| deperfectemens.be/xm0278vlx.rar | 62.213.218.3 | 301 Moved Permanently | 0 B |
URL HTTP/1.1deperfectemens.be/xm0278vlx.rar IP62.213.218.3:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /xm0278vlx.rar HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://deperfectemens.be/xm0278vlx.rar
|
|
| firefox.settings.services.mozilla.com/v1/ | 54.230.111.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP54.230.111.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash3f17af4e8a1739eda4a518039f4892f9 c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 12 Oct 2022 11:21:36 GMT
Expires: Wed, 12 Oct 2022 11:32:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cfVmMgZAn0vIn3pcaH0gxQyve7xXDuG_9-TSKUD_sboSBDbPTngBmQ==
Age: 2113
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashef6d323da0ad155f526b4a57c2e46ccc 71686b19b3ca049b9b66f8740284c552a3f61a20 99e2f56075a08f133a9d1d0122ab9ef2d9eaa61e18f46994e52e21a8a53203f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99E2F56075A08F133A9D1D0122AB9EF2D9EAA61E18F46994E52E21A8A53203F3"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19603
Expires: Wed, 12 Oct 2022 17:23:32 GMT
Date: Wed, 12 Oct 2022 11:56:49 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashcf115053c2c98937c2d3c1bba367d815 dfcf225bde5123f0476e6b319823136fa77537f6 e5748cb4844096548cf4c2d8d5bee9e245035c4632ae1a59bfd3b2d99bd4cd9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5748CB4844096548CF4C2D8D5BEE9E245035C4632AE1A59BFD3B2D99BD4CD9B"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Wed, 12 Oct 2022 12:34:46 GMT
Date: Wed, 12 Oct 2022 11:56:49 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kaw0Iktli79YHDAEnufVqtVUa5FFOQB6lZafQv1gT8BQ60aHIgQ43lVNp1Dfi2esVgZixgNorL4=
x-amz-request-id: PAV5WBH3ZSVX80KR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 12 Oct 2022 11:33:19 GMT
age: 1410
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 11:56:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash123e72c39feffdbd789fae20571ce64e d4aa7fe5656ff1c75a3bdd954a02d6d7088e5046 e1448dcebf57ca93b50aba7618f62665ed7cdb92d57e25896568ffb2ca33f58e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1448DCEBF57CA93B50ABA7618F62665ED7CDB92D57E25896568FFB2CA33F58E"
Last-Modified: Tue, 11 Oct 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Wed, 12 Oct 2022 17:56:24 GMT
Date: Wed, 12 Oct 2022 11:56:49 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 54.230.111.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP54.230.111.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 12 Oct 2022 11:29:41 GMT
Cache-Control: max-age=3600
Expires: Wed, 12 Oct 2022 11:44:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8tVygbcDu5Ppw8gf2oEmyb8RZ4seMN-Q5uEqxUDl4yUSHXZPC4XcXg==
Age: 1628
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash63604bda613d148120c491e2f095255f 0fc63ecaff8a0f36dc2a82f3fb187725d0064d69 8478a84e8513fb9afb0d1c369b668bd37ca98943a624ac3a3a69165536bd1748
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5286
Cache-Control: max-age=164285
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Etag: "63467599-1d7"
Expires: Fri, 14 Oct 2022 09:34:55 GMT
Last-Modified: Wed, 12 Oct 2022 08:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
|
|
| deperfectemens.be/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7 | 62.213.218.3 | 200 OK | 12 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7 IP62.213.218.3:0
File typeASCII text, with very long lines (65371) Hashd12aeeb7bb447933596a67caa448af0b 479285d946526cf0d71dc072dd1f7fe2aa6ac137 1f1ad0763720b9917df234222a6c45fe670554960a7b27a0f0d6ad22607a9800
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Mon, 20 Jun 2022 12:14:42 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 11776
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 | 62.213.218.3 | 200 OK | 972 B |
URL HTTP/2deperfectemens.be/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 IP62.213.218.3:0
Hash8bf268dfcca7cb20719b7ea14373ef4a 58bd839bbf0e8cc082f0a488b538b4ec71bebd2e eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Thu, 01 Sep 2022 12:18:52 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 972
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/style-wpzoom-social-icons.css?ver=4.2.8 | 62.213.218.3 | 200 OK | 864 B |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/style-wpzoom-social-icons.css?ver=4.2.8 IP62.213.218.3:0
File typeASCII text, with very long lines (8857) Hash6fd971206f801095a69b9a4c09a4429c d009997f015c6a42dca63cafe15bc8c812d7753d 6d04b807c1816ee3f4d53f442b96b39b4a0a81b43e19c9ae7153d3e1821e87be
GET /wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/style-wpzoom-social-icons.css?ver=4.2.8 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 864
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/themes/stargazer/library/css/one-five.min.css?ver=4.0.0 | 62.213.218.3 | 200 OK | 1.6 kB |
URL HTTP/2deperfectemens.be/wp-content/themes/stargazer/library/css/one-five.min.css?ver=4.0.0 IP62.213.218.3:0
File typeASCII text, with very long lines (4639), with no line terminators Hash45ddbd12327018e947549a4651e7ec04 0b24e6ebc27beaa5b61fb7dd8e51af59b08af932 330a76edc7f9f7371646b4ec9d36db8d1d67be00f351f929ce1d38f6b9fa6f0c
GET /wp-content/themes/stargazer/library/css/one-five.min.css?ver=4.0.0 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Sat, 06 Feb 2021 14:21:27 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 1640
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 | 62.213.218.3 | 200 OK | 12 kB |
URL HTTP/2deperfectemens.be/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 IP62.213.218.3:0
File typeASCII text, with very long lines (43771) Hashe5548800176e913a9084f47a3e1e04f6 eff4604acc5c26ae82a19188de2f98bf5b79d80c a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Tue, 12 Jul 2022 20:03:09 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 11681
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/themes/stargazer/library/css/gallery.min.css?ver=4.0.0 | 62.213.218.3 | 200 OK | 753 B |
URL HTTP/2deperfectemens.be/wp-content/themes/stargazer/library/css/gallery.min.css?ver=4.0.0 IP62.213.218.3:0
File typeASCII text, with very long lines (5449), with no line terminators Hashf6fb034f230f116e472b835efe8d117a 673343108307ffaa182ee099d69c2e98d85516f7 3603bdb6618f4930b1ebd40789a4a754b4c1025b12b8aee6554258abf0a93957
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/stargazer/library/css/gallery.min.css?ver=4.0.0 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Sat, 06 Feb 2021 14:21:27 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 753
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1665144767 | 62.213.218.3 | 200 OK | 4.0 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1665144767 IP62.213.218.3:0
Hash32431d26fc7eab1ba6b3445e301bdf76 25a030a9c38baeb3c7c5b1827207dcba8052e73a e3f7b03b06cad9cb553413694033694d833ad5778bcb3b477610533321b52bcb
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1665144767 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 4049
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/themes/stargazer/css/media.min.css?ver=6.0.2 | 62.213.218.3 | 200 OK | 893 B |
URL HTTP/2deperfectemens.be/wp-content/themes/stargazer/css/media.min.css?ver=6.0.2 IP62.213.218.3:0
File typeASCII text, with very long lines (2912), with no line terminators Hash0e2d2d6a964ff43e50d64f7a56cd8825 935b8e290a03203565b96b69d0eea4dcd6c1d0b8 ff99e27ad863e6e5274d65e637b43a6d9744d08f7161aaed9628ae0391e49f31
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/stargazer/css/media.min.css?ver=6.0.2 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Sat, 06 Feb 2021 14:17:18 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 893
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/themes/stargazer/css/mediaelement.min.css?ver=6.0.2 | 62.213.218.3 | 200 OK | 3.6 kB |
URL HTTP/2deperfectemens.be/wp-content/themes/stargazer/css/mediaelement.min.css?ver=6.0.2 IP62.213.218.3:0
File typeASCII text, with very long lines (18925), with no line terminators Hashea2ac9fbd80847e6c2c297623c881d37 3cc33d44d717f6d8f03dddab5906d4e8dc8dcdcb ec10d72ce34e1768b536c2209a2873f291f0b1c502e2c8840593fb8c0caf345c
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/stargazer/css/mediaelement.min.css?ver=6.0.2 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Sat, 06 Feb 2021 14:17:19 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 3598
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/themes/stargazer/style.min.css?ver=6.0.2 | 62.213.218.3 | 200 OK | 9.7 kB |
URL HTTP/2deperfectemens.be/wp-content/themes/stargazer/style.min.css?ver=6.0.2 IP62.213.218.3:0
File typeASCII text, with very long lines (51553), with no line terminators Hash602927c4422b392c7fc4b1e90fcec0e8 358e624acac199c856ac1283610c549857ecc85a 1561afc147a703ceed3d2f758565cad64eb86da9f66abe8293fa36826cfc33ca
GET /wp-content/themes/stargazer/style.min.css?ver=6.0.2 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Sat, 06 Feb 2021 14:15:25 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 9693
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/themes/stargazer/js/stargazer.min.js | 62.213.218.3 | 200 OK | 1.2 kB |
URL HTTP/2deperfectemens.be/wp-content/themes/stargazer/js/stargazer.min.js IP62.213.218.3:0
File typeASCII text, with very long lines (3556), with no line terminators Hash3b0dd32637ea2a27a0688b5fb31822ef afc1f48ffb612e98b128d2abc4bb9749f4b5bce1 c55f5e119e1d3cf1dbccf33a4e7d1cce49978e1456490e93472f2b7f97d84ee7
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/stargazer/js/stargazer.min.js HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Mon, 30 May 2022 12:45:10 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 1238
content-type: application/javascript
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb45d7f40a93a062e11d3152f4c8cc386 118b3c9ba2d1939c87d45bc232b6833eb2190623 85f94ae27cef37d4aa23385459ae771386e0d4f2f794ccbf43174de141601b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-social-icons-styles.css?ver=1665144767 | 62.213.218.3 | 200 OK | 901 B |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-social-icons-styles.css?ver=1665144767 IP62.213.218.3:0
Hashdcaff5702f3d4dcc5066e39007b7ce8f 5b4f6fa2d9fc8ad082f5b20b8254e6026eafc97d 1018017e657b7d99841113b73cb6d1e43b538650a2d7034786a7a73184f7cd41
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-social-icons-styles.css?ver=1665144767 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 901
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.189.35.180 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.189.35.180:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BY4fxHhriNzPlFqIntbH+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 43KbSOx14JDKG19lUN9x1eZ5f+o=
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=1665144767 | 62.213.218.3 | 200 OK | 290 B |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=1665144767 IP62.213.218.3:0
Hash3108ac869e6160526e766f7888a3e652 f850c304852ab61cc105ac3566d6784c47e11bd0 cdc8252512fe47bcbd9dd1b200d94482d532455d4afd0d6c412026b078f57509
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=1665144767 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 290
content-type: application/javascript
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 | 62.213.218.3 | 200 OK | 2.9 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 IP62.213.218.3:0
File typeASCII text, with very long lines (9680), with no line terminators Hash7c2c4ebd10adb73367b5c5f0e1e5d3ce a67e4fd0e3e7452e74b22517ba924b58307d7758 5244443e699788a134cc77adfc3fd18f03386df5fe49e6c82b057387ba4d0ebd
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Thu, 01 Sep 2022 12:18:52 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 2914
content-type: application/javascript
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 | 62.213.218.3 | 200 OK | 3.9 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 IP62.213.218.3:0
File typeHTML document, ASCII text, with very long lines (12211), with no line terminators Hash7ef755c2700783f9eae63fc539149a18 e57c0c5ceb5e2fbf1aaad44aad6319f8b26b69a1 95c808afbeaf569865125c132b69df4a68bca03fd6b792d38ef9a0e341dbf06b
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Thu, 01 Sep 2022 12:18:52 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 3934
content-type: application/javascript
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 | 62.213.218.3 | 200 OK | 4.2 kB |
URL HTTP/2deperfectemens.be/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP62.213.218.3:0
File typeASCII text, with very long lines (11126) Hash5629711d7fdd5b28441bac39b851299f 4e0bf2b7383097f7c352023a1b1b1b48a50356b6 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Mon, 30 May 2022 12:21:44 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 4169
content-type: application/javascript
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7 | 62.213.218.3 | 200 OK | 6.7 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7 IP62.213.218.3:0
File typeASCII text, with very long lines (12198), with CRLF line terminators Hash4d31e2a6db5decae3878e5e721cca3d9 93a3504026153c10ebfa0fe5e888b16a37b082cc 5363e9795f8067027d5a2087c0cce9f5b48eb826bed3d18cd4d45d9269c69826
GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Mon, 20 Jun 2022 12:14:42 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 6724
content-type: application/javascript
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/uploads/2017/12/Cropped-omslagfoto.jpg | 62.213.218.3 | 200 OK | 66 kB |
URL HTTP/2deperfectemens.be/wp-content/uploads/2017/12/Cropped-omslagfoto.jpg IP62.213.218.3:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1500x521, components 1\012- data Hash6c3c511be6ca9857e3bdece42c0e5574 b7954f438769a38206a18b70d77a56e348584109 9d3a27dc115ac34bc93a357e082fc1de5eefff82b3ac19fecc81df9de0e8ab0f
GET /wp-content/uploads/2017/12/Cropped-omslagfoto.jpg HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Sat, 06 Feb 2021 14:18:05 GMT
accept-ranges: bytes
content-length: 65766
cache-control: max-age=2592000
expires: max-age=2592000, public
content-type: image/jpeg
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 | 62.213.218.3 | 200 OK | 2.6 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 IP62.213.218.3:0
File typeASCII text, with very long lines (6210), with no line terminators Hashdfcc74301f163fabd32e3256b91ba54e 3e861de3c9a7d5638eb7da2274f50274cde6cc0c 0611e07de6e96239da5373ee60ec187406e535614413b431c823fa3c21ecf8d7
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Thu, 15 Sep 2022 08:04:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 2559
content-type: application/javascript
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 | 62.213.218.3 | 200 OK | 5.0 kB |
URL HTTP/2deperfectemens.be/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP62.213.218.3:0
File typeASCII text, with very long lines (15660) Hashe6624e0b978e6ddba476be41aaaa82df 822e920d8233072110ed7c8a7f379e5b13209b18 dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Mon, 30 May 2022 12:21:43 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 5009
content-type: application/javascript
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=1665144767 | 62.213.218.3 | 200 OK | 2.0 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=1665144767 IP62.213.218.3:0
Hash72abffa60992b400674798dbc12b877e e048901603049c9f7702c82fe1bb894399eac316 e189b11451c482de961341f4bdc2974c2a5f78ec4021fbda34b4324373132e5f
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=1665144767 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 2021
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.ttf | 62.213.218.3 | 200 OK | 14 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.ttf IP62.213.218.3:0
File typeTrueType Font data, 13 tables, 1st "FFTM", 14 names, Macintosh\012- data Hash1da71229293ff0190a86b711775eed0e 59a81da68674491f6ad92cff177e3e375f897134 9f5c0497741b9fdedcb57241bded680b343d43b349343b7a31429aafd12bc7ca
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.ttf HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=0
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 13889
content-type: x-font/ttf
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome-3.min.css?ver=1665144767 | 62.213.218.3 | 200 OK | 7.1 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome-3.min.css?ver=1665144767 IP62.213.218.3:0
File typeASCII text, with very long lines (30852) Hash69c975922003bea7748a62b44c79bffe 1a0e88e1763943ba09d5cbfe43683397874da812 8b1f7a702f4f72a77863b61f80147e6245dac3612c7f74efedec5bd105acd509
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome-3.min.css?ver=1665144767 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 7057
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.woff?v=4.2.8 | 62.213.218.3 | 200 OK | 75 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.woff?v=4.2.8 IP62.213.218.3:0
File typeWeb Open Font Format, TrueType, length 74744, version 1.0\012- data Hash1d1d144b6d09f9b3866a0bf99541a086 fd4c075db8fd4ccb0ecc91c705dd0105238356da 2c5c3f5cb3a6bf68b11e59afe36cab6aa5cc3e7d9485b734cf0082fcc94f7234
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.woff?v=4.2.8 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
content-length: 74744
cache-control: max-age=0
expires: max-age=2592000, public
content-type: x-font/woff
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff?v=4.7.0 | 62.213.218.3 | 200 OK | 98 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff?v=4.7.0 IP62.213.218.3:0
File typeWeb Open Font Format, TrueType, length 98024, version 4.7\012- data Hashfee66e712a8a08eef5805a46892932ad 28b782240b3e76db824e12c02754a9731a167527 ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
content-length: 98024
cache-control: max-age=0
expires: max-age=2592000, public
content-type: x-font/woff
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.woff | 62.213.218.3 | 200 OK | 14 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.woff IP62.213.218.3:0
File typeWeb Open Font Format, TrueType, length 13988, version 0.0\012- data Hashf3f73b280148eeed102d4a6874ac7886 973bfcd63513292f1bb220c241f6dde6509f1168 970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.woff HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
content-length: 13988
cache-control: max-age=0
expires: max-age=2592000, public
content-type: x-font/woff
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.ttf?v=1.9.2 | 62.213.218.3 | 200 OK | 36 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.ttf?v=1.9.2 IP62.213.218.3:0
File typeTrueType Font data, 14 tables, 1st "FFTM", 18 names, Macintosh\012- data Hash269ea5ee0bff90a574f39fd43bbdab1b 433980ac4c67de3df3c4ac164ba1d5b5bc6071f4 eff2ea5c21ef81a1a6fb5af8e4995197e4c7b8854cabb8581673382c183251d2
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.ttf?v=1.9.2 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=0
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 35756
content-type: x-font/ttf
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 | 62.213.218.3 | 200 OK | 31 kB |
URL HTTP/2deperfectemens.be/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP62.213.218.3:0
File typeASCII text, with very long lines (65447) Hash9640915738503451aa21181699feab5b c053eaf36ef0da96619706b3abda326305063bd6 f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Mon, 30 May 2022 12:21:44 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 30908
content-type: application/javascript
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=1665144767 | 62.213.218.3 | 200 OK | 2.0 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=1665144767 IP62.213.218.3:0
Hash10266a536599bbd7d465743470b211d1 0606d1f57a3f3e5934e6866875000f08a29e86fa 6537c744be7673e55906159f899a317a6e4052c5b6e3ab07a221aa0cea306407
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=1665144767 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 1954
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-includes/css/dashicons.min.css?ver=6.0.2 | 62.213.218.3 | 200 OK | 36 kB |
URL HTTP/2deperfectemens.be/wp-includes/css/dashicons.min.css?ver=6.0.2 IP62.213.218.3:0
File typeASCII text, with very long lines (58981) Hash00492d322e5572c7abc3e8701b6c52c1 0802ac2c8280ce7c98af881b1d49ec682acbf314 8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Thu, 15 Apr 2021 08:05:34 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 35730
content-type: text/css
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0 | 62.213.218.3 | 200 OK | 77 kB |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0 IP62.213.218.3:0
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
content-length: 77160
cache-control: max-age=2592000
expires: max-age=2592000, public
content-type: application/font-woff2
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb45d7f40a93a062e11d3152f4c8cc386 118b3c9ba2d1939c87d45bc232b6833eb2190623 85f94ae27cef37d4aa23385459ae771386e0d4f2f794ccbf43174de141601b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb80441eff42b20b9def8e35c2e40efd3 f9fe84a9e292cb463f176040150eafbb68dd2e02 89bb831922fbb4b3675d0a7b109880111057574202841db3c6db5b6bdeab39b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb80441eff42b20b9def8e35c2e40efd3 f9fe84a9e292cb463f176040150eafbb68dd2e02 89bb831922fbb4b3675d0a7b109880111057574202841db3c6db5b6bdeab39b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb80441eff42b20b9def8e35c2e40efd3 f9fe84a9e292cb463f176040150eafbb68dd2e02 89bb831922fbb4b3675d0a7b109880111057574202841db3c6db5b6bdeab39b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb80441eff42b20b9def8e35c2e40efd3 f9fe84a9e292cb463f176040150eafbb68dd2e02 89bb831922fbb4b3675d0a7b109880111057574202841db3c6db5b6bdeab39b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.195 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Hash565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://deperfectemens.be
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 540839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2 | 216.58.207.195 | 200 OK | 22 kB |
URL HTTP/2fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 22476, version 1.0\012- data Hashc221fd7b9d189773de5e54745a6dc28c 9a58a6bd08f6cda6acbfaaa160375d3e1c5c93f0 aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
GET /s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://deperfectemens.be
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22476
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Oct 2022 22:34:46 GMT
expires: Wed, 11 Oct 2023 22:34:46 GMT
cache-control: public, max-age=31536000
age: 48124
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb80441eff42b20b9def8e35c2e40efd3 f9fe84a9e292cb463f176040150eafbb68dd2e02 89bb831922fbb4b3675d0a7b109880111057574202841db3c6db5b6bdeab39b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| deperfectemens.be/wp-content/uploads/2017/12/Cropped-De-Perfecte-Mens-Logo-optimized.png | 62.213.218.3 | 200 OK | 938 B |
URL HTTP/2deperfectemens.be/wp-content/uploads/2017/12/Cropped-De-Perfecte-Mens-Logo-optimized.png IP62.213.218.3:0
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data Hashbbf28836c49d4692b7d7ca2766957190 149e3b931a43815046bac9c09f9e07842438607e 94e0376e276281fc83002f5b0ad3cbd44d73bbc7c878d8bbf28ac8d6e8ab2830
GET /wp-content/uploads/2017/12/Cropped-De-Perfecte-Mens-Logo-optimized.png HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Sat, 06 Feb 2021 14:18:04 GMT
accept-ranges: bytes
content-length: 938
cache-control: max-age=2592000
expires: max-age=2592000, public
content-type: image/png
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2b9045885902afb286eef41988716895 550fd256897d4f483d00768972f56cd8c35e09e8 c3a8ae68f7eece41a71cd344042b97c99a12c61c5a40b29117fc3f6a8aa9eabd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 541
Cache-Control: max-age=106965
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Etag: "6345a83a-1d7"
Expires: Thu, 13 Oct 2022 17:39:35 GMT
Last-Modified: Tue, 11 Oct 2022 17:30:34 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbefa75dbbe9d5dfa501f9c1f03b7cdfa 73814c47bdcd6bebffc963b71d0a20fb361fad50 76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| connect.facebook.net/en_US/fbevents.js | 31.13.72.12 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hasha9ad5753ede070d9714e44959df5724b ae219b57300e7627b4f7b7d1c9ce4de446d74fb0 1d7b4938150847b5ee591c09c23c44b440ec7cbdb0be5f18575a288a879d48c3
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 7WnvXVD3Xg+xQDKguvWpYOPfHOwBcZ363agRZ76eKHHiO3ks4/CcNOUNjIpEPrwLoPY6JaQVNF+2++zgAR8h9w==
content-length: 26852
x-fb-trip-id: 1904183273
date: Wed, 12 Oct 2022 11:56:50 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| google-analytics.com/analytics.js | 216.58.211.4 | 200 OK | 20 kB |
URL HTTP/2google-analytics.com/analytics.js IP216.58.211.4:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 12 Oct 2022 11:21:53 GMT
expires: Wed, 12 Oct 2022 13:21:53 GMT
cache-control: public, max-age=7200
age: 2097
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2b9045885902afb286eef41988716895 550fd256897d4f483d00768972f56cd8c35e09e8 c3a8ae68f7eece41a71cd344042b97c99a12c61c5a40b29117fc3f6a8aa9eabd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 541
Cache-Control: max-age=106965
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Etag: "6345a83a-1d7"
Expires: Thu, 13 Oct 2022 17:39:35 GMT
Last-Modified: Tue, 11 Oct 2022 17:30:34 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbefa75dbbe9d5dfa501f9c1f03b7cdfa 73814c47bdcd6bebffc963b71d0a20fb361fad50 76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/j/collect?v=1&_v=j98&a=580236688&t=pageview&_s=1&dl=https%3A%2F%2Fdeperfectemens.be%2Fxm0278vlx.rar&ul=en-us&de=UTF-8&dt=404%20Not%20Found%20%E2%80%93%20De%20Perfecte%20Mens&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=490496782&gjid=862532471&cid=2092180505.1665575811&tid=UA-98336789-1&_gid=1142066016.1665575811&_r=1&_slc=1&z=479827707 | 142.250.74.174 | 200 OK | 4 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j98&a=580236688&t=pageview&_s=1&dl=https%3A%2F%2Fdeperfectemens.be%2Fxm0278vlx.rar&ul=en-us&de=UTF-8&dt=404%20Not%20Found%20%E2%80%93%20De%20Perfecte%20Mens&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=490496782&gjid=862532471&cid=2092180505.1665575811&tid=UA-98336789-1&_gid=1142066016.1665575811&_r=1&_slc=1&z=479827707 IP142.250.74.174:0
File typeASCII text, with no line terminators Hash9e92e190700c1af4539b40c2171320a9 209bcdb79e6067b51091ce8586d4b977f25b67d8 aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=580236688&t=pageview&_s=1&dl=https%3A%2F%2Fdeperfectemens.be%2Fxm0278vlx.rar&ul=en-us&de=UTF-8&dt=404%20Not%20Found%20%E2%80%93%20De%20Perfecte%20Mens&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=490496782&gjid=862532471&cid=2092180505.1665575811&tid=UA-98336789-1&_gid=1142066016.1665575811&_r=1&_slc=1&z=479827707 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://deperfectemens.be
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://deperfectemens.be
date: Wed, 12 Oct 2022 11:56:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.118 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.118:0
Hash4c14f437aa2cb85a8638df7e78738eb0 b711dd6e3ad23319b451861c1ec1304b43d0dd53 b61ba6cd3882ebeb8058fc45716df4c8384054c6555260d81ab6053430aa4e67
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108308
Date: Wed, 12 Oct 2022 11:56:50 GMT
Etag: "6345a424-1d7"
Expires: Thu, 13 Oct 2022 18:01:58 GMT
Last-Modified: Tue, 11 Oct 2022 17:13:08 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Tojwx2x2MyMQ4l0dgvkuo0MedY3SHAWG2wLvBonrJRET_ucKK9v-6w==
Age: 2930
|
|
| l.sharethis.com/pview?event=pview&hostname=deperfectemens.be&location=%2Fxm0278vlx.rar&product=ga&url=https%3A%2F%2Fdeperfectemens.be%2Fxm0278vlx.rar&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=404%20Not%20Found%20%E2%80%93%20De%20Perfecte%20Mens&cms=unknown&publisher=598079c70daf8f0011f8ce71&sop=true&version=st_sop.js&lang=en | 18.194.87.237 | 204 No Content | 0 B |
URL HTTP/1.1l.sharethis.com/pview?event=pview&hostname=deperfectemens.be&location=%2Fxm0278vlx.rar&product=ga&url=https%3A%2F%2Fdeperfectemens.be%2Fxm0278vlx.rar&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=404%20Not%20Found%20%E2%80%93%20De%20Perfecte%20Mens&cms=unknown&publisher=598079c70daf8f0011f8ce71&sop=true&version=st_sop.js&lang=en IP18.194.87.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=deperfectemens.be&location=%2Fxm0278vlx.rar&product=ga&url=https%3A%2F%2Fdeperfectemens.be%2Fxm0278vlx.rar&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=404%20Not%20Found%20%E2%80%93%20De%20Perfecte%20Mens&cms=unknown&publisher=598079c70daf8f0011f8ce71&sop=true&version=st_sop.js&lang=en HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deperfectemens.be
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://deperfectemens.be
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 12 Oct 2022 11:56:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
|
|
| www.facebook.com/tr/?id=144903222819005&ev=PageView&dl=https%3A%2F%2Fdeperfectemens.be%2Fxm0278vlx.rar&rl=&if=false&ts=1665575810872&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665575810871.431744295&it=1665575810710&coo=false&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=144903222819005&ev=PageView&dl=https%3A%2F%2Fdeperfectemens.be%2Fxm0278vlx.rar&rl=&if=false&ts=1665575810872&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665575810871.431744295&it=1665575810710&coo=false&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=144903222819005&ev=PageView&dl=https%3A%2F%2Fdeperfectemens.be%2Fxm0278vlx.rar&rl=&if=false&ts=1665575810872&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665575810871.431744295&it=1665575810710&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 12 Oct 2022 11:56:50 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashb328dd45b340d747021ad1da23ede95d 92811e18e93271b7b7fc75b2e0ff9d3617f0417e 8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-98336789-1&cid=2092180505.1665575811&jid=490496782&gjid=862532471&_gid=1142066016.1665575811&_u=IEBAAEAAAAAAACAAI~&z=547037537 | 173.194.73.155 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-98336789-1&cid=2092180505.1665575811&jid=490496782&gjid=862532471&_gid=1142066016.1665575811&_u=IEBAAEAAAAAAACAAI~&z=547037537 IP173.194.73.155:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-98336789-1&cid=2092180505.1665575811&jid=490496782&gjid=862532471&_gid=1142066016.1665575811&_u=IEBAAEAAAAAAACAAI~&z=547037537 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://deperfectemens.be
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://deperfectemens.be
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Oct 2022 11:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashec8c3be288c030a2f21f77da38609a2c 5dce231ac91002054bbdbc6b19f6d1aa0d6c32bc fa3abfefbd26a9339066ee03360614fc68312aefd2aa7e47e291589f426a7265
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashb328dd45b340d747021ad1da23ede95d 92811e18e93271b7b7fc75b2e0ff9d3617f0417e 8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5d0a0ed90364e0eea045f6e6cbc6521d f76cac3b64a0310a0f5dc859cd2310802c024426 26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-98336789-1&cid=2092180505.1665575811&jid=490496782&_u=IEBAAEAAAAAAACAAI~&z=1912364659 | 142.250.74.164 | 200 OK | 42 B |
URL HTTP/2www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-98336789-1&cid=2092180505.1665575811&jid=490496782&_u=IEBAAEAAAAAAACAAI~&z=1912364659 IP142.250.74.164:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-98336789-1&cid=2092180505.1665575811&jid=490496782&_u=IEBAAEAAAAAAACAAI~&z=1912364659 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 11:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| buttons-config.sharethis.com/js/598079c70daf8f0011f8ce71.js | 54.230.111.126 | 200 OK | 30 B |
URL HTTP/2buttons-config.sharethis.com/js/598079c70daf8f0011f8ce71.js IP54.230.111.126:0
File typeASCII text, with no line terminators Hashe6e1643313740711175f51662a65b42f c3fc7a03fea3138a1497dab12d5b4e40fd4aeaef 2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
GET /js/598079c70daf8f0011f8ce71.js HTTP/1.1
Host: buttons-config.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 30
date: Wed, 12 Oct 2022 11:56:52 GMT
last-modified: Tue, 01 Aug 2017 12:53:29 GMT
etag: "e6e1643313740711175f51662a65b42f"
cache-control: max-age=60,public
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nkJ2lGATEeFF-218CJLkKPSJ_c9SzYxTpYp4b_q-hQOYVfT2Oj8nrg==
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-98336789-1&cid=2092180505.1665575811&jid=490496782&_u=IEBAAEAAAAAAACAAI~&z=1912364659 | 142.250.74.3 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-98336789-1&cid=2092180505.1665575811&jid=490496782&_u=IEBAAEAAAAAAACAAI~&z=1912364659 IP142.250.74.3:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-98336789-1&cid=2092180505.1665575811&jid=490496782&_u=IEBAAEAAAAAAACAAI~&z=1912364659 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 11:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5d0a0ed90364e0eea045f6e6cbc6521d f76cac3b64a0310a0f5dc859cd2310802c024426 26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb8e058c50dbe0871b6ccde4ed4cc8785 06b0c34d584624df99282c1fff1d766b9ed00e64 3319073b74402c41450cc9ca2162140dbe8b231db146cf8e77cb0b43fa461b4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 11:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf97cde01f1afd5ed30319169445ec773 1cb25a8da62cdf1f9ab1b2b35d03163037691b33 1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17792
Expires: Wed, 12 Oct 2022 16:53:23 GMT
Date: Wed, 12 Oct 2022 11:56:51 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf97cde01f1afd5ed30319169445ec773 1cb25a8da62cdf1f9ab1b2b35d03163037691b33 1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17792
Expires: Wed, 12 Oct 2022 16:53:23 GMT
Date: Wed, 12 Oct 2022 11:56:51 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf97cde01f1afd5ed30319169445ec773 1cb25a8da62cdf1f9ab1b2b35d03163037691b33 1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17792
Expires: Wed, 12 Oct 2022 16:53:23 GMT
Date: Wed, 12 Oct 2022 11:56:51 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2b15495e3e13c06fd0d67523870405ed 3cb8b43735e86c93733affa10818c47693c80fce f65edddef18295076f79a48e9a6c95d07ed244a2ae618cb4229b6c1bd434cd57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12187
x-amzn-requestid: e0271885-6c76-4a8c-98a2-4df8ee86a688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZzuA_FmaoAMF3AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344906c-6fe5dce86e61bd8027759559;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:36:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ROEKJli245ZEsFkeeHB5X8rleZ5J_guNsrNe50nMZIQO-KFzJsk7Kw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 04:00:27 GMT
age: 28584
etag: "3cb8b43735e86c93733affa10818c47693c80fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4f78379e6bde371b492c950402bcc39e 53a7502d8932c515aa09055c5cf8f2d2242e4398 241016bbd3cebc009f63dff2773c1c7fdb68fa941ab62b368d5e023b9155fa37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5252
x-amzn-requestid: b4ef9c4f-7ca4-42c9-a928-b0b8aa3cc695
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BUaEtBoAMF8Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e282-455619be605fa91977c66df7;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:39:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u8SRxkVzSO3pnQB_FibQBfwzvJ2uiT9YQzQI4_ZVMxgdED9Zsir8qQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:09:04 GMT
age: 49667
etag: "53a7502d8932c515aa09055c5cf8f2d2242e4398"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb346a582-22c0-4785-8cff-aa89fd5eefb6.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb346a582-22c0-4785-8cff-aa89fd5eefb6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf42ff23003d006daab01a5317a8231a7 918aac143d82bf543ee326bd26a7c256ffb2d7de f3d97dd5f258fa504cd4e2274e702126f521e11a903cb23974809563b6f0e9cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb346a582-22c0-4785-8cff-aa89fd5eefb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11116
x-amzn-requestid: 56e8fcb1-77ce-4b86-bc89-d0c68d564539
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3AkiGkvoAMFmiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e150-1c5c41db4c614cd766b82ef4;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:34:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0fGlW3iuuVzY6_VMl3MpX9PoqzpY-CoNPlJey79E9_NQXkLj3crcVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:58:41 GMT
age: 50290
etag: "918aac143d82bf543ee326bd26a7c256ffb2d7de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha262392688d01838edbe02f500679711 f9be0ceee7f5b14e1f17ab938596977cde016e63 f1555b8b9f4363bdae50d426e8601ff5d3d07605259c2e289006e16a10f4b5fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9359
x-amzn-requestid: adbd5dff-817b-4fa1-b935-300d7ebb0f3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BPxHtuIAMF5jg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e264-1950f5c44861d16c43b2a71c;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q5RFd5vuloivw1efJ1SlJn1CbJM-4F3zSzeV0b8iodCgy4pG8WcsHQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:48:25 GMT
age: 50906
etag: "f9be0ceee7f5b14e1f17ab938596977cde016e63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F637b45e2-fd12-4472-b5d2-eb8ef3a57f1f.jpeg | 34.120.237.76 | 200 OK | 3.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F637b45e2-fd12-4472-b5d2-eb8ef3a57f1f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashbbd344ccb235ebd609f2516f24227dfd a494be7ce790c6f4079cb0edf4d12baba71d8cac cd040d7878d316d9929ec08655c6ea30994d363edd8c3f5111b9e2407d079be2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F637b45e2-fd12-4472-b5d2-eb8ef3a57f1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3881
x-amzn-requestid: cf010a67-b76d-4205-9d51-011517870cd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjAd9GAToAMFStQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633de125-6ceb184864e024315f549694;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 19:55:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -vwe55f4lxfA5ipkR22Jzfkbxjk519WIRpusqEe2sPSaN4PsH-bHVA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 05:23:53 GMT
age: 23578
etag: "a494be7ce790c6f4079cb0edf4d12baba71d8cac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd31330d47548d966e50813d7e2253551 ec0a371cca2d4e43f3375dd6b699478c5af62884 309f2cf9ccd62d5c2fd8713836b602317875f4273ef560f3bf3d681aa868b9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9325
x-amzn-requestid: 6a0388e5-97d6-42f4-b54d-a3f4826f2293
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxMaDE2JoAMFieg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63438dd9-76ff69230ce03c033b35a4c4;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 03:13:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oUdj3LVRzke7i9j4pQRCGqss6LC-l1Qf4gvtAnrM9ZH1Bzu6Adezuw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 04:22:04 GMT
age: 27287
etag: "ec0a371cca2d4e43f3375dd6b699478c5af62884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74c4905d-ef25-43db-8882-67009cd34f1a.jpeg | 34.120.237.76 | 200 OK | 4.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74c4905d-ef25-43db-8882-67009cd34f1a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasheda06240feabfa1b019765fe963c2d9c 3bbdd5560213e9b49ab7c079c5f2549d68890720 cd3724bfc1355b419c46df1259bfa40b4b4517a81bd45a4392d34e22c14a3d6e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74c4905d-ef25-43db-8882-67009cd34f1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3985
x-amzn-requestid: 6da73a65-c346-4040-9a03-63d5d6845adf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z1Cr1HeVoAMFubg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634517e5-34af0c8d6dc8218963b7319c;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 07:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LAjdvQ29NhOnJjwigVkIjb7vx5tCPJPrHOOPmUD5Vh9N45WN4ZZXCg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 07:45:22 GMT
age: 15096
etag: "3bbdd5560213e9b49ab7c079c5f2549d68890720"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| platform-api.sharethis.com/js/sharethis.js | 54.230.111.115 | 200 OK | 0 B |
URL HTTP/2platform-api.sharethis.com/js/sharethis.js IP54.230.111.115:0
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Wed, 12 Oct 2022 11:56:32 GMT
cache-control: max-age=600, public
etag: W/"3011a-1tH8M8TNdKB39qADlCdHeiBv0FM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OgOZs2gkR-srSnwpi2Pd8zNXKU-INHDtralvW7ZIQ1qlpo-NbGKEPw==
age: 18
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.ttf?v=4.7.0 | 62.213.218.3 | 200 OK | 0 B |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.ttf?v=4.7.0 IP62.213.218.3:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.ttf?v=4.7.0 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/xm0278vlx.rar
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=0
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-type: x-font/ttf
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.1.1 | 62.213.218.3 | 200 OK | 0 B |
URL HTTP/2deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.1.1 IP62.213.218.3:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.1.1 HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deperfectemens.be/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1665144767
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 11:56:50 GMT
server: Apache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
last-modified: Fri, 07 Oct 2022 12:12:47 GMT
accept-ranges: bytes
cache-control: max-age=0
expires: max-age=2592000, public
vary: Accept-Encoding
content-encoding: gzip
content-type: x-font/ttf
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A300%2C400%2C600%2C700&ver=6.0.2 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A300%2C400%2C600%2C700&ver=6.0.2 IP142.250.74.10:0
GET /css?family=Droid+Serif%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A300%2C400%2C600%2C700&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deperfectemens.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 12 Oct 2022 11:56:50 GMT
date: Wed, 12 Oct 2022 11:56:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| deperfectemens.be/xm0278vlx.rar | 62.213.218.3 | 404 Not Found | 0 B |
URL HTTP/2deperfectemens.be/xm0278vlx.rar IP62.213.218.3:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /xm0278vlx.rar HTTP/1.1
Host: deperfectemens.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Wed, 12 Oct 2022 11:56:49 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://deperfectemens.be/wp-json/>; rel="https://api.w.org/"
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|