firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lvFB5gO1TVI03qr_T3_EMIVXQmgy-HTyz4dBATpMuguQO8BZCc_XtQ==
Age: 107960
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2579
Expires: Thu, 06 Oct 2022 22:29:37 GMT
Date: Thu, 06 Oct 2022 21:46:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5796
Expires: Thu, 06 Oct 2022 23:23:14 GMT
Date: Thu, 06 Oct 2022 21:46:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dLbeNqcFst21ydFyeAJyB2eHS/8bs7+v4FO0HNm5IA6fvGSNGahA5MXjeFUiWw8kKRBWHIX/xOI=
x-amz-request-id: YJPF35N9VHF41VQV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 20:58:53 GMT
age: 2865
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 21:01:58 GMT
Expires: Thu, 06 Oct 2022 21:07:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VyPe4hwGBKgp_0SW3kGeufGc95vVOzYpHBZHN0MH21F78YTDIRjy9Q==
Age: 2680
panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques
198.23.62.11301 Moved Permanently 0 B URL HTTP/1.1 panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques
IP 198.23.62.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 21:46:38 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
X-Pingback: http://panoramapapers.com/xmlrpc.php
X-Redirect-By: WordPress
Location: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6016
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:39 GMT
Last-Modified: Thu, 06 Oct 2022 20:06:23 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3eP4mtPjdLpmP9UNF3Hd3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lq6k4lQYgSuBbmGNvqP3RjwmbDg=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13991
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:46:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13991
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:46:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13991
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:46:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13991
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:46:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc902aef-d39a-4522-af06-32745f1f98f1.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc902aef-d39a-4522-af06-32745f1f98f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54e5cb120b19e849a196a1ead868e4c4
15e26ce930dc747f058810837c47a4728efe0b75
a95640f974032f37a613af7648bd83697c72bb4ddf4a459e1393f7c9e8f926c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc902aef-d39a-4522-af06-32745f1f98f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6662
x-amzn-requestid: ea908895-144e-4211-8363-b721f2e4490a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmi9BFvFoAMF89A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b86-1514f8460877c8c31b7136f9;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:41:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Treo-1cuzxPXE9k1k8y0DLbXX-i5wMV_Gxff-RWkWZ8ZXdUyXqigLA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "15e26ce930dc747f058810837c47a4728efe0b75"
content-type: image/jpeg
age: 142
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: a9tOPCySPRdXpvJf239ycM7_3PJS7GcITvM52Sxic_FwYr_-n2XQHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
age: 142
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39cf77bd6009d3c538455b3846680278
ad0ed304e5173bdb8f08254c2e4a5032e8fcafa5
792997f1f9a485ca57d274c7899e4f526476bf15ed564a8b74d248c4458b188f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9564
x-amzn-requestid: 38d87e57-3600-4e0e-bd24-a8f857800bc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmhkGHtZIAMFz0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f494d-21b041d97b406dea36b9f35b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: DNBjRFbLHdYGd4-klRgAiRXPCq2_uOMh5LGi9udoD1c0eSVXJ6h4xw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 741
etag: "ad0ed304e5173bdb8f08254c2e4a5032e8fcafa5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae567a6922213a56f35ddc5d5cc1d0f1
fc49df76e8625d8542b0634bfcf12b8d6cda445c
135f25c0350ad26235447cdfba53a45e5d0f9f4c07a6c1e66dd2ed4a4a487f86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9995
x-amzn-requestid: 46d789c8-c830-4003-a752-472ee853a14b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-GRZIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-5d69f864308ea18c0440203e;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: i1F72tYrdjpymITjLWOWsfF_d-uZp_aXH-TWvE491s7IOtJZArpOqA==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 661
etag: "fc49df76e8625d8542b0634bfcf12b8d6cda445c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: V3fTgH8URZ1iWMxWPy49--20mtdJvMK6XTG_aPKk68pvwCxPl8lULw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 245
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2ac0ed19ef64f2f765ce7adb2a8fa7c
b6ea582befd01324dd456d59d3f610101dcf910c
d324c9f67b0efc38a935195076488dd0a62f61b893706ecf40ad1f2c5550a7d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11492
x-amzn-requestid: 7ac7e364-5204-4101-87f6-89fbdf3c5cb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_GKSoAMFdkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-4ae692e2617657225c88e5fb;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: jddNzOBqcXe8oUyYEEC82u0w35f4lAdk7Xf4ruu40Ngj2eY-r1Qyww==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "b6ea582befd01324dd456d59d3f610101dcf910c"
content-type: image/jpeg
age: 142
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
198.23.62.11200 OK 38 kB URL HTTP/1.1 panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
IP 198.23.62.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (29340), with CRLF, LF line terminators
Hash 9b326c2a237eea8eda057a0c70ce66bd
9c559ee5abfff36977ab8640a1380d9d03a6bfa4
0b5107ef2eb0ff9986e30d633397879f1505f2259adb2fa709b12db0c4421844
Analyzer Verdict Alert fortinet Malware
GET /mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/ HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:39 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
X-Pingback: http://panoramapapers.com/xmlrpc.php
Link: <http://panoramapapers.com/wp-json/>; rel="https://api.w.org/", <http://panoramapapers.com/wp-json/wp/v2/posts/5706>; rel="alternate"; type="application/json", <http://panoramapapers.com/?p=5706>; rel=shortlink
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css?family=Oswald%3A400&display=swap&ver=6.0.2
142.250.74.10200 OK 508 B URL HTTP/1.1 fonts.googleapis.com/css?family=Oswald%3A400&display=swap&ver=6.0.2
IP 142.250.74.10:0
Hash 0fad5706604122b2d564f96aa8737e34
e5b3356ff94569474daef87acc92e71fe26daa88
4b8b0ecf50c67a23d4b1e60b2c9c2e94599fa254cd9fe87269ed12c5eada451b
GET /css?family=Oswald%3A400&display=swap&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 06 Oct 2022 21:46:41 GMT
Date: Thu, 06 Oct 2022 21:46:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
panoramapapers.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
198.23.62.11200 OK 12 kB URL HTTP/1.1 panoramapapers.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 198.23.62.11:0
File type ASCII text, with very long lines (43771)
Hash f9cd2f8c87dacbc1fb79046dc7decea0
b83056ffefa7d64f36deceac1f25b3f5d97a4448
21d5ddd0ac26125b7ad2370c32ee689b5a8e7371a445674b785423f13010f22e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Tue, 12 Jul 2022 17:59:20 GMT
ETag: "15b64-5e39f6d8275b8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11574
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rf.revolvermaps.com/0/0/6.js?i=5eco97fncwk&m=7&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80
185.44.104.99200 OK 975 B URL HTTP/1.1 rf.revolvermaps.com/0/0/6.js?i=5eco97fncwk&m=7&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type ASCII text, with very long lines (1829), with no line terminators
Hash 6f2cff312815e129e65971e1f7aa0b6c
f07651ab0ae9b95ef1007782e8d1bbf0fae53f66
26a7a91762ec29a98d90e879584a0218e49e6733c98504d5c15d156f39d72446
GET /0/0/6.js?i=5eco97fncwk&m=7&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80 HTTP/1.1
Host: rf.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Fri, 23 Jun 2017 15:59:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000
Content-Length: 975
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.googletagmanager.com/gtag/js?id=UA-169953827-1
142.250.74.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-169953827-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 7dcb92438ca17932aa52207cb50a4a03
a4b9fd2f6287e0e0bf1fb07d2b39deca8504ee22
b29a7136bbbd1c1b70d06aca2d02e5f75923b81b8d76973208145af7fcf97729
GET /gtag/js?id=UA-169953827-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 21:46:41 GMT
expires: Thu, 06 Oct 2022 21:46:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
panoramapapers.com/wp-content/themes/soledad/css/penci-icon.css?ver=8.2.5
198.23.62.11200 OK 1.3 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/css/penci-icon.css?ver=8.2.5
IP 198.23.62.11:0
File type ASCII text, with very long lines (6212)
Hash 278f66d3579acf669b5f6211139144a1
70bbc7c61fe3f3c4d2e3015b229382b9f8e2a031
3e4e890ac17e25478093b70eebef38a5ea6771c222b827323bdf8ad1d540e14d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/css/penci-icon.css?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "1845-5e78eec837cdc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1303
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
panoramapapers.com/wp-content/themes/soledad/css/social-counter.css?ver=8.2.5
198.23.62.11200 OK 803 B URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/css/social-counter.css?ver=8.2.5
IP 198.23.62.11:0
Hash d991ec5ad1b0a1c4362f47893b6d2974
c068a57f713c4c3a6117d7d81db6c3d05c58df95
4142215bbae44b32f7425eb5cf69b53805b402b4ddfad9e1756c891217710deb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/css/social-counter.css?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "110e-5e78eec837cdc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 803
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-content/themes/soledad/style.css?ver=8.2.5
198.23.62.11200 OK 441 B URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/style.css?ver=8.2.5
IP 198.23.62.11:0
File type ASCII text, with CRLF line terminators
Hash c4ffb1e95d0d74cd26dd73f88ac12c02
8c6243543aafef7f0a529de7162957392b722482
25aed5da3e33f548e6e66412aed27d3082205e2cbb6bc5b0b695b031a7f77af9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/style.css?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "2ba-5e78eec8380c4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 441
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
198.23.62.11200 OK 3.9 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 198.23.62.11:0
File type ASCII text, with very long lines (19233)
Hash 86be6b9d61af2d006e794419022a2f85
4ba6563c37b070ed10feb7aa8bea1e06c337196e
98933592404da66ca3fb33989d3d12a519cb7c2cdccb9597ac4857123be8a06e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "4b4f-5ea10fc73fc5b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3878
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-content/uploads/elementor/css/post-7.css?ver=1664733561
198.23.62.11200 OK 359 B URL HTTP/1.1 panoramapapers.com/wp-content/uploads/elementor/css/post-7.css?ver=1664733561
IP 198.23.62.11:0
File type ASCII text, with very long lines (1132), with no line terminators
Hash 05f4e70e3d1110d5057c8eed3a53c2b7
2bf4720a3d5128625612b8587cd4463df00351f2
cca48b3122b4e050886b1fc11ccfec93e5f75f6084462f96ff2cc122b144c345
GET /wp-content/uploads/elementor/css/post-7.css?ver=1664733561 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:21 GMT
ETag: "46c-5ea10fc9aa6ec-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 359
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8
198.23.62.11200 OK 14 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8
IP 198.23.62.11:0
File type ASCII text, with very long lines (65497)
Hash b8cbf1ab7cb2253078f092bc31d718f5
8278b77ba26585ea84bea069bf98498ab75cc4d8
03dc8ce26bb60a92c60c301e483762ee9fdcfa5b02f9a235f8b81e03a841db75
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "1a78c-5ea10fc74bfac-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 14001
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-content/uploads/elementor/css/global.css?ver=1664733564
198.23.62.11200 OK 827 B URL HTTP/1.1 panoramapapers.com/wp-content/uploads/elementor/css/global.css?ver=1664733564
IP 198.23.62.11:0
File type ASCII text, with very long lines (6697)
Hash 20330b7f67d8d2b64d15a355a5674776
0f8825c5cfa290e4325362e1e95f4ec38c9d0bb2
b549f29a949433ab8f0fca7861eb271521d30dc7d05d80b59c012c8c9561a9cd
GET /wp-content/uploads/elementor/css/global.css?ver=1664733564 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:24 GMT
ETag: "2503-5ea10fcbd7531-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 827
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-content/uploads/elementor/css/post-574.css?ver=1665058578
198.23.62.11200 OK 1.1 kB URL HTTP/1.1 panoramapapers.com/wp-content/uploads/elementor/css/post-574.css?ver=1665058578
IP 198.23.62.11:0
File type ASCII text, with very long lines (7777), with no line terminators
Hash 1057dcfa87e0f69da8b80b09e6a25f7f
1f363f803b672b7cf382b2d0498dc69f69c6d49b
c69bfaee0c08a7fa83d34399ebfce9f9baa143b9f7c2ee64a9922cdda1d715ba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-574.css?ver=1665058578 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 12:16:18 GMT
ETag: "1e61-5ea5ca9127d06-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1085
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-content/plugins/penci-recipe/css/recipe.css?ver=3.3
198.23.62.11200 OK 3.9 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/penci-recipe/css/recipe.css?ver=3.3
IP 198.23.62.11:0
File type ASCII text, with CRLF line terminators
Hash f1b552f4134383bb757ffc774a673c82
7682c074262d75d86cfc571d27d6d62837163d3c
3137a7f08bb403073c6df381ba6f592782db2732265f3e46ec23a68caa5dafb3
GET /wp-content/plugins/penci-recipe/css/recipe.css?ver=3.3 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Sat, 25 Jun 2022 18:15:49 GMT
ETag: "5962-5e249ad2ad384-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3932
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
198.23.62.11200 OK 308 B URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 198.23.62.11:0
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "2a3-5ea10fc738b13-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 308
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
198.23.62.11200 OK 12 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 198.23.62.11:0
File type ASCII text, with very long lines (57726)
Hash ddf0a056a3f6a9e4277e57b876d91e5c
e57e15fc08202a19d715930aded584523a031966
de0c8e0bb6e689aa7452694957340f5f7d30908bce84563525203b58cb1e636e
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "e238-5ea10fc73872b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12421
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
198.23.62.11200 OK 4.2 kB URL HTTP/1.1 panoramapapers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 198.23.62.11:0
File type ASCII text, with very long lines (11126)
Hash 2fe098cbdfcb2c171cd6e4fc7eb595c5
8e1bf93a92cd550526d91c1321711700f0978078
7d6f6e40a91e440cf57e67f4e03a6a5d5ba4549e35117d31f0497eeadfce9d5c
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 14:36:06 GMT
ETag: "2bd8-5b462880e8180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4165
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/anti-spam/assets/css/admin-bar.css?ver=7.3.2
198.23.62.11200 OK 477 B URL HTTP/1.1 panoramapapers.com/wp-content/plugins/anti-spam/assets/css/admin-bar.css?ver=7.3.2
IP 198.23.62.11:0
Hash 3b13e3a519358c9111c052939f9d6f32
b887fa542ee15593e2fcdebf60521433d1d961d4
f7f0c6762d7ccd423ff50480840c8bb2833a7d8f78a4450512bfac653fa2f890
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/anti-spam/assets/css/admin-bar.css?ver=7.3.2 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 05:59:18 GMT
ETag: "52d-5e9a25849bbda-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 477
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
198.23.62.11200 OK 968 B URL HTTP/1.1 panoramapapers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 198.23.62.11:0
Hash f109c8bb02100ab586f1c2ad8e0d3413
1bd59126d23b8dcaea3e1820606868ea9460255a
325d80eed78a5029c7e85cb621c99b13234704e9a5cd71e158a50ee8413b0dbc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Thu, 01 Sep 2022 17:59:50 GMT
ETag: "aab-5e7a161375425-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 968
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
panoramapapers.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
198.23.62.11200 OK 31 kB URL HTTP/1.1 panoramapapers.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 198.23.62.11:0
File type ASCII text, with very long lines (65447)
Hash 3ae055a9e13e89cf48a060e3ecda0e29
252d2e51432e18672f20eaed819ec790f2d51108
256c34154ed113bd3d3b352fc91ea045f7e4cc7198f937ae42f4de057fdd4d25
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 20:37:24 GMT
ETag: "15db1-5bd34a2648900-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30836
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css?ver=4.7.0
198.23.62.11200 OK 6.9 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css?ver=4.7.0
IP 198.23.62.11:0
File type ASCII text, with very long lines (30855), with CRLF line terminators
Hash 2c80b414f15d73bc715737b8dfba254d
420b14f32bd0ea20c0bb50fb1b0126b0bf0ba19b
1fff05b5c7d1bb36488669c33dd613cea51e2e62323e69d35fc8577b89f5bb38
GET /wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css?ver=4.7.0 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "793f-5e78eec8380c4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6946
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
panoramapapers.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
198.23.62.11200 OK 4.9 kB URL HTTP/1.1 panoramapapers.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 198.23.62.11:0
File type ASCII text, with very long lines (15660)
Hash 42029f61a2420a40d0d0ed0c815f46cf
070158911465fce01eead299784c05e394136b11
5004e9f2aee15a254c0da7a1d220c6dfc1f6de3322a210fdc67965e808748ff7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 11:26:24 GMT
ETag: "48b9-5dc7354b43800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4917
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
panoramapapers.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8
198.23.62.11200 OK 2.6 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8
IP 198.23.62.11:0
File type ASCII text, with very long lines (10019)
Hash 1816c3e0699ed1cacf45410e55b56341
87bbd273f6c1c7092b78f9cb0cd82c4524bc8ad3
306349e7cf0eb5bea1c36bd41be77161af22db8f11c3a17f442db8aaf99ffac1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "4824-5ea10fc73f0a3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2560
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
panoramapapers.com/wp-content/plugins/anti-spam/assets/js/anti-spam.js?ver=7.3.2
198.23.62.11200 OK 511 B URL HTTP/1.1 panoramapapers.com/wp-content/plugins/anti-spam/assets/js/anti-spam.js?ver=7.3.2
IP 198.23.62.11:0
Hash ce301eb0cd086a7dc17ed541fd4bf340
04617f51485442edd3b66b2fb1d965cbd1dd6f89
8ffad3274522ed6d8ff6a8798c93de0a73e1fe1b106458c147b16a17bdc1a9b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/anti-spam/assets/js/anti-spam.js?ver=7.3.2 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 05:59:18 GMT
ETag: "45d-5e9a25849b7f2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 511
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
198.23.62.11200 OK 2.9 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 198.23.62.11:0
File type ASCII text, with very long lines (9680), with no line terminators
Hash a6d29bf298981e2fdb4ac03cc52c209b
772f86980bbb176036f4ced415ce38dc863531c3
c390e230205ba8b1dbad66e72e3a2d3c37d84ecfb4c207e3789e12f49d3b0cde
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Thu, 01 Sep 2022 17:59:50 GMT
ETag: "25d0-5e7a16137580d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2890
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
198.23.62.11200 OK 3.9 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 198.23.62.11:0
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash 8d42f7ab73636dfa8750d28e33d16750
cf347f0ef7d55be1d7477506ba03f59581dd88e1
af7f650a59033d7add2543d64ef84238886d03a9beeb9e175f283c0cc06f7a84
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Thu, 01 Sep 2022 17:59:50 GMT
ETag: "2fb3-5e7a161374485-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3931
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/penci-review/js/jquery.easypiechart.min.js?ver=1.0
198.23.62.11200 OK 1.7 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/penci-review/js/jquery.easypiechart.min.js?ver=1.0
IP 198.23.62.11:0
File type ASCII text, with very long lines (3765)
Hash c20fee21f56b196eb6e9387996a9741d
f05d33f092a15180a1d4c8847e735cbfebc127de
97f3c3474ef4aed31032e956b2ecf6f7cb3186b66136ff5a02b48868b1c7df01
GET /wp-content/plugins/penci-review/js/jquery.easypiechart.min.js?ver=1.0 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Sat, 25 Jun 2022 18:15:49 GMT
ETag: "f96-5e249ad2e2ee6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1691
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/penci-review/js/review.js?ver=1.0
198.23.62.11200 OK 363 B URL HTTP/1.1 panoramapapers.com/wp-content/plugins/penci-review/js/review.js?ver=1.0
IP 198.23.62.11:0
Hash 6c60a0a86e7d1534ada40b4859c7b38a
ecb473e684771c4e17178d27f50c4f71ade6341b
df0ddb9d6d2a4992ffa996568dc4e859cc28b5327ac2ec4a637e9ffb54f219bb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/penci-review/js/review.js?ver=1.0 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sat, 25 Jun 2022 18:15:49 GMT
ETag: "315-5e249ad2e32ce-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 363
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/penci-shortcodes/assets/play.js?ver=1.0
198.23.62.11200 OK 1.1 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/penci-shortcodes/assets/play.js?ver=1.0
IP 198.23.62.11:0
Hash 5f4d0355d3058eb20ccbb45645c051fe
b2b53b5c24c96b26c3dbe2d97ecc3629c69ddd7e
90c1c7273f723a2a1f89bf514d2ae22b2f480d35d6cad75b6d64fb800a5a0f35
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/penci-shortcodes/assets/play.js?ver=1.0 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sat, 25 Jun 2022 18:15:45 GMT
ETag: "c21-5e249acee5308-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1093
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/themes/soledad/js/penci-lazy.js?ver=8.2.5
198.23.62.11200 OK 3.1 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/js/penci-lazy.js?ver=8.2.5
IP 198.23.62.11:0
File type ASCII text, with very long lines (8290)
Hash 52b928260ea76a7647e14e84a1f340ad
4ca034f83475ad24ad8f6cc96b87280dd464b62d
f3498b7895811e9534a9921522aca6fed0c4f25b9b382dfc49dc88c70583e79e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/js/penci-lazy.js?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "228f-5e78eec7d9137-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3054
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/themes/soledad/main.css?ver=8.2.5
198.23.62.11200 OK 129 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/main.css?ver=8.2.5
IP 198.23.62.11:0
File type ASCII text, with CRLF line terminators
Size 129 kB (129255 bytes)
Hash 172d344dcbdca47c5e9092fecb7e1103
8e67dac07efdb7904b8a005452b5f04c61728e27
a63f1b775de92f8212ac0c91222288f1ae2482bb33876302484940bb172529f1
GET /wp-content/themes/soledad/main.css?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:41 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "fd6aa-5e78eec838894-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
panoramapapers.com/wp-content/themes/soledad/js/main.js?ver=8.2.5
198.23.62.11200 OK 14 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/js/main.js?ver=8.2.5
IP 198.23.62.11:0
Hash 465d622d78fa90c41e2193136f700024
cb1a074d0d57882dcfb042317dd4150d33c92450
032b17f8c304ddb1440ba3ec8e48532f2769e35d63e12c10ec54b2e6246aeeec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/js/main.js?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "172d7-5e78eec7d9137-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 14309
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/themes/soledad/js/post-like.js?ver=8.2.5
198.23.62.11200 OK 465 B URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/js/post-like.js?ver=8.2.5
IP 198.23.62.11:0
File type ASCII text, with CRLF line terminators
Hash 7ace95458f91d836a198f6f57447b5e2
21061ea2d117424a3f39c989bfee5c59bbcc0ef6
24660f13b01a16c9230f46f5419d72be4f875bc46c7640fc5e2d8bfdb5282dd0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/js/post-like.js?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "459-5e78eec7d9137-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 465
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/themes/soledad/inc/builder/assets/js/penci-header-builder.js?ver=8.2.5
198.23.62.11200 OK 1.1 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/inc/builder/assets/js/penci-header-builder.js?ver=8.2.5
IP 198.23.62.11:0
Hash 82fcf78a46bf2a8b7b5d479aee4d49f9
154c10cfaa730fb5af95717df244729aacf9130c
ae3c4dfb51f67ed7afd050f06208cda08df08b5d26b4846463b3bb5b6ab67a36
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/inc/builder/assets/js/penci-header-builder.js?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "1006-5e78eec7de728-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1063
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
198.23.62.11200 OK 1.4 kB URL HTTP/1.1 panoramapapers.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
IP 198.23.62.11:0
File type ASCII text, with very long lines (2946)
Hash 28214bc78b9edfcfbc9c7b651fb4f56c
fb0847abdb33dd943a2dcda4c4b905fb5cdd116c
11691bc1acc1f3a7ab8ef7c67fb720ca58fb72e52f510009f7b0cbc2589d45e0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js?ver=6.0.2 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sat, 09 Apr 2022 01:37:18 GMT
ETag: "ba5-5dc2ec064ef80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1351
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/themes/soledad/js/libs-script.min.js?ver=8.2.5
198.23.62.11200 OK 46 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/js/libs-script.min.js?ver=8.2.5
IP 198.23.62.11:0
File type ASCII text, with very long lines (30308), with CRLF line terminators
Hash 114bc921382a506e49b30d4bbe93301d
a4d0393c9ffb587b95dba85cfd212dd5e3f113f7
22f883685e17bc12ad254c62a942ec4632784ae9701813c652d48e85e9bcb95a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/js/libs-script.min.js?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "29331-5e78eec7d9cef-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 45637
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/penci-recipe/js/jquery.rateyo.min.js?ver=3.3
198.23.62.11200 OK 4.3 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/penci-recipe/js/jquery.rateyo.min.js?ver=3.3
IP 198.23.62.11:0
File type ASCII text, with very long lines (9050)
Hash bfcc1687cae3e80965a1fbb7150cdf02
bb101b0f307ea4003d4d7b0a3dc3913a1e807870
abecc54d3acfe3abc1fb38c59bf665f544a466d947b9d76c24b172f92c999b92
GET /wp-content/plugins/penci-recipe/js/jquery.rateyo.min.js?ver=3.3 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sat, 25 Jun 2022 18:15:49 GMT
ETag: "23c4-5e249ad2ac3e4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4291
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/penci-recipe/js/rating_recipe.js?ver=3.3
198.23.62.11200 OK 523 B URL HTTP/1.1 panoramapapers.com/wp-content/plugins/penci-recipe/js/rating_recipe.js?ver=3.3
IP 198.23.62.11:0
File type ASCII text, with CRLF line terminators
Hash eecde00f9df6a9f1b0dd9743f34eb225
4e95b021041e6b1a978824db71e2fbb569c632c1
e84edabdcc6e8b5f8752a881dc72c7c454621a11918b69e702dd2455055d73b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/penci-recipe/js/rating_recipe.js?ver=3.3 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sat, 25 Jun 2022 18:15:49 GMT
ETag: "4cc-5e249ad2ac3e4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 523
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/penci-portfolio/js/penci-portfolio.js?ver=1.0
198.23.62.11200 OK 434 B URL HTTP/1.1 panoramapapers.com/wp-content/plugins/penci-portfolio/js/penci-portfolio.js?ver=1.0
IP 198.23.62.11:0
Hash 9d0a862999bb10f565002691c3e11c14
b3bd2f198df0cb92a738aa6852e1488f5a5a6c93
704f07dab45d216277842ca9815694e92483347d3261b07dcfb4cd1b4b470e81
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/penci-portfolio/js/penci-portfolio.js?ver=1.0 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sat, 25 Jun 2022 18:15:49 GMT
ETag: "4b0-5e249ad2783d9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 434
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/themes/soledad/js/jquery.autocomplete.min.js?ver=8.2.5
198.23.62.11200 OK 4.3 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/js/jquery.autocomplete.min.js?ver=8.2.5
IP 198.23.62.11:0
File type ASCII text, with very long lines (13072)
Hash 6f45afcf37d64f3837724483fb1b6f64
c2a23feb226f2250936151101ba3c0ccb09778a4
84fc4796edf61f39847cc988c7dfda5b716a7b373c15bc84e5af6027a326a4e7
GET /wp-content/themes/soledad/js/jquery.autocomplete.min.js?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "3416-5e78eec7d9cef-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4290
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/themes/soledad/js/ajax-search.js?ver=8.2.5
198.23.62.11200 OK 1.9 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/js/ajax-search.js?ver=8.2.5
IP 198.23.62.11:0
Hash f881c72d4a9b802d0d5dea4d449114eb
183eea3c58ae8f5d7926ee8d860ae8211c8431a7
09bcf400c5cdc7a9375bd7796200f1bb964565f7b8fb5d334762736259e58368
GET /wp-content/themes/soledad/js/ajax-search.js?ver=8.2.5 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "2306-5e78eec7da4bf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1883
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
panoramapapers.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
198.23.62.11200 OK 2.2 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
IP 198.23.62.11:0
File type ASCII text, with very long lines (4918)
Hash 66e849186b1b58f3573cc3ca06b167ee
22a3edcc19cd897017c3c91708ed39217118e82b
79f670a5be8078349914363d328a58e1d50ed71879a93ae50d9ec0f293520481
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "135d-5ea10fc7442ab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2192
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
panoramapapers.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10
198.23.62.11200 OK 2.6 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10
IP 198.23.62.11:0
File type ASCII text, with very long lines (6210), with no line terminators
Hash dfcc74301f163fabd32e3256b91ba54e
3e861de3c9a7d5638eb7da2274f50274cde6cc0c
0611e07de6e96239da5373ee60ec187406e535614413b431c823fa3c21ecf8d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 17:59:23 GMT
ETag: "1842-5e8bb01695bfe-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2559
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
198.23.62.11200 OK 11 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
IP 198.23.62.11:0
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash 4960fe85b7a3d15bd6e6bea13dadc579
b36a2873d31967634160db30a8de82f5d2b425f1
4133d435c10e4c9b5f7ef1fa7da58ea4e953dc20ba9a0ac76bccc3976ea8f1be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "80a1-5ea10fc742753-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10705
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data
Hash f29503a1895affee5ed85d0246238af8
f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://panoramapapers.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 20:33:05 GMT
expires: Fri, 06 Oct 2023 20:33:05 GMT
cache-control: public, max-age=31536000
age: 4417
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2
216.58.207.195200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19004, version 1.0\012- data
Hash be2a14878eb61d7c95d5970ff1912539
237450c08a36de2b7d3e4d20b74a062ca2fce816
1e235540dffb208599faa7434fad4050331fcd6916bf44fad58a5d1d65b8d360
GET /s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://panoramapapers.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 22:47:13 GMT
expires: Tue, 03 Oct 2023 22:47:13 GMT
cache-control: public, max-age=31536000
age: 255569
last-modified: Thu, 21 Apr 2022 16:57:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmsans/v11/rP2Ap2ywxg089UriCZawpBqWCXwT.woff2
216.58.207.195200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Ap2ywxg089UriCZawpBqWCXwT.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19200, version 1.0\012- data
Hash b04ef08ba8e7c6adc660cd64cc768ad1
8674d1ee1e6168420e1bd446f588212098d35aa6
545fbd29c9a2e70f0bffb4cacce1c0da7e4eee940aa690b0b38bf6d41ab631a4
GET /s/dmsans/v11/rP2Ap2ywxg089UriCZawpBqWCXwT.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://panoramapapers.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:49:05 GMT
expires: Thu, 05 Oct 2023 21:49:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
content-type: font/woff2
age: 86257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
panoramapapers.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
198.23.62.11200 OK 3.0 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 198.23.62.11:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash dceed141ce93f206eca963c22e1deacf
ac2a9d2441b756845ebac12797822bb6cf62b274
f57cec207bc90dbe9269a675148a52aca7bf697ca5ac9f531c7c36d6044363d4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "2fa6-5ea10fc73cd7b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2994
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriAWCrCBimCw.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriAWCrCBimCw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 18240, version 1.0\012- data
Hash 715796ddd1637e1334588181b0e9cdb5
1246cb17f39f9d54b03540c8cfe6ba11e4084080
e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800
GET /s/dmsans/v11/rP2Cp2ywxg089UriAWCrCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://panoramapapers.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 22:42:08 GMT
expires: Tue, 03 Oct 2023 22:42:08 GMT
cache-control: public, max-age=31536000
age: 255874
last-modified: Thu, 21 Apr 2022 16:54:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rf.revolvermaps.com/js/c.php?i=5eco97fncwk
185.44.104.99200 OK 43 B URL HTTP/1.1 rf.revolvermaps.com/js/c.php?i=5eco97fncwk
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /js/c.php?i=5eco97fncwk HTTP/1.1
Host: rf.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Cache-Control: max-age=900
Last-Modified: Thu, 06 Oct 2022 21:46:42 GMT
Content-Length: 43
Keep-Alive: timeout=4, max=99
Connection: Keep-Alive
Content-Type: image/gif
rf.revolvermaps.com/js/r.php?i=5eco97fncwk&l=http%3A%2F%2Fpanoramapapers.com%2Fmali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques%2F&r=1665092802378
185.44.104.99200 OK 43 B URL HTTP/1.1 rf.revolvermaps.com/js/r.php?i=5eco97fncwk&l=http%3A%2F%2Fpanoramapapers.com%2Fmali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques%2F&r=1665092802378
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /js/r.php?i=5eco97fncwk&l=http%3A%2F%2Fpanoramapapers.com%2Fmali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques%2F&r=1665092802378 HTTP/1.1
Host: rf.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Content-Length: 43
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: image/gif
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
panoramapapers.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
198.23.62.11200 OK 6.9 kB URL HTTP/1.1 panoramapapers.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 198.23.62.11:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 5ff0032f243bb81f6f99a3c2f15d9f6c
6b0844bea8273d0fa452be92864f31561cdbaa8b
a469ece11ae1093f6a873f8e5a09cadcfac035335c1ab2e3f0d3d01c0f47d471
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sat, 09 Apr 2022 01:37:18 GMT
ETag: "50eb-5dc2ec064ef80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6903
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
198.23.62.11200 OK 12 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
IP 198.23.62.11:0
File type ASCII text, with very long lines (40474)
Hash 6d84654ae991d230d448cc7487520086
815d6fa773e621472bb6f8d6e855e18f18be0d7d
44a247f33bf3fa838072fd982d9f4df30d1f4d5e1c41a8e5292cb7d07d7997f3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "9e41-5ea10fc7436f3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12008
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-includes/js/underscore.min.js?ver=1.13.3
198.23.62.11200 OK 7.3 kB URL HTTP/1.1 panoramapapers.com/wp-includes/js/underscore.min.js?ver=1.13.3
IP 198.23.62.11:0
File type ASCII text, with very long lines (18876)
Hash f23b4f9fee6f95128b2825cea434f459
49ebce0ad8e8bcc9423c1e03e833113685fadc3f
e1917c68f6148983a78b34ac00b03942ea134bf8813146024e142d599bb8fd1a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 27 Apr 2022 20:09:22 GMT
ETag: "49df-5dda862992080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7299
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3485
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:42 GMT
Last-Modified: Thu, 06 Oct 2022 20:48:37 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
panoramapapers.com/wp-includes/js/wp-util.min.js?ver=6.0.2
198.23.62.11200 OK 705 B URL HTTP/1.1 panoramapapers.com/wp-includes/js/wp-util.min.js?ver=6.0.2
IP 198.23.62.11:0
File type ASCII text, with very long lines (1305)
Hash fc7e549ce428fe90eb910c14d23a1532
e3eb36861f16a8b3ea97e8e60a2033957fe58a2e
80226ac13b48a680f63f8258a251d2b9b4c87394459df6bd32732fd4e69c1bd3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=6.0.2 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Fri, 25 Jun 2021 20:20:58 GMT
ETag: "53c-5c59ce0a47e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 705
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.1
198.23.62.11200 OK 374 B URL HTTP/1.1 panoramapapers.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.1
IP 198.23.62.11:0
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.1 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 05 Oct 2022 17:59:18 GMT
ETag: "2f2-5ea4d55ed24f3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 374
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/themes/soledad/fonts/penciicon.ttf
198.23.62.11200 OK 34 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/fonts/penciicon.ttf
IP 198.23.62.11:0
File type TrueType Font data, 11 tables, 1st "GSUB", 16 names, Macintosh, type 1 string, flaticonRegularflaticonflaticonVersion 1.0flaticonGenerated by svg2ttf from Fontello project.htt\012- data
Hash 77070693c3a560ce9392be34be37f2f4
4de87061bbc3aa5713396030a66bcb02b663c903
0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/fonts/penciicon.ttf HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/wp-content/themes/soledad/css/penci-icon.css?ver=8.2.5
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:43 GMT
ETag: "8370-5e78eec840d65"
Accept-Ranges: bytes
Content-Length: 33648
Vary: User-Agent
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
rf.revolvermaps.com/w/6/a/a2.php?i=5eco97fncwk&m=7&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80
185.44.104.99200 OK 11 kB URL HTTP/1.1 rf.revolvermaps.com/w/6/a/a2.php?i=5eco97fncwk&m=7&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33263), with no line terminators
Hash 608eb3e72456b907403c936123649399
830157a1a60a838d435c9c8d1029696ee714b7cb
bf83d3da6419f37a1168128e1057306374eb1b69214f9e04165f3fdf2da84f1a
GET /w/6/a/a2.php?i=5eco97fncwk&m=7&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80 HTTP/1.1
Host: rf.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Cache-Control: public, max-age=2592000
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=4, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
panoramapapers.com/wp-content/uploads/2022/09/Colonel-Abdoulaye-Maiga-Premier-ministre-du-Mali-1170x658.webp
198.23.62.11200 OK 26 kB URL HTTP/1.1 panoramapapers.com/wp-content/uploads/2022/09/Colonel-Abdoulaye-Maiga-Premier-ministre-du-Mali-1170x658.webp
IP 198.23.62.11:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1170x658, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 838049aff55530ce4adc5d0eb337f11d
c7060593b950c71f7139023ec68cd38412d6caf5
3796aee98c66147a3b9296c6648612eeadfabfe682b0c9bbf2a83c163541e259
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/Colonel-Abdoulaye-Maiga-Premier-ministre-du-Mali-1170x658.webp HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sun, 11 Sep 2022 06:41:13 GMT
ETag: "6622-5e86110b5b67f"
Accept-Ranges: bytes
Content-Length: 26146
Vary: User-Agent
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
panoramapapers.com/wp-content/uploads/2022/07/logo-panorama-1ok-283x300.png
198.23.62.11200 OK 46 kB URL HTTP/1.1 panoramapapers.com/wp-content/uploads/2022/07/logo-panorama-1ok-283x300.png
IP 198.23.62.11:0
File type PNG image data, 283 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 221a51fedeedd6fee9607969a449ac6d
90fc66e7944ad95c18e1da21800661a891f4edfd
3312a12778d00af1453cefa72dd37f11f0abfc1e7b4c45ed8ee4fcd35c8c25aa
GET /wp-content/uploads/2022/07/logo-panorama-1ok-283x300.png HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Tue, 12 Jul 2022 11:43:42 GMT
ETag: "b365-5e39a2e307f1f"
Accept-Ranges: bytes
Content-Length: 45925
Vary: User-Agent
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
panoramapapers.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
198.23.62.11200 OK 77 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 198.23.62.11:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://panoramapapers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "12bdc-5ea10fc73a66b"
Accept-Ranges: bytes
Content-Length: 76764
Vary: User-Agent
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
panoramapapers.com/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
198.23.62.11200 OK 77 kB URL HTTP/1.1 panoramapapers.com/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 198.23.62.11:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://panoramapapers.com/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css?ver=4.7.0
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 19:58:42 GMT
ETag: "12d68-5e78eec83f5f5"
Accept-Ranges: bytes
Content-Length: 77160
Vary: User-Agent
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3485
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:42 GMT
Last-Modified: Thu, 06 Oct 2022 20:48:37 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
panoramapapers.com/wp-content/uploads/2022/10/IMG-20221005-WA0037-263x175.jpg
198.23.62.11200 OK 11 kB URL HTTP/1.1 panoramapapers.com/wp-content/uploads/2022/10/IMG-20221005-WA0037-263x175.jpg
IP 198.23.62.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 263x175, components 3\012- data
Hash 29693e2ee087b4d84ec875dd6e8bae75
ebf5d57b6a7d7ad50ebcabca9d970272f0074b62
58f1cf0b36fc989294477628b61147e0098cf5d299fad6b549ab05d69b4abac6
GET /wp-content/uploads/2022/10/IMG-20221005-WA0037-263x175.jpg HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 05 Oct 2022 13:22:03 GMT
ETag: "2c61-5ea49766769bc"
Accept-Ranges: bytes
Content-Length: 11361
Vary: User-Agent
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
panoramapapers.com/wp-content/uploads/2022/10/300785444-127930999978192-5160971320510110244-n-960x480-1-263x175.jpg
198.23.62.11200 OK 17 kB URL HTTP/1.1 panoramapapers.com/wp-content/uploads/2022/10/300785444-127930999978192-5160971320510110244-n-960x480-1-263x175.jpg
IP 198.23.62.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 263x175, components 3\012- data
Hash 5321836fb453bf4f1cd66b4f71abefdd
0e76b0746f79c60403ccd613cb27979f7144b1c4
f3a8094dd82750c3d2410476500bea00943f508c5d8a834189543086d43a95da
GET /wp-content/uploads/2022/10/300785444-127930999978192-5160971320510110244-n-960x480-1-263x175.jpg HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 10:55:11 GMT
ETag: "423e-5ea5b87046e30"
Accept-Ranges: bytes
Content-Length: 16958
Vary: User-Agent
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
panoramapapers.com/wp-content/uploads/2022/10/potine-assimi-263x175.jpg
198.23.62.11200 OK 11 kB URL HTTP/1.1 panoramapapers.com/wp-content/uploads/2022/10/potine-assimi-263x175.jpg
IP 198.23.62.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 263x175, components 3\012- data
Hash 910f80282e29bbc51a19401d3a7761b5
10a9224f081231dc08e302254e91ba1034f2b738
53a813eac3c07fc006ea69299ba2419bf07bc2b029f025af7179f3270da26a03
GET /wp-content/uploads/2022/10/potine-assimi-263x175.jpg HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 05 Oct 2022 13:58:54 GMT
ETag: "2b8a-5ea49fa2bbc51"
Accept-Ranges: bytes
Content-Length: 11146
Vary: User-Agent
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 265 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (993)
Hash e0e78328c7d39527b50d23be97ec21cd
cb983ba70e6d934d7f973fce0741dd6f395f4356
f556751ac7feea7f563ae2b7f13227fedc78aebc85e572ca7d8522cc891110b1
GET /rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 01 Oct 2023 05:37:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 4OeDKMfTlSe1DSO+l+whzQ==
x-fb-debug: 6CHhcaiW+ZrQCX2b/m2LuIO3fui4w4wIqHXlqtOsDXhrKxuvR2/CSK+w+p9r5TaAoSVv1NRbXacdv/Lpdk635Q==
content-length: 265
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/r/iiDbYMCPtB3.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/iiDbYMCPtB3.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1982)
Hash 533ff4519e2c7f77fac72ef04457f8f3
2df2b7ede2f719967e46649159d1068204ba11b3
2a960abb70d73b54902cb06087d6fdb584931d7759a838437560c266191c8cb4
GET /rsrc.php/v3/yi/r/iiDbYMCPtB3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Sep 2023 07:15:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Uz/0UZ4sf3f6xy7wRFf48w==
x-fb-debug: aDXKn+pbatKB5FH6OY3oX1n7+GvoWbD2oAhUknkAqpOfUF8ldWBh6JfJMXKyV52QOW69WkPAOfZ5OWZUL3sECA==
priority: u=3,i
content-length: 1657
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/BK9Y1PT3bBb.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/BK9Y1PT3bBb.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4486)
Hash 9954a77053cbcc3672ca796ffb50b352
84bdd7a9dc7e044ff6a3fa5f75f08431ef8dd5b3
f4914b029b9608f946528f233622b6f1d15a2879d9008634fc8fe8170121c646
GET /rsrc.php/v3/yH/r/BK9Y1PT3bBb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 06 Oct 2023 18:12:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: mVSncFPLzDZyynlv+1CzUg==
x-fb-debug: iCxFMzdheckwK6d5Y+8qXKzAf4W6VeAgJxbyOuJNX2NjU/8iN4pUt5ToCM8ncg0P+mpFwg5IB15VXKV4OCnaVA==
content-length: 6990
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/y278Fld0_6u.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/y278Fld0_6u.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type assembler source, ASCII text, with very long lines (2642)
Hash 4739a808abf62f3d998d5c5e9fefd5fc
4f0f41d8ca426c28b3bc8d84887063b12b2fb2ba
8d4b60f86a25f12e69d06c80db1005877c1b9aa8e958e3fc83cc67344efd1ad4
GET /rsrc.php/v3/yM/l/0,cross/y278Fld0_6u.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 06 Oct 2023 18:21:27 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: RzmoCKv2Lz2ZjVxen+/V/A==
x-fb-debug: x/HwMNKYpczKcztHfVB2LdSJIkxHvt+3htptz4VZPnoHsMshlDU2UmUSYzEP9iGosrH8psmHwmY1Dksj9HN4BQ==
priority: u=2
content-length: 4550
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yh/r/WOLN5pzG8JN.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yh/r/WOLN5pzG8JN.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5540)
Hash ef22d2d8fd6a9cdb4561161a47734081
25109ce0f418e17988c3721d5e581e96820907ea
a989b62b6c180f71495b290aacebf65fd8305ddc468a16a4eee004a7f448c00d
GET /rsrc.php/v3/yh/r/WOLN5pzG8JN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 04 Oct 2023 07:24:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 7yLS2P1qnNtFYRYaR3NAgQ==
x-fb-debug: gExl4GJ8fFQaMeBJ5uHtMmGap0T9JZ3bR9YlE27Qd3s+p58p0NGOz/kFZ8PNMXLW1iHqhPhfQ5NiSm08lKSung==
content-length: 12270
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yL/l/en_US/irCgPB7CJbM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yL/l/en_US/irCgPB7CJbM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2903)
Hash e38454d74d48882c6d38e85e7be816a4
105acd596d49b1677ab825168f547306d879f533
d69f603fb44e68d655ae98c5db858b15bd0c35357beecb91c3588fc48496f9eb
GET /rsrc.php/v3iLl54/yL/l/en_US/irCgPB7CJbM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:50:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 44RU101IiCxtOOhee+gWpA==
x-fb-debug: ViV4ifw+nIc0+kvx5q28jlZBsNjgKH1gNHcdsRoXQYujDi/roGtcIuRLtd58jqS9J8hu25P5HzJ1YEXpra5bBA==
priority: u=3,i
content-length: 8360
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/r/Ssqt-ecS4oX.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 9.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/Ssqt-ecS4oX.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (9883)
Hash 5f41f41f78195eb1ef6e85b6fe67e97d
9e5558b2859d9a86729e7e289585a61a6ffe80b0
cf0c0c1dc70d18a451271caf77138e9b467cb0d64f6552c6a24b1232371d8748
GET /rsrc.php/v3/yi/r/Ssqt-ecS4oX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 06 Oct 2023 05:58:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: X0H0H3gZXrHvboW2/mfpfQ==
x-fb-debug: SLccBhIiiU5Ya5S4r5WnTd60MOZ651aBJf7lRci1KAZeMq6qu5r9Z1veLXdfo+iE5LkRr9E2MzXPR2JO24eDpA==
priority: u=3,i
content-length: 8952
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/fo2-PIWZvc3.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/fo2-PIWZvc3.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18608)
Hash 0092836af2f7f98f197d0e3846372407
cc75db123e43eeb50274a68fb72c50ec2d4e2245
212ef2540f010796c9cde99c3e455a3f6008f21eecedd5c8c551a0fa266c8ffb
GET /rsrc.php/v3/yR/r/fo2-PIWZvc3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 06 Oct 2023 18:20:32 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: AJKDavL3+Y8ZfQ44RjckBw==
x-fb-debug: NqYCIV/VE9nDgZRmpB/tx2qdyanaECfIh7R8sScenAopa1ohQYx6EVd7ewn+nHdz9cWfH0MkYlFM7GkEU+ad0A==
content-length: 91075
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y8/r/SixM03AXEw8.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 336 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y8/r/SixM03AXEw8.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (325)
Hash f82d8f615a2484f0c5c4e4e0f55e8b5d
c1c8ea5d697e2286b0a2bac7b3515a29b7f4cb28
91041f394721520d4dd5a33b28525d50da16e0fda08e102d971148fef1609dd2
GET /rsrc.php/v3/y8/r/SixM03AXEw8.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 05 Oct 2023 14:33:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: +C2PYVokhPDFxOTg9V6LXQ==
x-fb-debug: Y2H9hi09oTXHdXtY0vN+bFnJO2F5pPHwvi1i5huflEdchxACsJ6zRIDqFO5WU7k6ERCegG7MkslKxkAxO3MKTA==
priority: u=3,i
content-length: 336
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y0/r/kllmdWKFTV2.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y0/r/kllmdWKFTV2.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1489)
Hash 0a5916578e6a30694e81e1aaedb95e99
fb36fc0746a573409e104b79937aeee5b960456d
3f4dfa177e01c3b21630f00cc5dc745323887835d9cf3e074d2c2c3ed9c867ab
GET /rsrc.php/v3/y0/r/kllmdWKFTV2.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:52:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ClkWV45qMGlOgeGq7blemQ==
x-fb-debug: lbOf+sQOGemoT5VLsevO2B1mDsdNIhfQvmO3F2gMPhuYo/gFaTeJnc0okaZm88iOe9J8ug7kbWnH6eDjUKsY7A==
priority: u=3,i
content-length: 1285
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yG/r/CQlBeOnkWyU.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yG/r/CQlBeOnkWyU.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (4649)
Hash ed60d134cc54fd68173d816d831d6cf4
e6b70eb8bdd33f8a54ab375973b2b447fb06d84c
af20e5fae5f45e76df9d78d0764c7f983abc2eef0d48876a84abe918f14fd7cb
GET /rsrc.php/v3/yG/r/CQlBeOnkWyU.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 06 Oct 2023 18:12:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 7WDRNMxU/WgXPYFtgx1s9A==
x-fb-debug: RLZVhvlkSA450/2w4CxXyEctlI5MF/MiPN6HlkcKAv3uGbIS4zr0K3PnLNnnFJHqtQaE8GMOBT+CV57Rb6tEeg==
content-length: 5514
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/1lYRIUv3fB9.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yV/r/1lYRIUv3fB9.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4059)
Hash e4f221c6642e6c519ca2462027a15712
6a7225c3221331d35773a252b6dbfb87f214b834
7eafaf8c19afe0e16ea9b18ee23cf0c7b391cfc4dd0fa2d52dd81f0f32348ada
GET /rsrc.php/v3/yV/r/1lYRIUv3fB9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Sep 2023 07:15:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5PIhxmQubFGcokYgJ6FXEg==
x-fb-debug: ch3RzVu63qNzJ7/QB4DTXCq/LUe9uNqEq4lZq6+4MIjIHS0EOpwGmrNtYa7NEz1aIrs7fgqLNLgks1GHtmWXAw==
content-length: 7237
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/r/MGPxVqoNewa.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/r/MGPxVqoNewa.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (10492)
Hash 714f10e2847aec5d059ffba9850f4761
6294ce5a378c4c03075e33d08a89f5dc2fed91ea
d470b7261ff265897b61fa7cebf20a6fadcb00426b8ab5554d355e88db82febc
GET /rsrc.php/v3/yn/r/MGPxVqoNewa.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 06 Oct 2023 18:12:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cU8Q4oR67F0Fn/uphQ9HYQ==
x-fb-debug: cWewG4/udNai70QWAHlxvh4/vureIpRazLmt+W6QYOf3tyhaJbtb7ghp7ppwVuRWNvQsnLcB1s38CNLsIp4hRQ==
priority: u=3,i
content-length: 4779
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
deux.panoramapapers.com/wp-content/uploads/2022/06/BANNIERE-PANO-01-OK.png
198.23.62.11200 OK 488 kB URL HTTP/1.1 deux.panoramapapers.com/wp-content/uploads/2022/06/BANNIERE-PANO-01-OK.png
IP 198.23.62.11:0
File type PNG image data, 2083 x 191, 8-bit/color RGBA, non-interlaced\012- data
Size 488 kB (487899 bytes)
Hash fb89a5676d62180d3737a47d86375640
d87e40bec6c9a2fd1a7fa24a960d5b13070d43b2
491cbd3652f35ddf1a436a947c4049d26c51084a13c394deb06a5dab620cad34
GET /wp-content/uploads/2022/06/BANNIERE-PANO-01-OK.png HTTP/1.1
Host: deux.panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Wed, 01 Jun 2022 19:09:04 GMT
ETag: "771db-5e0679f73d00d"
Accept-Ranges: bytes
Content-Length: 487899
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
static.xx.fbcdn.net/rsrc.php/v3iEBX4/yy/l/en_US/Nq8nSHiYqQL.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEBX4/yy/l/en_US/Nq8nSHiYqQL.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5960)
Hash 8e841251007c72ed1b346a21bd7354f3
8fa5e9342c9b259300bf0f7f38f0c8a6bd72ce47
3f2e32050c5f11a150a05430175a72780ada22f6e434560b7120eac80b11db6d
GET /rsrc.php/v3iEBX4/yy/l/en_US/Nq8nSHiYqQL.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:50:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: joQSUQB8cu0bNGohvXNU8w==
x-fb-debug: 4Gz1g7XFaB+1QAUdyVlvEyA/TvoixNPob49aYGX1RJAY9S4anDMnrz9QE/yzyNLD2A4feB1nCMcvF2n7UyeWtQ==
priority: u=3,i
content-length: 8449
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yU/r/q6VzhXzzuec.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yU/r/q6VzhXzzuec.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8258)
Hash bed6f1c97375602a8f8498010934286f
7b209330b2ddc87f0818681e7901a0945367c02c
bb35559f9d7e20bd535239de676ef530aece43abf2fa748ed1c9af4220297118
GET /rsrc.php/v3/yU/r/q6VzhXzzuec.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:48:13 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: vtbxyXN1YCqPhJgBCTQobw==
x-fb-debug: 8Pd1cRV6dx95GTudaHeGI5LZA2/bhGzvy3idl7RH6O0ZCAN8+x+BwBcdJLwJgUG+XVXKLpRMD+38mthuipKQKg==
content-length: 16189
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/r/6NWFpg-EZsH.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/r/6NWFpg-EZsH.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (15783)
Hash a4d817a57bcaa5d5d7825468f93d2e9a
3b62d71931131de980ed4304b376282da14b365c
7397ecf4b3c42bc7682659b16b54dc817b7df5dc77e2ae6277cf1278b1171f71
GET /rsrc.php/v3/ys/r/6NWFpg-EZsH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:49:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: pNgXpXvKpdXXglRo+T0umg==
x-fb-debug: HlYtsDEn/R1tm5geHvjOEl8M0nonYH9GBCiY3XqkUe91Xwma47GYHkJrdwa1HLFHzNoinEhknMIi853X4xFuGQ==
priority: u=3,i
content-length: 16319
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y_/l/en_US/YJojGYumZIr.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/y_/l/en_US/YJojGYumZIr.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (41975)
Hash 0c19e750b743b01557db76b5e80be3a5
2f7426e2d36c01e8beadc8c7c47e67f6be0dc8b1
6d6d4c22857d8ef42ddbe9160e9c50be59655d70e7a155aa2e9e3e3446cd8de1
GET /rsrc.php/v3iEpO4/y_/l/en_US/YJojGYumZIr.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:48:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: DBnnULdDsBVX23a16AvjpQ==
x-fb-debug: i5cgXw9All45DNCN9VAKsdki6y+nKWPdDjeddyjuL8mCSjqLdAH86BFHM7TnVdobpF0kARkhpX8I1T8/ODY69Q==
content-length: 23298
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/WeGVokWu1z8.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/WeGVokWu1z8.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4093)
Hash 6c8010de124f416909ce23a605a167c6
97575291f0b71b83a53304280eff021ec8eebddf
8c348db801faadb07093050f41ca7f1be44c17a1236f2764b161c78a9ee1c227
GET /rsrc.php/v3/yt/l/0,cross/WeGVokWu1z8.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 06 Oct 2023 18:20:32 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: bIAQ3hJPQWkJziOmBaFnxg==
x-fb-debug: Vp5YwiHo2KYbiBylRUqZyRvlwIpbyRYv/FFDQ6K/JkdjQnA9fnSvh3ug44JIva2L91RgFjiYl7FvnDNP5DRprQ==
content-length: 4772
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.gravatar.com/avatar/b6f66768ae3173719b74853d31e46387?s=100&d=mm&r=g
192.0.73.2200 OK 3.2 kB URL HTTP/1.1 2.gravatar.com/avatar/b6f66768ae3173719b74853d31e46387?s=100&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 100x100, components 3\012- data
Hash 256dd497d68b20f22d37c797108d6f35
164cbe2c98a3dd870dde2fb0b7809f6275b985ef
c7b92a4e02d71e284452e30c72f8d6de27a6336d7f30091c7b278b9d6f27ce9d
GET /avatar/b6f66768ae3173719b74853d31e46387?s=100&d=mm&r=g HTTP/1.1
Host: 2.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:46:43 GMT
Content-Type: image/jpeg
Content-Length: 3195
Connection: keep-alive
Last-Modified: Sun, 06 Jan 2019 15:12:16 GMT
Link: <https://www.gravatar.com/avatar/b6f66768ae3173719b74853d31e46387?s=100&d=mm&r=g>; rel="canonical"
Content-Disposition: inline; filename="b6f66768ae3173719b74853d31e46387.jpeg"
Access-Control-Allow-Origin: *
Expires: Thu, 06 Oct 2022 21:51:43 GMT
Cache-Control: max-age=300
X-nc: HIT arn 3
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.5 kB IP 142.250.74.3:0
Hash bb04fdf2931fe0926efd73582ca8ec89
a2a366c67e30aabccae6811dc97561805fe60cd7
51fb1eb910d254b820d00df14162f1b092bcfda6f389d42bbca832109f6dd147
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.5 kB IP 142.250.74.3:0
Hash bb04fdf2931fe0926efd73582ca8ec89
a2a366c67e30aabccae6811dc97561805fe60cd7
51fb1eb910d254b820d00df14162f1b092bcfda6f389d42bbca832109f6dd147
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7849654843876803
142.250.74.66200 OK 56 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7849654843876803
IP 142.250.74.66:0
File type ASCII text, with very long lines (2910)
Hash 89a152c412e1135b3883e1b3adb09c35
a21f0e8377ae862edca654dce4d19ce5af3752dc
6d420173fa11f16a9d57fb634c1ac6bc1e10262d1c7f436fe5acd98c343bbb6a
GET /pagead/js/adsbygoogle.js?client=ca-pub-7849654843876803 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://panoramapapers.com
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 06 Oct 2022 21:46:43 GMT
expires: Thu, 06 Oct 2022 21:46:43 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17862030885451802106
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 55477
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
panoramapapers.com/wp-content/uploads/2022/06/LOGO-PANORAMA-03-PNG-OK.png
198.23.62.11200 OK 1.6 MB URL HTTP/1.1 panoramapapers.com/wp-content/uploads/2022/06/LOGO-PANORAMA-03-PNG-OK.png
IP 198.23.62.11:0
File type PNG image data, 2004 x 2130, 8-bit/color RGBA, non-interlaced\012- data
Size 1.6 MB (1567442 bytes)
Hash db4c8edb3ae26a7eb6fbbc321090eb7b
aa3abbaba87640e6b782f409efdeda22b5a78ae6
0d48c1221ea5ad52bca32fe22b5107adf48bf7464264b88f062ec1208d118361
GET /wp-content/uploads/2022/06/LOGO-PANORAMA-03-PNG-OK.png HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:42 GMT
Server: Apache
Last-Modified: Mon, 27 Jun 2022 19:28:35 GMT
ETag: "17ead2-5e272ed184ce3"
Accept-Ranges: bytes
Content-Length: 1567442
Vary: User-Agent
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
31.13.72.12200 OK 522 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
IP 31.13.72.12:0
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash b4fb567dfdf0df35a097f6e9ecfefd34
f9aa0cbb0dcb1442c15f39e84279c8568ac86beb
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
GET /rsrc.php/v3/ys/r/T1oMBrgJQCd.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: tPtWff3w3zWgl/bp7P79NA==
expires: Fri, 29 Sep 2023 04:52:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: RCJ9tu1epfA4naRGr1ifUZFoSZ0T3GAyDfYIB1SM8aBI/vmVpxVK7ZzFB8FeFf3b8U6X2b71mrskoxDVottrfA==
priority: u=3,i
content-length: 522
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:46:43 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FPanoramapapers%2Fposts%2Fpfbid02SDTYmEnkb1LEsLQyH3YozjPhApFJzQWafmyKzskT72226Upx7fWCuty8Q3KnfHK4l&show_text=true&width=500
31.13.72.36200 OK 50 kB URL HTTP/2 www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FPanoramapapers%2Fposts%2Fpfbid02SDTYmEnkb1LEsLQyH3YozjPhApFJzQWafmyKzskT72226Upx7fWCuty8Q3KnfHK4l&show_text=true&width=500
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (31264)
Hash 707e893d691caf1dc32edcf8ef160a90
0189d3007c23770ea3bd7a1fb2d7c04b9ea3ddf5
24f3e5c169795016db96095c0b3bf88b61907bd4bf99be05d5807f5f3be57414
GET /plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FPanoramapapers%2Fposts%2Fpfbid02SDTYmEnkb1LEsLQyH3YozjPhApFJzQWafmyKzskT72226Upx7fWCuty8Q3KnfHK4l&show_text=true&width=500 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ZL776/E4z+mZVv7+DmLLF5srj3JEAkV97IHTXZhDKJr9aWCjVNpSH08fjIiDHUKyPvUtnW5dP9GCfl+Dk0I6Jw==
date: Thu, 06 Oct 2022 21:46:42 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20221003/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:39:19 GMT
expires: Thu, 20 Oct 2022 05:39:19 GMT
cache-control: public, max-age=1209600
age: 58044
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-5RRFB2ZD5R>m=2oea50&_p=232930317&cid=706214033.1665092803&ul=en-us&sr=1280x1024&_s=1&sid=1665092803&sct=1&seg=0&dl=http%3A%2F%2Fpanoramapapers.com%2Fmali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques%2F&dt=Mali%20%3E%20Gouvernance%3A%20Le%20Premier%20ministre%20par%20int%C3%A9rim%20prend%20ses%20marques%20%E2%80%93%20Panorama%20papers&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-5RRFB2ZD5R>m=2oea50&_p=232930317&cid=706214033.1665092803&ul=en-us&sr=1280x1024&_s=1&sid=1665092803&sct=1&seg=0&dl=http%3A%2F%2Fpanoramapapers.com%2Fmali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques%2F&dt=Mali%20%3E%20Gouvernance%3A%20Le%20Premier%20ministre%20par%20int%C3%A9rim%20prend%20ses%20marques%20%E2%80%93%20Panorama%20papers&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5RRFB2ZD5R>m=2oea50&_p=232930317&cid=706214033.1665092803&ul=en-us&sr=1280x1024&_s=1&sid=1665092803&sct=1&seg=0&dl=http%3A%2F%2Fpanoramapapers.com%2Fmali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques%2F&dt=Mali%20%3E%20Gouvernance%3A%20Le%20Premier%20ministre%20par%20int%C3%A9rim%20prend%20ses%20marques%20%E2%80%93%20Panorama%20papers&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://panoramapapers.com
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://panoramapapers.com
date: Thu, 06 Oct 2022 21:46:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68cae76ca08d4e9629466fe6e31c4401
174a7298fb239a33068a15a2e900956dee1f5c2c
e0a2fb0dd6b622408d720f55ba8a8e21edd3d6ab6072aaa716e13ae6af3f6381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=panoramapapers.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=panoramapapers.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=panoramapapers.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:46:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=panoramapapers.com&callback=_gfp_s_&client=ca-pub-7849654843876803
172.217.21.162200 OK 204 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=panoramapapers.com&callback=_gfp_s_&client=ca-pub-7849654843876803
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 4bc9a85585b00c0c2975db83490cce8b
285306a7f5229a7813226e0e04a7a7323ef798d3
85100b338629e4d9f486917650a8e5ee24643a1d1adce8eee5635222dbff8caf
GET /gampad/cookie.js?domain=panoramapapers.com&callback=_gfp_s_&client=ca-pub-7849654843876803 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:46:44 GMT
server: cafe
cache-control: private
content-length: 204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=panoramapapers.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=panoramapapers.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=panoramapapers.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:46:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68cae76ca08d4e9629466fe6e31c4401
174a7298fb239a33068a15a2e900956dee1f5c2c
e0a2fb0dd6b622408d720f55ba8a8e21edd3d6ab6072aaa716e13ae6af3f6381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
panoramapapers.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
198.23.62.11200 OK 3.4 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 198.23.62.11:0
File type ASCII text, with very long lines (10544)
Hash f3c169bae2645e3f017e9023dbeee333
6bc8f86fc961e7bde0301b6e332123bccd929c01
5cfeea5794582a7a73cf6ea36a0399728286f38e1921181f4096f05df6f104db
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
Cookie: _ga_5RRFB2ZD5R=GS1.1.1665092803.1.1.1665092803.0.0.0; _ga=GA1.2.706214033.1665092803; _gid=GA1.2.832020226.1665092803; _gat_gtag_UA_169953827_1=1; __gads=ID=e66b0a24207dc8e7-2214fe8c3cce0007:T=1665092804:RT=1665092804:S=ALNI_MaDQHZYnLCGA9as9uPgFqCopsr5gw
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:44 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "29ba-5ea10fc73ecbb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3443
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.8
198.23.62.11200 OK 1.1 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.8
IP 198.23.62.11:0
File type ASCII text, with very long lines (2620), with no line terminators
Hash 366a9c35bbef9fea7021f6b1b56cf8d0
18feab78c61c6e8261db364d6681a9633041e837
b1108a264198109bc4e692e30e2dc7c148625fa9a3dce15477fc7618669c7a6f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.8 HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
Cookie: _ga_5RRFB2ZD5R=GS1.1.1665092803.1.1.1665092803.0.0.0; _ga=GA1.2.706214033.1665092803; _gid=GA1.2.832020226.1665092803; _gat_gtag_UA_169953827_1=1; __gads=ID=e66b0a24207dc8e7-2214fe8c3cce0007:T=1665092804:RT=1665092804:S=ALNI_MaDQHZYnLCGA9as9uPgFqCopsr5gw
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:44 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "a3c-5ea10fc73d933-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1139
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
panoramapapers.com/wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js
198.23.62.11200 OK 9.8 kB URL HTTP/1.1 panoramapapers.com/wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js
IP 198.23.62.11:0
Hash 3c0064ccf0d0c3828c537dc109f3b386
0fcf9cadcac0491018853da69d5c7c07eb615b34
f701ef78307d6d5bb94046d90fe5d1551f8cd63ea71bdeb60b30d6bdfa091822
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js HTTP/1.1
Host: panoramapapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://panoramapapers.com/mali-gouvernance-le-premier-ministre-par-interim-prend-ses-marques/
Cookie: _ga_5RRFB2ZD5R=GS1.1.1665092803.1.1.1665092803.0.0.0; _ga=GA1.2.706214033.1665092803; _gid=GA1.2.832020226.1665092803; _gat_gtag_UA_169953827_1=1; __gads=ID=e66b0a24207dc8e7-2214fe8c3cce0007:T=1665092804:RT=1665092804:S=ALNI_MaDQHZYnLCGA9as9uPgFqCopsr5gw
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:44 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 17:59:19 GMT
ETag: "7149-5ea10fc7436f3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9503
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-169953827-1&cid=706214033.1665092803&jid=1949668243&gjid=1286661985&_gid=832020226.1665092803&_u=YCDACUAABAAAACAAI~&z=643594719
173.194.73.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-169953827-1&cid=706214033.1665092803&jid=1949668243&gjid=1286661985&_gid=832020226.1665092803&_u=YCDACUAABAAAACAAI~&z=643594719
IP 173.194.73.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-169953827-1&cid=706214033.1665092803&jid=1949668243&gjid=1286661985&_gid=832020226.1665092803&_u=YCDACUAABAAAACAAI~&z=643594719 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://panoramapapers.com
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://panoramapapers.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Oct 2022 21:46:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
forecast7.com/fr/22d40114d11/hong-kong/?format=json
104.21.71.89200 OK 943 B URL HTTP/2 forecast7.com/fr/22d40114d11/hong-kong/?format=json
IP 104.21.71.89:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4733), with no line terminators
Hash 27ec6f74c2318c55e50330042da670d3
bf64dd7dbe5c1f06b0de56136b53b566112324cb
00d79b1676708b4c5d6fcb44c63193103ac9ee8d6d4008ac830fd4d1e30852a2
GET /fr/22d40114d11/hong-kong/?format=json HTTP/1.1
Host: forecast7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://weatherwidget.io
Connection: keep-alive
Referer: https://weatherwidget.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:46:44 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-origin: https://weatherwidget.io
expires: Thu, 06 Oct 2022 21:48:00 GMT
etag: W/"12b7-uqBf48vB9M/XG9d1+N7z9DGdDJ8"
x-proxy-cache: MISS
cache-control: public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6AI0h1wEmJOf9CUgUMnJB6IhQEQPCcr4f%2Fl0ZPtTcq68zgHEzwnsyW2VWUi0JkMDeASljCapX7A7a7WSCUupX4P6EcogQ%2F8idgMXE2hT7emc3wSd7BLD8ndjxDEIVsM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7561976c7959b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 36b2ebb263a694be6b81a02818e3d9e4
b73b329f15a2fc2ab0d6ea468695b3f79c27be94
e76b12ed5b195fddd74ac3f63fd2f985e22fea47c025eec8b0260b5560f9c515
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 06 Oct 2022 21:46:45 GMT
expires: Thu, 06 Oct 2022 21:46:45 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 20:36:17 GMT
expires: Thu, 05 Oct 2023 20:36:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 90628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 1747f17e25cd2d5eb7460c5aac5f05a8
f47bdec003bd5687dbd67826b1cc052ed4611d0b
1d4e17ee40e97d2c4a72330dfa5b1d8b1fd576b3a84fd7018adcced0af45aaf0
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 06 Oct 2022 21:46:45 GMT
date: Thu, 06 Oct 2022 21:46:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-FXhpaXioSIXYsVAT4Tw50Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41249b23-0479-4820-9c68-da428c1d2faa.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41249b23-0479-4820-9c68-da428c1d2faa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash caf0e5e75898e70a4f2caa2a707c7af9
25a573f90d12a42a6e63c65485be5fc325b0bfde
cec7ab3a7f6e02b57ee72ca7eee70c16b9026679aa7cd6c0739669731ccc94d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41249b23-0479-4820-9c68-da428c1d2faa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: 7aeb8664-0241-40e1-ac8d-aef56b2a1847
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBHS9IAMFYKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-19caf51e2f8b7df363293db3;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: -Y3Utot6t5i9ws9JDG4eGGQYEzrN5d48KD9rZ0p1mscrMzOXBTsp1Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:25 GMT
etag: "25a573f90d12a42a6e63c65485be5fc325b0bfde"
content-type: image/jpeg
age: 142
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 21:46:41 GMT
date: Thu, 06 Oct 2022 21:46:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
weatherwidget.io/js/widget.min.js
172.64.201.38200 OK 0 B URL HTTP/2 weatherwidget.io/js/widget.min.js
IP 172.64.201.38:0
GET /js/widget.min.js HTTP/1.1
Host: weatherwidget.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:46:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Oct 2019 21:35:32 GMT
vary: Accept-Encoding
etag: W/"5d9d0124-a4e"
cache-control: public; max-age=14400
cf-cache-status: HIT
age: 9602
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLKkF0S4gd8vLQynoi89MCzYQJtMJtqs9I%2BYLIq0%2BLlCZ1aSqydJ4M%2BxS284%2BhFHzIU4o9EDoPZ7o%2Fju%2Bsdrbqv%2FwNb%2Bp6cCz5tkiemGRGhAQkqR5rD%2FqntzdjbwD%2BQQHRx3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7561975f0a2b76f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=DM+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=8.2.5
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=DM+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=8.2.5
IP 142.250.74.10:0
GET /css?family=DM+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=8.2.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 21:46:41 GMT
date: Thu, 06 Oct 2022 21:46:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/iframe_api?ver=1.0
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api?ver=1.0
IP 142.250.74.174:0
GET /iframe_api?ver=1.0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://panoramapapers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 06 Oct 2022 21:46:41 GMT
date: Thu, 06 Oct 2022 21:46:41 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=zxsj23nKJfU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=B787PD1K8YM; Domain=.youtube.com; Expires=Tue, 04-Apr-2023 21:46:41 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+152; expires=Sat, 05-Oct-2024 21:46:41 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
forecast7.com/en/38d91n77d04/washington/?format=json
104.21.71.89200 OK 0 B URL HTTP/2 forecast7.com/en/38d91n77d04/washington/?format=json
IP 104.21.71.89:0
GET /en/38d91n77d04/washington/?format=json HTTP/1.1
Host: forecast7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://weatherwidget.io
Connection: keep-alive
Referer: https://weatherwidget.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:46:44 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-origin: https://weatherwidget.io
expires: Thu, 06 Oct 2022 22:06:38 GMT
etag: W/"1283-gRG97zFBMYyHfJ6ALZL70sk1zIs"
x-proxy-cache: EXPIRED
cache-control: public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BneENxSOFYxkAoZ%2BLFFZhXMMZdVKZzVMRRvv34twWk8ZKtuuk8KrX10LjTPQb02bw6F3ZobmOh9HzXRHXX3II3CdCCCjys3hheG1Q2L86zp2rpNxnqyr3J1L2gucvSWW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7561976c5919b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
forecast7.com/fr/3d8511d50/yaounde/?format=json
104.21.71.89200 OK 0 B URL HTTP/2 forecast7.com/fr/3d8511d50/yaounde/?format=json
IP 104.21.71.89:0
GET /fr/3d8511d50/yaounde/?format=json HTTP/1.1
Host: forecast7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://weatherwidget.io
Connection: keep-alive
Referer: https://weatherwidget.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:46:44 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-origin: https://weatherwidget.io
expires: Thu, 06 Oct 2022 22:33:02 GMT
etag: W/"127c-jYBCdz31AjSqCekK91EYpgOl8TA"
x-proxy-cache: MISS
cache-control: public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIiisqZSFrJvofj%2Ftxy6PGqDQNad6OsaKq6SXL%2FhvlfBQFGqNjhATK%2B7tzIj7wFs9zH1ixYjrwTOgpihmgpP9r%2FtqLyyvmLIW60YPCNSWpJxOXXQUn6%2BLjcb36yN%2FfYD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7561976c6949b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2