moved Permanently 0 B URL HTTP/1.1 www.reddit.com/static/button/button1.js?newwindow=1&url=http://www.regionic.info/jmb/?p=212063
IP 151.101.85.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/button/button1.js?newwindow=1&url=http://www.regionic.info/jmb/?p=212063 HTTP/1.1
Host: www.reddit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Retry-After: 0
Location: https://www.reddit.com/static/button/button1.js?newwindow=1&url=http://www.regionic.info/jmb/?p=212063
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 12:13:20 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Cache-Control: private, max-age=3600
Server: snooserv
Report-To: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
NEL: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
platform.linkedin.com/in.js?ver=6.0.2
23.36.76.121200 OK 163 kB URL HTTP/2 platform.linkedin.com/in.js?ver=6.0.2
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (41593)
Size 163 kB (163351 bytes)
Hash eaa27eb8dacc5231579981de726dd89f
457fd11b97a611d8dde4621453e61b9fe03fd293
86fab1fde96db8eb0c1309f3f3e1dc3168fb472f1cbf1a66edba710e472face3
GET /in.js?ver=6.0.2 HTTP/1.1
Host: platform.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Play
expires: Tue, 4 Oct 2022 13:11:03 GMT
cache-control: public, max-age=3600
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
content-length: 163351
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
x-li-uuid: AAXqNFqjg919pcv/V37yAA==
date: Tue, 04 Oct 2022 12:13:20 GMT
vary: Accept-Encoding
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
X-Firefox-Spdy: h2
www.regionic.info/jmb/wp-content/plugins/add-link-to-facebook/add-link-to-facebook.css?ver=6.0.2
83.166.138.58200 OK 220 B URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/add-link-to-facebook/add-link-to-facebook.css?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
Hash 5960fb646f4ac405f4ec6c2c9ad2a027
0356668a2cf0a15628a6d1d0bea992a4264fc275
6e680f53135a6d4b2b75ffe9c7f687b33c4fe34abc1395e5d0e5acde4aaa595b
GET /jmb/wp-content/plugins/add-link-to-facebook/add-link-to-facebook.css?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Last-Modified: Fri, 04 Mar 2016 14:12:02 GMT
ETag: "10f-52d39b2efd080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 220
Content-Type: text/css
www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/css/elastislide.min.css?ver=6.0.2
83.166.138.58200 OK 635 B URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/css/elastislide.min.css?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (1962), with no line terminators
Hash db3c7868bfc439e8374d97ead0d4bdee
9e58e07495cc2d09a4bbcbaeb79f02767b6557c1
c50c163a065576f4e979be7146044b2af003b994aa9be1f967bb2fb06b5cf953
Analyzer Verdict Alert fortinet Phishing
GET /jmb/wp-content/plugins/srizon-facebook-album/resources/css/elastislide.min.css?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Last-Modified: Fri, 04 Mar 2016 14:16:24 GMT
ETag: "7aa-52d39c28d9e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 635
Content-Type: text/css
www.regionic.info/jmb/wp-content/plugins/cardoza-facebook-like-box/cardozafacebook.css?ver=6.0.2
83.166.138.58200 OK 332 B URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/cardoza-facebook-like-box/cardozafacebook.css?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type CSV text\012- , ASCII text, with CRLF line terminators
Hash bcb6bcdc3b9f75d9834b745fafbcd2ef
d559a6d33ef73c30d7a546a69e5e6c7843dec4e4
ffee38b18271e25849cfd2ce95e3206b34e15d01aa3c21acf6dd29da55ce60f4
GET /jmb/wp-content/plugins/cardoza-facebook-like-box/cardozafacebook.css?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Last-Modified: Tue, 21 Jun 2022 06:45:11 GMT
ETag: "437-5e1ef8fedeb50-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 332
Content-Type: text/css
www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/css/mag-popup.min.css?ver=6.0.2
83.166.138.58200 OK 1.7 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/css/mag-popup.min.css?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (6065), with no line terminators
Hash af7191bfbee1f7906b91594e564b3b54
d16ecd7e4548743a605d649e90219b4ef69dae01
94e39de77d84991a731ebf77fa6c75641127ce142213b07317536768511b2cbb
Analyzer Verdict Alert fortinet Phishing
GET /jmb/wp-content/plugins/srizon-facebook-album/resources/css/mag-popup.min.css?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Last-Modified: Fri, 04 Mar 2016 14:16:24 GMT
ETag: "17b1-52d39c28d9e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1705
Content-Type: text/css
www.regionic.info/jmb/wp-content/plugins/fb-social-reader/css/style.css?ver=6.0.2
83.166.138.58200 OK 1.5 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/fb-social-reader/css/style.css?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
Hash 846d7d2e9ab8ef1cc3045650d90be00c
4fc113ffe22a5cffb328c1ecb77e409c472c4c96
20c45d712b497f79bf178c2d6ee4a5955e6902c6bb7101969289a49bca98b949
GET /jmb/wp-content/plugins/fb-social-reader/css/style.css?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Last-Modified: Fri, 04 Mar 2016 14:13:07 GMT
ETag: "1918-52d39b6cfa2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1521
Content-Type: text/css
www.regionic.info/jmb/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
83.166.138.58200 OK 12 kB URL HTTP/1.1 www.regionic.info/jmb/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
Analyzer Verdict Alert fortinet Phishing
GET /jmb/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Wed, 13 Jul 2022 04:18:35 GMT
ETag: "15b64-5e3a8141f38c3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11681
Content-Type: text/css
www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/css/srizon.custom.min.css?ver=2.3
83.166.138.58200 OK 2.1 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/css/srizon.custom.min.css?ver=2.3
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (8058), with no line terminators
Hash bfc3097d6a19406d6f000a8514db8c67
e92f355cf2aa7164c37640acab4d0ac189aef9ec
f453398a652ea2eeae098967a38ce361a0f0daf260fc33b208ecd97aea47ef90
GET /jmb/wp-content/plugins/srizon-facebook-album/resources/css/srizon.custom.min.css?ver=2.3 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:24 GMT
ETag: "1f7a-52d39c28d9e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2054
Content-Type: text/css
www.regionic.info/jmb/wp-content/plugins/cardoza-facebook-like-box/cardozafacebook.js?ver=6.0.2
83.166.138.58200 OK 381 B URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/cardoza-facebook-like-box/cardozafacebook.js?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with CRLF line terminators
Hash c26c1149a61b90738434f96a6eb566be
60b7efad2c1852b4e66737965e2edd6afc8af2e9
5e3dba55cd599aefa42c63e6726f3c2e95cf14b077c7f1a8195f9788d77207d8
Analyzer Verdict Alert fortinet Phishing
GET /jmb/wp-content/plugins/cardoza-facebook-like-box/cardozafacebook.js?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Tue, 21 Jun 2022 06:45:11 GMT
ETag: "b1f-5e1ef8fedeb50-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 381
Content-Type: application/javascript
www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/style.css?ver=6.0.2
83.166.138.58200 OK 777 B URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/style.css?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with CRLF line terminators
Hash 1ce521270815d9f13c11654b2c940766
b87c4a83005a7e36335cea34c80a29d2bcb5eeae
735a289163641abaa57b850a4b4c2c1734766701aaba58d73fb4107ffe2febb7
GET /jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/style.css?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:19 GMT
ETag: "8c2-52d39c24152c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 777
Content-Type: text/css
www.regionic.info/jmb/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
83.166.138.58200 OK 4.2 kB URL HTTP/1.1 www.regionic.info/jmb/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /jmb/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Tue, 21 Jun 2022 06:43:55 GMT
ETag: "2bd8-5e1ef8b65c353-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4169
Content-Type: application/javascript
www.regionic.info/jmb/wp-content/plugins/recent-facebook-posts/assets/css/default.min.css?ver=2.0.8
83.166.138.58200 OK 762 B URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/recent-facebook-posts/assets/css/default.min.css?ver=2.0.8
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (2339), with no line terminators
Hash d4b976de1da7f7be59ad8d562245ee96
3a955fa2af18fd9d3bcdec9928021691179e43cf
6237be557b7c7539e51a3780f13bfe59761844242aab8af74f2f281509006c14
GET /jmb/wp-content/plugins/recent-facebook-posts/assets/css/default.min.css?ver=2.0.8 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:21 GMT
ETag: "923-52d39c25fd740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 762
Content-Type: text/css
www.regionic.info/jmb/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
83.166.138.58200 OK 31 kB URL HTTP/1.1 www.regionic.info/jmb/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Phishing
GET /jmb/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Tue, 21 Jun 2022 06:43:55 GMT
ETag: "15db1-5e1ef8b65f233-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30908
Content-Type: application/javascript
www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js/jquery.collagePlus.min.js?ver=6.0.2
83.166.138.58200 OK 2.2 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js/jquery.collagePlus.min.js?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (6470), with no line terminators
Hash fa84b21a34f2d58c03aef662ae5abd67
7959d25dde0b746fb99b88728aa9f9b6e24de072
2daef4f3fae6b8a14be7374b5358e2a70ca7b82486627b73f94edfab41f054be
GET /jmb/wp-content/plugins/srizon-facebook-album/resources/js/jquery.collagePlus.min.js?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Wed, 21 Nov 2018 20:29:03 GMT
ETag: "1946-57b3299de8183-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2159
Content-Type: application/javascript
www.regionic.info/jmb/wp-content/plugins/fb-social-reader/js/sr.min.js?ver=1.6.0.6
83.166.138.58200 OK 16 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/fb-social-reader/js/sr.min.js?ver=1.6.0.6
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type Unicode text, UTF-8 text, with very long lines (56742)
Hash 44ee5d1989ce366ebf46a1977c0b4524
89b21bc7b7fcf4d0ab95df2d0d2aea997ca3fa5e
89eb529dbfefcb00a30a74bf8d13f414f37a27bcfcbe8537b62c1d6ca0f55d7c
Analyzer Verdict Alert fortinet Phishing
GET /jmb/wp-content/plugins/fb-social-reader/js/sr.min.js?ver=1.6.0.6 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:13:08 GMT
ETag: "dec1-52d39b6dee500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16453
Content-Type: application/javascript
www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js/modernizr.js?ver=6.0.2
83.166.138.58200 OK 4.0 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js/modernizr.js?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type HTML document text\012- HTML document, ASCII text, with very long lines (8960)
Hash ddb5e0e67e101b25f75010659ad3f6d6
eef831f9d2e37b5af10d758380844a822e929632
2ff3d1c2cbbe1c09812aa640450044a57965f6525588a11bdf3d1032e251da8b
Analyzer Verdict Alert fortinet Phishing
GET /jmb/wp-content/plugins/srizon-facebook-album/resources/js/modernizr.js?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:25 GMT
ETag: "23d3-52d39c29ce040-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4042
Content-Type: application/javascript
www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js/mag-popup.js?ver=6.0.2
83.166.138.58200 OK 7.7 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js/mag-popup.js?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (20844)
Hash dbfe5bc7c17594ecb1c525e501da9564
f65f4f1d4f7043b85898ee231dfb9aba3e4220a1
86688bb51a8303ea530de4fafb4c91d3885e0447f7c10b45b3f1eb44091d558a
Analyzer Verdict Alert fortinet Phishing
GET /jmb/wp-content/plugins/srizon-facebook-album/resources/js/mag-popup.js?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:25 GMT
ETag: "5270-52d39c29ce040-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7677
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 11:29:33 GMT
Expires: Tue, 04 Oct 2022 12:17:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S2IZOO2pPHoqBnbXRMfkZaJCxzzIKWYfIdqI-8m96saSawtI91bdjw==
Age: 2627
platform.tumblr.com/v1/share.js?ver=6.0.2
74.114.154.15302 Moved Temporarily 142 B URL HTTP/1.1 platform.tumblr.com/v1/share.js?ver=6.0.2
IP 74.114.154.15:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /v1/share.js?ver=6.0.2 HTTP/1.1
Host: platform.tumblr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Tue, 04 Oct 2022 12:13:20 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://platform.tumblr.com/v1/share.js?ver=6.0.2
www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js/jquery.elastislide.min.js?ver=6.0.2
83.166.138.58200 OK 4.1 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js/jquery.elastislide.min.js?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (13599), with no line terminators
Hash c37425cd901572f8f757e6a36627f2c6
e5810a1f9fb0be1ef033a26296ca3bdb38bdecbc
2e6289be6d9fc69faaf37cc4614af6f6ee9b8bff60259d419e08dc2fa19bcf8f
GET /jmb/wp-content/plugins/srizon-facebook-album/resources/js/jquery.elastislide.min.js?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Wed, 21 Nov 2018 20:29:03 GMT
ETag: "351f-57b3299de8183-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4142
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5935
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:13:20 GMT
Last-Modified: Tue, 04 Oct 2022 10:34:25 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.tipy.com/button_compact.gif
3.74.170.143301 Moved Permanently 185 B URL HTTP/1.1 www.tipy.com/button_compact.gif
IP 3.74.170.143:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4c555068310076e85908835c721911f5
9ec990aabb4391e139034f68e5e657e0f1d0b74d
568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510
GET /button_compact.gif HTTP/1.1
Host: www.tipy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.2
Date: Tue, 04 Oct 2022 12:13:20 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://www.tipy.com/button_compact.gif
api.flattr.com/js/0.6/load.js?mode=auto&ver=6.0.2
172.67.70.66301 Moved Permanently 178 B URL HTTP/2 api.flattr.com/js/0.6/load.js?mode=auto&ver=6.0.2
IP 172.67.70.66:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/0.6/load.js?mode=auto&ver=6.0.2 HTTP/1.1
Host: api.flattr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 04 Oct 2022 12:13:20 GMT
content-type: text/html
content-length: 178
location: https://button.flattr.com/loader.js?mode=auto&ver=6.0.2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1CZZAOhSyuAVunnd0n0tL2apFyBCqmxioRhyvGIGYtplA9usXpmI6IfkAxSOrCOwjWw5MslUw2F4nRKWwfbwGkQqqaecZeuTB9naVoRiGFWoQecVqiU9u0X0%2BhoGdi8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dd4bafd8ab506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js/srizon.custom.min.js?ver=2.3.2
83.166.138.58200 OK 3.4 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js/srizon.custom.min.js?ver=2.3.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type HTML document, ASCII text, with very long lines (11853), with no line terminators
Hash 15522215729c753f7b3723e5abf2028b
ef370e5c588147a02076ea9ff496ff510e36e39f
e9a438f36dc15af555a2bf372a222715f96a8959d62888b386858e53c5c336d3
Analyzer Verdict Alert fortinet Phishing
GET /jmb/wp-content/plugins/srizon-facebook-album/resources/js/srizon.custom.min.js?ver=2.3.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:25 GMT
ETag: "2e4d-52d39c29ce040-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3448
Content-Type: application/javascript
www.regionic.info/jmb/wp-includes/js/comment-reply.min.js?ver=6.0.2
83.166.138.58200 OK 1.4 kB URL HTTP/1.1 www.regionic.info/jmb/wp-includes/js/comment-reply.min.js?ver=6.0.2
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type ASCII text, with very long lines (2946)
Hash 28214bc78b9edfcfbc9c7b651fb4f56c
fb0847abdb33dd943a2dcda4c4b905fb5cdd116c
11691bc1acc1f3a7ab8ef7c67fb720ca58fb72e52f510009f7b0cbc2589d45e0
Analyzer Verdict Alert fortinet Phishing
GET /jmb/wp-includes/js/comment-reply.min.js?ver=6.0.2 HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Tue, 21 Jun 2022 06:43:55 GMT
ETag: "ba5-5e1ef8b691eb3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1351
Content-Type: application/javascript
www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/specificfeeds_follow.png
83.166.138.58200 OK 714 B URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/specificfeeds_follow.png
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type PNG image data, 26 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 346c3031219692aa036b3f70a049357e
1be1d28a7fd3c97ec06bd5acc0c1965975904dff
8eed0123cea1bc7373855ce7371d01f5c4bfbf58d0f70d9c9f2b945940f48c61
GET /jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/specificfeeds_follow.png HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:19 GMT
ETag: "2ca-52d39c24152c0"
Accept-Ranges: bytes
Content-Length: 714
Content-Type: image/png
www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/email.png
83.166.138.58200 OK 2.0 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/email.png
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type PNG image data, 30 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 49e12c71bf7fc34e81b089e93cb24e97
6dbacc6dbc4e218bfecd3667027ac60f0f5f2ad8
6716dbbcf4c38a706abf0b7ad4398ca2f1d471c647ea8ef588fe680a1494501a
GET /jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/email.png HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:19 GMT
ETag: "7be-52d39c24152c0"
Accept-Ranges: bytes
Content-Length: 1982
Content-Type: image/png
www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/rss.png
83.166.138.58200 OK 1.0 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/rss.png
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 05e27acef3866d11912ffd5f5a8082e6
21fdfecf0185d7006dda0ca426926b3ed4d2b2b4
91eebabc35aac7ff6bc31bd78f5bba8ae01a1621dbee807f2fe26aec8076db45
GET /jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/rss.png HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:19 GMT
ETag: "407-52d39c24152c0"
Accept-Ranges: bytes
Content-Length: 1031
Content-Type: image/png
www.regionic.info/jmb/wp-content/uploads/2013/05/cropped-Carte_regions_Kamerun_Allemand_Batscham_mark_jmb2012N.jpg
83.166.138.58200 OK 106 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/uploads/2013/05/cropped-Carte_regions_Kamerun_Allemand_Batscham_mark_jmb2012N.jpg
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 940x198, components 3\012- data
Size 106 kB (106068 bytes)
Hash ec53ed4bf2c9c19af19954b5f0dd3aaa
0d99b1707f02398171141abf1fd4ef106547cd36
bb16a4f2a4fa5fd5c218dd791144a197269bdf8afbbadabed8c8c10ff0cc71ad
GET /jmb/wp-content/uploads/2013/05/cropped-Carte_regions_Kamerun_Allemand_Batscham_mark_jmb2012N.jpg HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Thu, 23 May 2013 11:07:30 GMT
ETag: "19e54-4dd60b0398080"
Accept-Ranges: bytes
Content-Length: 106068
Content-Type: image/jpeg
www.reddit.com/static/button/button1.js?newwindow=1&url=http://www.regionic.info/jmb/?p=212063
151.101.85.140200 OK 1.1 kB URL HTTP/2 www.reddit.com/static/button/button1.js?newwindow=1&url=http://www.regionic.info/jmb/?p=212063
IP 151.101.85.140:0
Hash 610788fd4961c058cee1869f473c374c
43c8308946d4f121b91aae5fb1a688392a234d01
fdc2e23dcb6a6ce8f2ada0e9933e7edbda5f15d450165c71482eb752c7c5ae24
GET /static/button/button1.js?newwindow=1&url=http://www.regionic.info/jmb/?p=212063 HTTP/1.1
Host: www.reddit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 22 Sep 2014 16:25:05 GMT
etag: "610788fd4961c058cee1869f473c374c"
content-type: application/javascript
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: private, max-age=3600
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 1074
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 52d03519b9225655f0b3436bb0ab8010
e4eb772e5f4cfb1442c947cba3111d9a8056a74b
b49f1602afd949e6f33dfef30f67dabaac87fe1581abf6d58011fc9e8cdae9d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B49F1602AFD949E6F33DFEF30F67DABAAC87FE1581ABF6D58011FC9E8CDAE9D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 04 Oct 2022 18:13:20 GMT
Date: Tue, 04 Oct 2022 12:13:20 GMT
Connection: keep-alive
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xGJ5Z+pZZ0yo9CgHAIlOYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iX/TGI/GkxMDDhW7tKgQNAapIDg=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 178cd5a6382e4416dcdcc2abbea3a63f
c134e186ba8d7c3903b517f295ded182321137f3
f3e31017e3606180ff583266ee42523c531c275f7bef8c83b598a8096adf20f6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3E31017E3606180FF583266EE42523C531C275F7BEF8C83B598A8096ADF20F6"
Last-Modified: Tue, 04 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21560
Expires: Tue, 04 Oct 2022 18:12:40 GMT
Date: Tue, 04 Oct 2022 12:13:20 GMT
Connection: keep-alive
www.repairmywindowsanddoors.co.uk/wp-content/uploads/2018/12/Replacement-Doors-300x200.jpg
149.255.62.87200 OK 15 kB URL HTTP/2 www.repairmywindowsanddoors.co.uk/wp-content/uploads/2018/12/Replacement-Doors-300x200.jpg
IP 149.255.62.87:0
ASN #34931 Awareness Software Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", baseline, precision 8, 300x200, components 3\012- data
Hash a419e72becb1d566b40334ed351ba509
8ea8b952b371899e052aaee2f064ce1e127f4d3b
44580446334106a01c65e899790a07398181d8d37e5e9f2625a90126f3583359
GET /wp-content/uploads/2018/12/Replacement-Doors-300x200.jpg HTTP/1.1
Host: www.repairmywindowsanddoors.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:13:20 GMT
content-type: image/jpeg
content-length: 15295
last-modified: Fri, 16 Oct 2020 18:49:03 GMT
etag: "3bbf-5b1ce37f41023"
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 03:20:55 GMT
referrer-policy:
accept-ranges: bytes
X-Firefox-Spdy: h2
www.tipy.com/button_compact.gif
3.74.170.143404 Not Found 232 B URL HTTP/1.1 www.tipy.com/button_compact.gif
IP 3.74.170.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 328f87671c7c5a894d4f38b85b3d326b
8fea1b85bc8727669266925e412d94b74a07da38
d3dad34c1bffe93e3ec8a432f171db4a1da94b103966c11f277da95157a08ec5
GET /button_compact.gif HTTP/1.1
Host: www.tipy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx/1.14.2
Date: Tue, 04 Oct 2022 12:13:20 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d8104ce241c1a331a3103d80c9e93e3
24513645deee3d03658ff266775b3af2a4ab7fb8
bb967ded05700735966ca7c6bf8ecb2b5655682ee9ea2d9f0aad581c6c866a5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB967DED05700735966CA7C6BF8ECB2B5655682EE9EA2D9F0AAD581C6C866A5C"
Last-Modified: Tue, 04 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Tue, 04 Oct 2022 18:12:39 GMT
Date: Tue, 04 Oct 2022 12:13:21 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 2a7776d0536d0c4e03075a696e590389
25b7cc92be1d02353ad0c481763067aaaf19cecb
1ad3dfd0e9c1ab9fb20da78c5ae83e98e560e669522aa7d8266290eee5802d14
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 08:43:20 GMT
Expires: Mon, 10 Oct 2022 08:43:19 GMT
Etag: "25b7cc92be1d02353ad0c481763067aaaf19cecb"
Cache-Control: max-age=505197,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754dd4be1a32b4f7-OSL
www.learningtoolkit.club/link.php?zzz=4
54.67.93.101301 Moved Permanently 0 B URL HTTP/1.1 www.learningtoolkit.club/link.php?zzz=4
IP 54.67.93.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /link.php?zzz=4 HTTP/1.1
Host: www.learningtoolkit.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.regionic.info
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 12:13:18 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.businessmagazine.org
platform.tumblr.com/v1/share.js?ver=6.0.2
74.114.154.15200 OK 5.1 kB URL HTTP/2 platform.tumblr.com/v1/share.js?ver=6.0.2
IP 74.114.154.15:0
Hash b8088094df30267a4ee5136fd729b8db
3dc4c8faa6cdaa6008a83c6ba863291b2d2ce750
4c11968737f009d2a9a536ba7c86e8d570414d4f2e96bab36989a7f321307779
GET /v1/share.js?ver=6.0.2 HTTP/1.1
Host: platform.tumblr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 04 Oct 2022 12:13:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 09:28:23 GMT
vary: Accept-Encoding
etag: W/"62f61d37-60"
expires: Tue, 04 Oct 2022 13:13:21 GMT
pragma: public
content-encoding: br
cache-control: max-age=3600, immutable
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.learningtoolkit.club/link.php?zzz=5
54.67.93.101301 Moved Permanently 0 B URL HTTP/1.1 www.learningtoolkit.club/link.php?zzz=5
IP 54.67.93.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /link.php?zzz=5 HTTP/1.1
Host: www.learningtoolkit.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.regionic.info
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 12:13:18 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.businessmagazine.org
www.learningtoolkit.club/link.php?zzz=5
54.67.93.101301 Moved Permanently 0 B URL HTTP/1.1 www.learningtoolkit.club/link.php?zzz=5
IP 54.67.93.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /link.php?zzz=5 HTTP/1.1
Host: www.learningtoolkit.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.regionic.info
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 12:13:18 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.businessmagazine.org
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 41e9c5598124e23f83fff4c420b919c1
0d4239d86d20c34d8e35f88565ba8860fe5ba18e
6f705c33f48c3b554526c6ba20e94ad73e7e520d0114431096dbd7d2e26b0f4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F705C33F48C3B554526C6BA20E94AD73E7E520D0114431096DBD7D2E26B0F4E"
Last-Modified: Sun, 02 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4122
Expires: Tue, 04 Oct 2022 13:22:04 GMT
Date: Tue, 04 Oct 2022 12:13:22 GMT
Connection: keep-alive
forwardmytraffic.com/ad.js?port=45
192.102.6.94200 OK 1.6 kB URL HTTP/1.1 forwardmytraffic.com/ad.js?port=45
IP 192.102.6.94:0
Hash c66f134e8c93ca54814a589751e842d3
de67aacd79a2255641a63ba64a0d8dd5280c876a
4d0ff911c8692a6d913d3a7acac43c43478677a7efa4c916217d7afa10678152
GET /ad.js?port=45 HTTP/1.1
Host: forwardmytraffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 04 Oct 2022 12:13:22 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.4
www.learningtoolkit.club/link.php?zzz=4
54.67.93.101301 Moved Permanently 0 B URL HTTP/1.1 www.learningtoolkit.club/link.php?zzz=4
IP 54.67.93.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /link.php?zzz=4 HTTP/1.1
Host: www.learningtoolkit.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.regionic.info
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 12:13:18 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.businessmagazine.org
cdnjs.cloudflare.com/ajax/libs/json2/20121008/json2.min.js
104.17.25.14200 OK 1.3 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/json2/20121008/json2.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (3385), with no line terminators
Hash 9dcd98b378b18da87ab0b80928cab48a
2daa54c68961571f76c9cf230f2c469079ba4629
1766ef15d29039deb1168ca7e34a98cc3b094f7a0d74475216c3696af5d6d6b9
GET /ajax/libs/json2/20121008/json2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:22 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1347
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03ec8-d39"
Last-Modified: Mon, 04 May 2020 16:11:52 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 102847
Expires: Sun, 24 Sep 2023 12:13:22 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRx5WkGdr2z%2BU18jXs%2BL1HaEhR8W3r2MkLl0liBsgXu%2F9KY85rPm105QRBC3gUBNOaa7CYPzVFkb%2F0IcUZT4RACZwfUsiCqCn9p%2BpBA6C5mVTzrgPzJRc2bAkxDPkeYblwDdDjJW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754dd4c5ca6fb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.stumbleupon.com/hostedbadge.php?s=1&r=http://www.regionic.info/jmb/?p=212063
76.76.21.61404 Not Found 2.1 kB URL HTTP/2 www.stumbleupon.com/hostedbadge.php?s=1&r=http://www.regionic.info/jmb/?p=212063
IP 76.76.21.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5822)
Hash 6be4499256f23350a0eca5eb0682e77d
e948b498923135cf5fe9bd69cfdc89a2aaab9734
d97ba4079b09d7a33ec646c8d807a0368976310ecaf801281c47eeb93f3b1bfd
GET /hostedbadge.php?s=1&r=http://www.regionic.info/jmb/?p=212063 HTTP/1.1
Host: www.stumbleupon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
age: 94396
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="404"
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 04 Oct 2022 12:13:22 GMT
etag: W/"1a30bd62d0e7d6b9c85d90d076391f09"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /404
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::p4gvd-1664885602214-ca5b23935405
X-Firefox-Spdy: h2
www.tipy.com/button.js
3.74.170.143404 Not Found 232 B IP 3.74.170.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 328f87671c7c5a894d4f38b85b3d326b
8fea1b85bc8727669266925e412d94b74a07da38
d3dad34c1bffe93e3ec8a432f171db4a1da94b103966c11f277da95157a08ec5
GET /button.js HTTP/1.1
Host: www.tipy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx/1.14.2
Date: Tue, 04 Oct 2022 12:13:22 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
odnaknopka.ru/ok9.js
142.132.202.70200 OK 143 B IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 01d104f1d2a961f6fc241ec08ba1af54
2e9f73a9137283c94c79bff44fd10f5b1a2738b6
f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022
GET /ok9.js HTTP/1.1
Host: odnaknopka.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 04 Oct 2022 12:13:22 GMT
Content-Type: text/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
ETag: dee896cd111d1abc83a40667de41fcc8
button.buffer.com/button/?id=6a28e0056b6cc50f&url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&text=How%20You%20Double%20Glazed%20Window%20Repairs%20Near%20Me%20Your%20Customers%20Can%20Make%20Or%20Break%20Your%20Business&count=horizontal&placement=button&utm_source=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&utm_medium=buffer_button&utm_campaign=buffer
104.16.140.52301 Moved Permanently 0 B URL HTTP/1.1 button.buffer.com/button/?id=6a28e0056b6cc50f&url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&text=How%20You%20Double%20Glazed%20Window%20Repairs%20Near%20Me%20Your%20Customers%20Can%20Make%20Or%20Break%20Your%20Business&count=horizontal&placement=button&utm_source=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&utm_medium=buffer_button&utm_campaign=buffer
IP 104.16.140.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /button/?id=6a28e0056b6cc50f&url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&text=How%20You%20Double%20Glazed%20Window%20Repairs%20Near%20Me%20Your%20Customers%20Can%20Make%20Or%20Break%20Your%20Business&count=horizontal&placement=button&utm_source=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&utm_medium=buffer_button&utm_campaign=buffer HTTP/1.1
Host: button.buffer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 12:13:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 13:13:22 GMT
Location: https://button.buffer.com/button/?id=6a28e0056b6cc50f&url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&text=How%20You%20Double%20Glazed%20Window%20Repairs%20Near%20Me%20Your%20Customers%20Can%20Make%20Or%20Break%20Your%20Business&count=horizontal&placement=button&utm_source=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&utm_medium=buffer_button&utm_campaign=buffer
Set-Cookie: __cf_bm=bu9Tsda2kuYUTzucPqR2h6x7eXlZXyFf8z5fMrNRvNQ-1664885602-0-AZ0/VVTO6CBNmvi/UAOJScKPRbtI/anDZQK95Ut5BJjwl+KlDuWJwyWjHPgcHliTOPUjFLkNHh94xkvjbxNXKMU=; path=/; expires=Tue, 04-Oct-22 12:43:22 GMT; domain=.buffer.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 754dd4c61c4cb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.tipy.com/button_compact.gif
3.74.170.143404 Not Found 232 B URL HTTP/1.1 www.tipy.com/button_compact.gif
IP 3.74.170.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 328f87671c7c5a894d4f38b85b3d326b
8fea1b85bc8727669266925e412d94b74a07da38
d3dad34c1bffe93e3ec8a432f171db4a1da94b103966c11f277da95157a08ec5
GET /button_compact.gif HTTP/1.1
Host: www.tipy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx/1.14.2
Date: Tue, 04 Oct 2022 12:13:22 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/facebook-share.png
83.166.138.58200 OK 838 B URL HTTP/1.1 www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/facebook-share.png
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 95f675e77a2c67a004771ee5d7dce1ee
74151d65e20475ac234287288c56ab2f370f502b
6a0b082d7f6c52899ed6d19d85676486c4a9a37894b7e0daaaeaf065929ab026
GET /jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/facebook-share.png HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/style.css?ver=6.0.2
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:22 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:19 GMT
ETag: "346-52d39c24152c0"
Accept-Ranges: bytes
Content-Length: 838
Content-Type: image/png
odnaknopka.ru/stat.js
142.132.202.70200 OK 0 B IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stat.js HTTP/1.1
Host: odnaknopka.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 04 Oct 2022 12:13:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
www.redditstatic.com/button/button1.html?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063
151.101.85.140200 OK 1.7 kB URL HTTP/1.1 www.redditstatic.com/button/button1.html?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063
IP 151.101.85.140:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1522)
Hash 4a408b7d64f2c0937eb0d1b944e3229e
e9edc11acdf9d5ae0357b680590d3dc719bf0adc
91aee29aee50d42c1a027a0c9b82f759847e37b6027af3d7b96ccf68db3fe685
GET /button/button1.html?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063 HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1709
Last-Modified: Wed, 30 Jul 2014 19:09:19 GMT
ETag: "ce91c4f683d32f8907f0e97f3fb93696"
Expires: Thu, 31 Dec 2037 23:59:59 GMT
Content-Type: text/html
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 12:13:22 GMT
Vary: Accept-Encoding,Origin
Server: snooserv
Report-To: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
NEL: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
www.regionic.info/jmb/wp-content/uploads/2012/03/bmask_pedjo_blanc_301.png
83.166.138.58200 OK 61 kB URL HTTP/1.1 www.regionic.info/jmb/wp-content/uploads/2012/03/bmask_pedjo_blanc_301.png
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type PNG image data, 138 x 237, 8-bit/color RGB, non-interlaced\012- data
Hash b74ef2596fd00a4b03c23aa91d9c92cf
4f5bc4506d9d95e1999b9088bd2acbe529c20707
ebb9cb51888811438828a39576992f273077047babbb1951c6a666b913fffcad
GET /jmb/wp-content/uploads/2012/03/bmask_pedjo_blanc_301.png HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:22 GMT
Server: Apache
Last-Modified: Fri, 09 Mar 2012 17:32:38 GMT
ETag: "eda1-4bad2c7649980"
Accept-Ranges: bytes
Content-Length: 60833
Content-Type: image/png
www.redditstatic.com/button/button-embed.js
151.101.85.140200 OK 983 B URL HTTP/1.1 www.redditstatic.com/button/button-embed.js
IP 151.101.85.140:0
Hash 894ad3ef79db45d25e29d456dc0d4749
44560c5236cc799ab5cb2e9aa39dfe85d2d9b120
d61a96c13920a9de38d7d426dde2c890535856bda84a26845dc0272f05b33e2d
GET /button/button-embed.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.redditstatic.com/button/button1.html?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 983
Last-Modified: Wed, 22 Oct 2014 17:47:37 GMT
ETag: "f6e79e0098bfda54ca2e0e02da223645"
Expires: Thu, 31 Dec 2037 23:59:59 GMT
Content-Type: application/javascript
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 12:13:22 GMT
Vary: Accept-Encoding,Origin
Server: snooserv
Report-To: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
NEL: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
www.regionic.info/jmb/wp-content/themes/twentyten/images/wordpress.png
83.166.138.58200 OK 794 B URL HTTP/1.1 www.regionic.info/jmb/wp-content/themes/twentyten/images/wordpress.png
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash f51375d00e7d0a70c801c6256d432d3b
313aff1fffa73433673203db25ff4154d07511e2
61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51
GET /jmb/wp-content/themes/twentyten/images/wordpress.png HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/wp-content/themes/twentyten/style.css
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:13:22 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:18:20 GMT
ETag: "31a-52d39c977a300"
Accept-Ranges: bytes
Content-Length: 794
Content-Type: image/png
connect.facebook.net/fr_FR/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/fr_FR/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 09844e5942e54ef8bac308d2e9b4775a
56c4ea413d7819c245c2e27f17621661fdd00a4f
e040e381ae3a494efd98bf0273592c312a3979fd4fa2e1bb88d030cc4e12cf77
GET /fr_FR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 1e54cd6b5d7d4a255cee2a4570f371d6
ETag: "bb86a949c8facc29cf78a270916adc8a"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Tue, 04 Oct 2022 12:30:07 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: CYROWULlTvi6wwjS6bR3Wg==
X-FB-Debug: yojnjDOs0jlNyhCZIQ895u6ldSRxpWdOdCXmf/vsw1njlzkkzou5kIv/vx4BgoAYQSOj9RHbJ9N8XgDF7kDc9Q==
X-FB-TRIP-ID: 1904183273
Date: Tue, 04 Oct 2022 12:13:22 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1686
assets.pinterest.com/js/pinit.js
151.101.84.84200 OK 290 B URL HTTP/1.1 assets.pinterest.com/js/pinit.js
IP 151.101.84.84:0
File type ASCII text, with very long lines (361), with no line terminators
Hash 82bfd941d2c9b3b9e0650a27c9d11737
2eb742a101e79067c9df4d15b518bde85e8eeb2e
3f6e9b85ad3ee165ec6c9587d98d2a43588f7ba0f63d31ad019a0d4cbfd3f3d1
GET /js/pinit.js HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 290
ETag: "82bfd941d2c9b3b9e0650a27c9d11737"
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
X-CDN: fastly
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Vary: Accept-Encoding, Origin
Cache-Control: max-age=300
date: Tue, 04 Oct 2022 12:13:22 GMT
assets.pinterest.com/images/pidgets/pin_it_button.png
151.101.84.84200 OK 909 B URL HTTP/2 assets.pinterest.com/images/pidgets/pin_it_button.png
IP 151.101.84.84:0
File type PNG image data, 40 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash cf5ce2d2dcfa060f6032b0af60d45aa2
7a2370ff54f007a20d64d57c9547736136612869
f942d5999c18b372d0c74273c936fce1723b0761e67d56dfa80abac87eff864e
GET /images/pidgets/pin_it_button.png HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "cf5ce2d2dcfa060f6032b0af60d45aa2"
content-type: image/png
x-cdn: fastly
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Origin
cache-control: max-age=86400
date: Tue, 04 Oct 2022 12:13:22 GMT
content-length: 909
X-Firefox-Spdy: h2
buttons.reddit.com/button_info.json?jsonp=buttonEmbed.parseSubmission&url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063
151.101.85.140404 Not Found 4.6 kB URL HTTP/1.1 buttons.reddit.com/button_info.json?jsonp=buttonEmbed.parseSubmission&url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063
IP 151.101.85.140:0
Hash f8b62ac1e6dd299a983c42d2bc2eab6f
020a54776779cfe0ace833925ab0ddcbe11b0023
7438bca640b429430539a853b199ea0e9a41ec4068c29410e46636a402e38646
GET /button_info.json?jsonp=buttonEmbed.parseSubmission&url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063 HTTP/1.1
Host: buttons.reddit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.redditstatic.com/
HTTP/1.1 404 Not Found
Connection: close
Content-Length: 13
Server: Varnish
Retry-After: 0
Content-Type: text/plain
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 12:13:22 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1633-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664885602.477360,VS0,VE0
www.regionic.info/favicon.ico
83.166.138.58404 Not Found 513 B URL HTTP/1.1 www.regionic.info/favicon.ico
IP 83.166.138.58:0
ASN #29222 Infomaniak Network SA
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash e0640c95d0fc6b7a735a5d2baf676660
e6d90be255108401c93d14421bc8a4d29112b52f
b01e87d193e77bc8cde43397dfb7892b153ce6aab744f4bc6406d854c97e6265
GET /favicon.ico HTTP/1.1
Host: www.regionic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063
HTTP/1.1 404 Not Found
Date: Tue, 04 Oct 2022 12:13:22 GMT
Server: Apache
Last-Modified: Wed, 18 Apr 2007 14:03:27 GMT
ETag: "201-42e638ce069c0;5c39cb01f3d05
Accept-Ranges: bytes
Content-Length: 513
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a068d9fec672f97ef7d20969d5925877
e921c48a1686bb8157c902d76a08c5b55507505d
954a24ce791bcf1686f2077da5f25015a3298a838035ffc8322282b213553592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.tumblr.com/v1/share_2.png
74.114.154.15302 Moved Temporarily 142 B URL HTTP/1.1 platform.tumblr.com/v1/share_2.png
IP 74.114.154.15:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /v1/share_2.png HTTP/1.1
Host: platform.tumblr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Tue, 04 Oct 2022 12:13:22 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://platform.tumblr.com/v1/share_2.png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5764
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:13:22 GMT
Connection: keep-alive
platform.twitter.com/widgets.js
151.101.84.157200 OK 29 kB URL HTTP/2 platform.twitter.com/widgets.js
IP 151.101.84.157:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash e14c76a2eab620fda0ad73aa2a3ebc03
1da8baee6c0987e8232b129daeab14adfd379592
7873fecf29f91e4b8e81051e29da6ef51c27aae9ca1c1adc85b55903372a60dd
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 20:05:37 GMT
cache-control: public, max-age=1800
content-type: application/javascript; charset=utf-8
etag: "f26384f93da6974ed577808dfa1fede5+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:22 GMT
x-served-by: cache-iad-kcgs7200070-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 29223
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.pinterest.com/js/pinit_main.js?0.4612080263702357
151.101.84.84200 OK 19 kB URL HTTP/2 assets.pinterest.com/js/pinit_main.js?0.4612080263702357
IP 151.101.84.84:0
File type Unicode text, UTF-8 text, with very long lines (32016)
Hash 3725764cf05d1a0938de73d398772331
abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
GET /js/pinit_main.js?0.4612080263702357 HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
content-type: application/javascript; charset=utf-8
x-cdn: fastly
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Tue, 04 Oct 2022 12:13:22 GMT
content-length: 18679
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 49443
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 51396
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 51448
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32132)
Hash 19367efa6245eafdd8c6111a367da696
901ec681692d88afa09c28cee299ba120ca33a8b
cb11ee5a06892d5ffea634705118e1cc48f276c6d18fa20605c9bf5b9c33dc32
GET /ajax/libs/jquery/1.9.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33140
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 13:16:55 GMT
expires: Mon, 02 Oct 2023 13:16:55 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 168987
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5764
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:13:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5764
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:13:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e89969841b429e3ca44b320d17ea98a
30486a886b793ad5431b73d983d091487e5709c6
2d08365a447343168153cf1178b3b847377c2923bce06d9f6485ad08d3a06d34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 74
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:13:22 GMT
Last-Modified: Tue, 04 Oct 2022 12:12:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 63afa079-f66e-428a-b491-c5859aed2e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJFU9EknoAMF1uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63338285-54f784262318d7ca0e560d44;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 23:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GWTKxBPZnk_dqf9onY05WB16ubdsa93FcrjpqVxBrqBbCZXLSk_HHg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 14:41:51 GMT
age: 77491
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7H1QKlOtoBoVz93G5lddxHSGiTjtMnHJCZX5FhwqhNPkspslaDoFQA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 51381
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/fr_FR/sdk.js?hash=9ffc0c7eccd30a15a9930c39feb44963
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/fr_FR/sdk.js?hash=9ffc0c7eccd30a15a9930c39feb44963
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash f9e1cbb25e4189e15e0a3c7f3ce9df4e
3b4c796f693b4d15c258f3d5498875253f8f3f8d
fc2d048ec295a50a8e5e446e5dbd9d0fb952cfb324c6171ce1af33a4ee87fbf2
GET /fr_FR/sdk.js?hash=9ffc0c7eccd30a15a9930c39feb44963 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.regionic.info
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 24c6571362c696e52f245b20f99afbec
etag: "c938dc776c59dfee149b98090d3467f0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 04 Oct 2023 10:33:50 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: +eHLsl5BieFeCjx/POnfTg==
x-fb-debug: EXj2XmCj9hxj2rTzfW/yVLPvYCgBShe/SjerHU/OWT02hAj068/EbHXaLxHWqV/CvXbMKD7hx9PpRBOcerGD0g==
content-length: 86993
x-fb-trip-id: 1904183273
date: Tue, 04 Oct 2022 12:13:22 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e89969841b429e3ca44b320d17ea98a
30486a886b793ad5431b73d983d091487e5709c6
2d08365a447343168153cf1178b3b847377c2923bce06d9f6485ad08d3a06d34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 74
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:13:22 GMT
Last-Modified: Tue, 04 Oct 2022 12:12:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a7b92212ae4106a9ed5d5e1799853f2
c1fef7d0e5389a9dc047bb1ff0bd7f923cf83d97
ba1b8ae206d40083e34aeb116ac4356070aa12bc09e051765154e8a1648fe2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
developers.google.com/
142.250.74.14301 Moved Permanently 0 B IP 142.250.74.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.regionic.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: 85fe059b139fcbd1c0c11eabf5b7bb05
Date: Tue, 04 Oct 2022 12:13:22 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/plusone.js
142.250.74.174200 OK 312 B URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
Hash 69adac12c237527985a73c87c9c07127
8053961ae76209827afdea417a1813529a92f339
d49f10e7e79e0adc565720425ed87e4e1f400619778012d4f010c45f45548f1a
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Tue, 04 Oct 2022 12:13:22 GMT
expires: Tue, 04 Oct 2022 12:13:22 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5f35d22782378ad2"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.regionic.info&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
216.58.207.237200 OK 4.7 kB URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.regionic.info&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2267)
Hash da1bf8c5e55834b47f6e62fd99dc2528
0eaf51a63be149ce62783239e237c13b54c816ec
6c6c2c26e4c2d4700306a3d71ee0502a2ac7236a79b38d52b516ee381a34324a
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.regionic.info&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 12:13:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-BLqfEJWAoxYbwrGzHw2N4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&callback=PIN_1664885602157.f.callback[0]
151.101.84.84200 OK 450 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&callback=PIN_1664885602157.f.callback[0]
IP 151.101.84.84:0
File type ASCII text, with no line terminators
Hash cdbf88e194c26e2edcc7319ba77d5c52
bb752c83aa4b000f9c15eea0f47f732a3e48fd6d
0c23162ad1c5d005979538483127a6f38fa4dc39f636d6cda978f278f4231989
GET /v1/urls/count.json?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&callback=PIN_1664885602157.f.callback[0] HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Tue, 04 Oct 2022 12:28:22 GMT
x-envoy-upstream-service-time: 4
x-pinterest-rid: 9980521573826138
date: Tue, 04 Oct 2022 12:13:22 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
151.101.84.157200 OK 2.4 kB URL HTTP/2 platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (7017), with no line terminators
Hash dd0db11eb64751c6c3b8cecfb5b77f2f
b79a753d0bc720adbbd9f566f11764dd0e1cbe2c
c80ffb7bf5d6d523bd483d7eeba3b3334d25ee8d66ddba80eaf448d07da2e2ff
GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 20:04:20 GMT
cache-control: public, max-age=315360000
content-type: application/javascript; charset=utf-8
etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:23 GMT
x-served-by: cache-iad-kcgs7200178-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 2362
X-Firefox-Spdy: h2
platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.fr.html
151.101.84.157200 OK 14 kB URL HTTP/2 platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.fr.html
IP 151.101.84.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32033)
Hash 0ed523ddddeab94b38bcdac0daa43c17
ac718c642c722aeae472780ec7d3530e71860296
2a0c8e770237bb57c3fc69d35aca57e5a6954a0f44f5d15b27d16fff942db6e4
GET /widgets/tweet_button.7dae38096d06923d683a2a807172322a.fr.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 20:04:24 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "4abc5d81b356cf1d001fb3645cc09ccc+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:23 GMT
x-served-by: cache-iad-kiad7000073-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 13993
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22fr%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664885602821%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=863ab95f098138407225788d2649f2fd191b1d97
104.244.42.72200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22fr%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664885602821%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=863ab95f098138407225788d2649f2fd191b1d97
IP 104.244.42.72:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22fr%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664885602821%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=863ab95f098138407225788d2649f2fd191b1d97 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:13:22 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Tue, 04 Oct 2022 12:13:23 GMT
content-length: 43
x-transaction-id: 8286cd9ee7b849cd
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: 465eb6cc1f37bf0283387190bb83626f1325491180dee611bf31e5f2aae7bc47
X-Firefox-Spdy: h2
log.pinterest.com/?type=pidget&guid=S_Y82YV4kqXq&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&viaSrc=canonical
151.101.84.84200 OK 0 B URL HTTP/2 log.pinterest.com/?type=pidget&guid=S_Y82YV4kqXq&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&viaSrc=canonical
IP 151.101.84.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=pidget&guid=S_Y82YV4kqXq&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&viaSrc=canonical HTTP/1.1
Host: log.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 2
server: envoy
x-pinterest-rid: 1195568221107864
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664885604.676419,VS0,VE94
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/v2.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df85d1e2259fe2%26domain%3Dwww.regionic.info%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.regionic.info%252Ffb71bc2bcfbdc8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&layout=button_count&locale=fr_FR&sdk=joey&share=true&width=100
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/v2.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df85d1e2259fe2%26domain%3Dwww.regionic.info%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.regionic.info%252Ffb71bc2bcfbdc8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&layout=button_count&locale=fr_FR&sdk=joey&share=true&width=100
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df85d1e2259fe2%26domain%3Dwww.regionic.info%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.regionic.info%252Ffb71bc2bcfbdc8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&layout=button_count&locale=fr_FR&sdk=joey&share=true&width=100 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: t7PPwUjHUrcHvHaV2Ht5lz0im6kWH+vZ3LntdCCp38JBmspoBlZcFtDtBD3dD3b8ZhknMklzdf6cDzV7vAiYkg==
content-length: 0
date: Tue, 04 Oct 2022 12:13:25 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hyvesgames.nl/forwarded
104.21.86.44301 Moved Permanently 0 B IP 104.21.86.44:0
GET /forwarded HTTP/1.1
Host: hyvesgames.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 04 Oct 2022 12:13:22 GMT
content-type: text/html; charset=iso-8859-1
location: https://hyvesgames.nl/forwarded/
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3LDv0qo4KwyolGTPTk6G4sWhEFx1zZt%2FSqfeoaLDFoddBHF5azHa%2Fp4aFwwCrUKIhEy9OZBomlBQT9C25PStHATpa2X4nhxYPa2X37lrlLcwCNGlm%2B5zqIVHiN2nl8U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dd4c69e3eb4f7-OSL
X-Firefox-Spdy: h2
developers.google.com/
142.250.74.14200 OK 0 B IP 142.250.74.14:0
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 21:43:21 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.3143803857.1664885604; Expires=Thu, 03 Oct 2024 12:13:24 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-TqEruM3meIpei5JAyqXUsLRK1vfs4u' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 78bd99d8518695da4b40865f0cadcebf
vary: Accept-Encoding
date: Tue, 04 Oct 2022 12:13:24 GMT
server: Google Frontend
content-length: 21644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fwww.regionic.info
151.101.84.157200 OK 0 B URL HTTP/2 platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fwww.regionic.info
IP 151.101.84.157:0
GET /widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fwww.regionic.info HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 20:04:27 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:22 GMT
x-served-by: cache-iad-kcgs7200106-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105445
X-Firefox-Spdy: h2
www.stumbleupon.com/hostedbadge.php?s=1&r=http://www.regionic.info/jmb/?p=212063
76.76.21.61404 Not Found 0 B URL HTTP/2 www.stumbleupon.com/hostedbadge.php?s=1&r=http://www.regionic.info/jmb/?p=212063
IP 76.76.21.61:0
GET /hostedbadge.php?s=1&r=http://www.regionic.info/jmb/?p=212063 HTTP/1.1
Host: www.stumbleupon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
age: 94395
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="404"
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 04 Oct 2022 12:13:20 GMT
etag: W/"1a30bd62d0e7d6b9c85d90d076391f09"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /404
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::jg7gs-1664885600507-8fa9584087ee
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
172.64.156.26200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 172.64.156.26:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://button.buffer.com
Connection: keep-alive
Referer: https://button.buffer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:13:22 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dd4c70c300b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.buffer.com/js/button.js
104.16.140.52200 OK 0 B URL HTTP/2 static.buffer.com/js/button.js
IP 104.16.140.52:0
GET /js/button.js HTTP/1.1
Host: static.buffer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:13:20 GMT
content-type: text/javascript
x-amz-id-2: Ez4lz1aR1yMYZHegBAJ5vo0CmbjWEJDT1L7iuTPXlEI15UkH8cOSAh+JlIzIVKpOc5SOw7ZdQLw=
x-amz-request-id: PR1Y3NMPESV3ARMJ
last-modified: Sat, 01 Apr 2017 01:06:37 GMT
etag: W/"c8686dc19498aa717127b1d47a53a912"
cf-cache-status: HIT
age: 2011
expires: Tue, 04 Oct 2022 16:13:20 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=ONSoTbbctlIArJHL1GFrSxqPPmAn1R4oa_bs1hqBcvw-1664885600-0-AWGO3QIwgC91qk+jSrqH+Z2TqoiFKCFjhTVtPcILvQKXG0LCc1Z3mDT+gzF6WCoZcLU5m2zX/JOfPOe2MiOFqg4=; path=/; expires=Tue, 04-Oct-22 12:43:20 GMT; domain=.buffer.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754dd4bb5cd9b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hyvesgames.nl/forwarded/
104.21.86.44200 OK 0 B IP 104.21.86.44:0
GET /forwarded/ HTTP/1.1
Host: hyvesgames.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:13:22 GMT
content-type: text/html
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
last-modified: Fri, 30 Sep 2022 12:23:14 GMT
vary: Accept-Encoding
p3p: CP="IDC DSP DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS UNI NAV INT PRE", CP="NOI DSP COR NID PSA ADM OUR IND NAV COM"
content-security-policy: sandbox allow-same-origin allow-scripts allow-orientation-lock allow-pointer-lock allow-forms allow-popups allow-top-navigation-by-user-activation;
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRCFIpPUQDrBEZlhcOfcuTxBeXpj7r4%2BhRweyUs1DlXef0e1wDrsDLBy0fTNxfcKSl7bIG5yAur4j7si%2BK2tNX8kQ9J6y1iEeuG6vVXR6yfQYvj%2FIBOUG7gAPINDpJWp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dd4c70f36b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2