www.o-sge.com/support/index.php/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
159.8.122.140301 Moved Permanently 707 B URL HTTP/1.1 www.o-sge.com/support/index.php/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
IP 159.8.122.140:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /support/index.php/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99 HTTP/1.1
Host: www.o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 17 Dec 2022 21:33:26 GMT
server: LiteSpeed
location: https://www.o-sge.com/support/index.php/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3cf7e36f17a535e53e5213c02cf2b4
e65acbc03135ce135b9e91b4f74b3e1439faa6f6
a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14099
Expires: Sun, 18 Dec 2022 01:28:25 GMT
Date: Sat, 17 Dec 2022 21:33:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae86164fd9297dfdc05d67d69284d70e
5e5f27e3fd492f715baa6820f05c0fafde4040b3
be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5584
Expires: Sat, 17 Dec 2022 23:06:30 GMT
Date: Sat, 17 Dec 2022 21:33:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 17 Dec 2022 20:45:22 GMT
content-type: application/json
age: 2884
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5b38399fcc8246505e5e6b0f62803a5a
bb374f8d97b2bd798873d74c6bbab20ad6843e96
406ab3af8adf2b151c052a06c0379fd8d83d3362e90c17ac2e5481b6b9a7441f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "406AB3AF8ADF2B151C052A06C0379FD8D83D3362E90C17AC2E5481B6B9A7441F"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13680
Expires: Sun, 18 Dec 2022 01:21:26 GMT
Date: Sat, 17 Dec 2022 21:33:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hGpK+zJT/zBvCDkA1vxAs1RgleF1i06TMvI+RbAQ8KuUY6BJuumQ/rw9H9Mx79Oy8iapV7P3H9o=
x-amz-request-id: TB2957SFKS7W7YGS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 17 Dec 2022 20:51:56 GMT
age: 2490
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Dec 2022 21:33:26 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 17 Dec 2022 21:08:00 GMT
age: 1526
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6030
Cache-Control: max-age=134034
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 21:33:27 GMT
Etag: "639d86ab-1d7"
Expires: Mon, 19 Dec 2022 10:47:21 GMT
Last-Modified: Sat, 17 Dec 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C/EqyTWLYlh/ICU5TKonow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DLFxupvES1qvyPJ6Bb8OobpbWHE=
www.o-sge.com/support/index.php/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
159.8.122.140301 Moved Permanently 0 B URL HTTP/2 www.o-sge.com/support/index.php/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
IP 159.8.122.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /support/index.php/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99 HTTP/1.1
Host: www.o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.2.34
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
content-length: 0
date: Sat, 17 Dec 2022 21:33:27 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6095
Expires: Sat, 17 Dec 2022 23:15:03 GMT
Date: Sat, 17 Dec 2022 21:33:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6095
Expires: Sat, 17 Dec 2022 23:15:03 GMT
Date: Sat, 17 Dec 2022 21:33:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6095
Expires: Sat, 17 Dec 2022 23:15:03 GMT
Date: Sat, 17 Dec 2022 21:33:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6095
Expires: Sat, 17 Dec 2022 23:15:03 GMT
Date: Sat, 17 Dec 2022 21:33:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6095
Expires: Sat, 17 Dec 2022 23:15:03 GMT
Date: Sat, 17 Dec 2022 21:33:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c3454ef9b4c0d31eecf53e44471cecb
f1182e860380b637388fa7f90c36e0a8c9edd657
c474493452d48121f0050efdd197231909d3c9de0fccbe07bf5706162b848624
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7048
x-amzn-requestid: d2665a61-0c5f-429e-bd9c-f4c6aec4fe14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEvH6VIAMFd2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce551-65d1775b5f07d8bf10beae48;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zWO_LMG3fez0GBfCwXtYm9IPAN1LKsomAPVR8ApRb44i2UAf5tOHAw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:30 GMT
age: 85978
etag: "f1182e860380b637388fa7f90c36e0a8c9edd657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 406a837a79921b55b79cbefe97f28baa
852e6b2fbc7cf50ed1824491293036092ca928e5
310c2d8f56b08dbcc4a6373ec8b7d4c33e531540eb8b5c446609398ee9f3448a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9027
x-amzn-requestid: 810f640d-b3dd-42fd-8317-f701a2bdb551
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEjHRfoAMFRfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce550-666de65c79de87b06a985a83;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y34VDlEkPoUgYchKTvPk-88ObNqiDdQWc-9Z3tmuI0TUbSmhliD0iw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:29 GMT
age: 85979
etag: "852e6b2fbc7cf50ed1824491293036092ca928e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe9d995-0778-4444-81cd-99e5198ac11e.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe9d995-0778-4444-81cd-99e5198ac11e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cfd12f93a2a0efcbdc0aadfc18263e8
93ece0b291bd44a399612b832d8c7e9767ba3ce9
d40ab574038fb1642b0d64b430339552761496a0d0b99e238bb4d4f87e822484
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe9d995-0778-4444-81cd-99e5198ac11e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3953
x-amzn-requestid: e528941a-b54c-4275-bce0-91f4c9dd7f2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0NMpGvxoAMFmRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918f1d-573aec4e11da97b91c9cd289;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 07:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fgDwqhhO8hyuEEUtJrzHn2nwBj9EV0PFG0Dtgmihhucxghk-KS1j7A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 06:17:24 GMT
age: 54964
etag: "93ece0b291bd44a399612b832d8c7e9767ba3ce9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fae5a52ce167de2a060dc814a744e98
4b108a79a4ad796a34f4b2b8950df907137680e3
61e1fe4a8c074a031e0628ca393449e42d70dcf3411481936c26c1fad7a5451b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9837
x-amzn-requestid: 7c104466-a4d8-4e03-94e6-79a18bd3bf54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjWiEMlIAMFaaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce5c3-4b0e776f4f0edd533795a6ee;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:40:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BoDm_UMgTvGhUoJOaM2x6-YXgFOFuLanBV4hjgsPNTFxn_9CQjELUQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
etag: "4b108a79a4ad796a34f4b2b8950df907137680e3"
content-type: image/jpeg
age: 85989
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d9d95001bfc942895a41fb4bbd50c56
67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9
042c3809a802ef44ff6de8a270194cdf69cc3ba9d8f5192110dda7829d2d52d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5710
x-amzn-requestid: 9e587daa-7632-4765-a8c5-6cea13058bac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJEp6IAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-63c04fa4691c32f914301a3d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 02zJXkn7VAHHSaUAxTKCXgMFDX7THSeSZ2oeyblrRuOwBEgPVzSSgA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:53:20 GMT
age: 85208
etag: "67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fdbd1e175352e7ec7dc2a25f04a5a9d
954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2
bdba0c3d4509764e87db688c1b8086c309f4a2cbe95d1f2130ce01d184f2fa17
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 5d9871d6-1512-4ffa-8b85-3c4c7595b723
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEj3XGsxoAMFxIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639819c8-7a65df352cc4e71e5aa518f8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 06:20:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V2j4CWBbvNniyBK3vdt4Hg7ROB-xjuzsvdGBmh2U1BGYGWwkT6JJ_g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:42:32 GMT
age: 85856
etag: "954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/gs-testimonial/gst-files/assets/css/custom.css?ver=1.8.12
159.8.122.140200 OK 1.5 kB URL HTTP/2 o-sge.com/wp-content/plugins/gs-testimonial/gst-files/assets/css/custom.css?ver=1.8.12
IP 159.8.122.140:0
File type ASCII text, with CRLF line terminators
Hash 72978698c0445771a10934a18fd585fe
33ab57c35c70be213f6c2fa4fa7549669b9758b9
39c09b548280a6dede61e16e5ca9cee7f1c48244063080daddcb20b2859604b9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gs-testimonial/gst-files/assets/css/custom.css?ver=1.8.12 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Mon, 14 Dec 2020 16:03:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1454
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2
159.8.122.140200 OK 3.9 kB URL HTTP/2 o-sge.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2
IP 159.8.122.140:0
Hash 8db1dc5a45a1a1e62960dca50435649f
90002174c86884825472644c369a4cf99199ffcc
6cf2021a35394e1c92d213385f7d2bbe5270e0a0b37af6bfac4171b0cda7dcc7
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Thu, 12 Nov 2020 08:39:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3854
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css?ver=2.1.7
104.17.25.14200 OK 5.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css?ver=2.1.7
IP 104.17.25.14:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash aa712f2a9ab349290ddbc871138b13ba
2be3765114dbce70c84786dd7d2838c7edce486c
84dce905b67560d91a9993771337d6e5946c7f1e502b5bf06fb0ef6d34b97b57
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css?ver=2.1.7 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 21:33:28 GMT
content-type: text/css; charset=utf-8
content-length: 5884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-9226"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2768551
expires: Thu, 07 Dec 2023 21:33:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18Al90uryb3G87%2FvduX7xeY5YG5ywq%2BzPRC1wQP%2BSL6hrFdZl6IgO5QfPiTaWyMnmOdG6F7o%2FuLfgie%2F3Fis00IUwW2j6%2FEulymM5al7V9Z%2B9I7QerSocmSd40FwAqcRJOunuUTi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77b2c6fd0c4bb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
o-sge.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
159.8.122.140200 OK 12 kB URL HTTP/2 o-sge.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 159.8.122.140:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 20:42:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/css/classic-themes.min.css?ver=1
159.8.122.140200 OK 217 B URL HTTP/2 o-sge.com/wp-includes/css/classic-themes.min.css?ver=1
IP 159.8.122.140:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
content-length: 217
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/bold-timeline-lite/style.css?ver=6.1.1
159.8.122.140200 OK 11 kB URL HTTP/2 o-sge.com/wp-content/plugins/bold-timeline-lite/style.css?ver=6.1.1
IP 159.8.122.140:0
File type ASCII text, with very long lines (380)
Hash a9461cf3e969eabf544c404a5f181b86
962a74f051a34f77ae3ce51db7a5d017d350cfe7
a8516bf679829bb205fe171bf29361331a1a41d2b24f523c5fb1c109c3bf53ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bold-timeline-lite/style.css?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 17 Nov 2020 09:24:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10727
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3
159.8.122.140200 OK 621 B URL HTTP/2 o-sge.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3
IP 159.8.122.140:0
Hash 85598598d8403d6f36ffb33763088efe
13cee471c0ee733cc5ab17a995fe789b77fe63b1
5ea1e09117bb834b01b00f95d9c0f9935ed8a242987d85e65ee1929bb5b7335a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Thu, 12 Nov 2020 08:38:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 621
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/post-timeline/public/css/animate.css?ver=2.1.7
159.8.122.140200 OK 4.1 kB URL HTTP/2 o-sge.com/wp-content/plugins/post-timeline/public/css/animate.css?ver=2.1.7
IP 159.8.122.140:0
File type ASCII text, with CRLF line terminators
Hash 041431556748bcef042cb868500c13e4
092db3dc4b9da722b5d8e10e28dc4a07352b3fd7
b7899facc0fbbba7dd2d7d3f538ca761232f41df856a0339d59ec0707fe427c5
GET /wp-content/plugins/post-timeline/public/css/animate.css?ver=2.1.7 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Fri, 13 Nov 2020 16:08:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4112
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/post-timeline/public/css/post-timeline.css?ver=2.1.7
159.8.122.140200 OK 1.8 kB URL HTTP/2 o-sge.com/wp-content/plugins/post-timeline/public/css/post-timeline.css?ver=2.1.7
IP 159.8.122.140:0
File type ASCII text, with very long lines (869), with CRLF line terminators
Hash 3a9390d8e26730eab0a7da38ae514cba
628e815f6fa92b0fd95e4db65142689a9810ed49
86aa1708c37cebec0dfbc75b07c53517e388efeb25fc8992a833df53cc1e2ab2
GET /wp-content/plugins/post-timeline/public/css/post-timeline.css?ver=2.1.7 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Fri, 13 Nov 2020 16:08:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1802
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/post-timeline/public/css/bootstrap-theme.min.css?ver=2.1.7
159.8.122.140200 OK 2.0 kB URL HTTP/2 o-sge.com/wp-content/plugins/post-timeline/public/css/bootstrap-theme.min.css?ver=2.1.7
IP 159.8.122.140:0
File type ASCII text, with very long lines (19670)
Hash de0a855665805717b1f5a5a28b9d89f6
8a1a619abb293c34b509a5cd086d3d96a66b7510
d64a79b71dfae87ec1e262c332fa1bf339ef6289c50b89b007f04dd762e620de
GET /wp-content/plugins/post-timeline/public/css/bootstrap-theme.min.css?ver=2.1.7 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Fri, 13 Nov 2020 16:08:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1970
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/post-timeline/public/css/bootstrap.min.css?ver=2.1.7
159.8.122.140200 OK 21 kB URL HTTP/2 o-sge.com/wp-content/plugins/post-timeline/public/css/bootstrap.min.css?ver=2.1.7
IP 159.8.122.140:0
File type ASCII text, with very long lines (386)
Hash 30ccc3424514df1412aefe764e40736a
3ba3d5959ff6b0bf7fc3e17237b14134e57d0e1f
d8238c72858db043c59d50c635dfec11de997390adaf72db228fb938a515ecdf
GET /wp-content/plugins/post-timeline/public/css/bootstrap.min.css?ver=2.1.7 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Fri, 13 Nov 2020 16:08:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21147
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23
159.8.122.140200 OK 12 kB URL HTTP/2 o-sge.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23
IP 159.8.122.140:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 7cf1a82356797e33772aa878ac5e494c
c55136905a7f9bb658bd8838d309a86eb4d97558
7578387996db1a0b0408038de76795ff3b1688ac9d42687060f32ed991a375bc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Thu, 12 Nov 2020 08:39:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12088
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/rich-event-timeline/Style/Rich-Web-Icons.css?ver=6.1.1
159.8.122.140200 OK 6.6 kB URL HTTP/2 o-sge.com/wp-content/plugins/rich-event-timeline/Style/Rich-Web-Icons.css?ver=6.1.1
IP 159.8.122.140:0
File type ASCII text, with very long lines (412), with CRLF line terminators
Hash c8665244f1107fa68ae292927cf90fd2
5a74ec3bb4549b2c3125e35fbec3e641391fdb5b
dc5d6c3bdfd5907827b77781125c9a0cb8769f92069dde62a20bbc3cebdd3eca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/rich-event-timeline/Style/Rich-Web-Icons.css?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 17 Nov 2020 08:02:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6623
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/testimonial-builder/assets/css/bootstrap-front.css?ver=6.1.1
159.8.122.140200 OK 1.0 kB URL HTTP/2 o-sge.com/wp-content/plugins/testimonial-builder/assets/css/bootstrap-front.css?ver=6.1.1
IP 159.8.122.140:0
File type assembler source, ASCII text, with very long lines (780)
Hash c85d477f597b0ac1896cfae9414cb063
7ec3e7a52934e5cf73653e4c00fe732f61c31973
968a2bb488be10836098bb4c9415fd8cc7a3d2bcef969a72a7ba054d549feba5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/testimonial-builder/assets/css/bootstrap-front.css?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Mon, 14 Dec 2020 15:55:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1015
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/testimonial-builder/assets/css/style-1.css?ver=6.1.1
159.8.122.140200 OK 307 B URL HTTP/2 o-sge.com/wp-content/plugins/testimonial-builder/assets/css/style-1.css?ver=6.1.1
IP 159.8.122.140:0
File type ASCII text, with CRLF line terminators
Hash b3b35af19a40a0d066af879683e935ad
7af150c337aec4f147210704661440426ccdd7b7
3a157d7b86571c625ecc930ef17c4f1e52610cdac7133ce2de3a78319133810e
GET /wp-content/plugins/testimonial-builder/assets/css/style-1.css?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Mon, 14 Dec 2020 15:55:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 307
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/testimonial-builder/assets/css/style-2.css?ver=6.1.1
159.8.122.140200 OK 474 B URL HTTP/2 o-sge.com/wp-content/plugins/testimonial-builder/assets/css/style-2.css?ver=6.1.1
IP 159.8.122.140:0
File type ASCII text, with CRLF line terminators
Hash 4e4da5deadf6a18159999545f7598ad3
fa6c86208b6f495b396ec1ce81ebf47d257aa1ed
765949b508f724c81e8c1a7923e75c88019375adb4a23cd6c656a5ede12fca35
GET /wp-content/plugins/testimonial-builder/assets/css/style-2.css?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Mon, 14 Dec 2020 15:55:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 474
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/testimonial-rotator/testimonial-rotator-style.css?ver=6.1.1
159.8.122.140200 OK 1.9 kB URL HTTP/2 o-sge.com/wp-content/plugins/testimonial-rotator/testimonial-rotator-style.css?ver=6.1.1
IP 159.8.122.140:0
Hash f637f1f9e9203f3187bb1aac94761343
5d4b9cd8d1fd42353ce25eca2d1f131beb2c5d5f
187d3b62fab4435c11c46404e382b8d261028492f26a974ca36006edbaafa2db
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/testimonial-rotator/testimonial-rotator-style.css?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Mon, 14 Dec 2020 16:36:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1917
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/css/base.css?ver=21.8.5.2
159.8.122.140200 OK 12 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/css/base.css?ver=21.8.5.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (464)
Hash 122174b389c6c85c91c8f0e3599a0777
5eea632c900d816681b30fac09ce9448d271b7d1
e95df4e8ce00da5f434aff3b73eb5be02663b3de8e5b4657d1075ed402e9a8f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/base.css?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11657
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.8.5.2
159.8.122.140200 OK 4.4 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.8.5.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (58508), with no line terminators
Hash 5c5fe8aa13d58b843d84f4a6e2e83632
2c3ee79ef50ac467448065b88a6eb1d4f1d38f41
edf9e107f9c9afea6091fb4a95408ff3318e4e03b2cbe446935a048d6b3522f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4426
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/style.css?ver=21.8.5.2
159.8.122.140200 OK 193 B URL HTTP/2 o-sge.com/wp-content/themes/betheme/style.css?ver=21.8.5.2
IP 159.8.122.140:0
Hash 79ed7c4676a7b84324c1d3f3e99ea81d
7ad219549317954f669b133dcdc5fe985f42b88b
e24851252b52fb8305bb1e43f79ccf75403b1063b992d427574afb98c30c0091
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/style.css?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 193
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
159.8.122.140200 OK 6.7 kB URL HTTP/2 o-sge.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 159.8.122.140:0
File type ASCII text, with very long lines (30837)
Hash 5dbbe85d6a3308dceb97d91b740b0f11
3f70abf9963371962665167f98ba52365481496d
751d4fdd16bd33cc9c93bcaadcd316922ca9bbd74cb6a9e1705c8bef4330dabf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Thu, 12 Nov 2020 08:39:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6657
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.8.5.2
159.8.122.140200 OK 1.9 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.8.5.2
IP 159.8.122.140:0
Hash ec9c4823adb01a097d655f555adca9af
f50a073e8be2d675bf6c5af96f50a8f048a2ed15
8295f041024bf84f41a8c3292c995448dc00824bca9c70a1307255587492b7ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1907
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b09c5fd392d9d40a99ab4c70e59fd24e
40e39676ca8052fd8b9eab501750f0011737f507
8c2b60b0ec0a8121d5c5a8dda2ec1a57b923efe10246386262f359f6a458cdcd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 21:33:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
o-sge.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.8.5.2
159.8.122.140200 OK 3.0 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.8.5.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (365)
Hash a5cb35e4cf605b1c2300bb0f8f683a98
bf21bb26f65071cc87c84eaf46345179f75d6b04
a1b0b9189cfda45ef14f6436025e9e9e705ade5dc9f5ce01a49f88d40ce6f834
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3037
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/css/responsive.css?ver=21.8.5.2
159.8.122.140200 OK 9.8 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/css/responsive.css?ver=21.8.5.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (612)
Hash 822f32553da4d81da375faf90bd923d5
a39f14c336e8dbf1b6fd4e542b8b339759543e7b
9743702004f8597a69135a94e938822a95295bc2dcc0b5d85ca412d2a03885d8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/responsive.css?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9789
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
159.8.122.140200 OK 4.0 kB URL HTTP/2 o-sge.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2
159.8.122.140200 OK 3.1 kB URL HTTP/2 o-sge.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2
IP 159.8.122.140:0
File type Unicode text, UTF-8 text, with very long lines (21440)
Hash a33200decfdde3aaf061f38c9f6588d3
e0634089dff212a5a0baa412d505257ce59d8377
fb2bc7235748ce612911d0858b1a63c2113e285ee78a57527bfa5db216e2aeb0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Thu, 12 Nov 2020 08:39:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3091
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/bold-timeline-lite/assets/js/bold-timeline.js?ver=6.1.1
159.8.122.140200 OK 1.7 kB URL HTTP/2 o-sge.com/wp-content/plugins/bold-timeline-lite/assets/js/bold-timeline.js?ver=6.1.1
IP 159.8.122.140:0
File type ASCII text, with very long lines (309), with CRLF line terminators
Hash 33bc4313b9d4c5d2fdffa82298e2253a
7afe4bfae667c2021acfa5913c9b73ed73f99213
18239144c113584248f7ffa3d4b6f00fa4ac34ea835664259d0e455069c6e439
GET /wp-content/plugins/bold-timeline-lite/assets/js/bold-timeline.js?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Nov 2020 09:24:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1744
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2
159.8.122.140200 OK 6.3 kB URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (15446)
Hash a0504724dbb256f37f15c469425c485f
76555844ad15af75402eb4ad920c22ba7a04d5a2
3e1676b98a3940b1f593b134a08979a125a4373f46484d5a743c3e1ced915a39
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6309
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.13.2
159.8.122.140200 OK 416 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (552)
Hash bbfa32b33fb0b44b1ac5e2ae6f5c67ef
5016be0a67363a63f87ebe3ecbbd879404315a8f
19c6e24cd6beb57f69ae523b904aadaf77a44f93ab375accb63700058d067778
GET /wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 416
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.13.2
159.8.122.140200 OK 444 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (678)
Hash 392835d7454a69233e780cb4bf6b926b
9050949fb584df21cc175faed7de9407de9f44d1
9cc534c5f09b282a90ced3851b17998315250f8c0613be03c58f5d875f1ba1f4
GET /wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 444
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.13.2
159.8.122.140200 OK 400 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (595)
Hash 0dd8d0bca3871d5920d966fffe2261f3
b6fcdbb32946ebc7e51a1a85d43088dff46fc7e1
1e975f0433cf637199bc5a2c080697028b513e5d30dcc730b1bd2d33aecaadfd
GET /wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 400
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.13.2
159.8.122.140200 OK 534 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (788)
Hash 3b5e29379df62a830e9fc71728d19a8a
9ecba6aabe7858d3fc79593d718073c1767aae22
b8890b66c41e24e68e6189e459c3cecd75478f12b50da9782512459f58b6036f
GET /wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 534
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.13.2
159.8.122.140200 OK 587 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (918)
Hash 5af94cb94f4ae098d7ef77cfaed040db
1614ced113b38f4a4c5647fee232c72e2d1057e6
3de3f86baf3afde188ffbc5ff376b2ff405c48cb08ea331afbaa83b208b93168
GET /wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 587
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.2
159.8.122.140200 OK 290 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (324)
Hash c0b804a02f075d9335138d1b1917828c
fbbe9c7a521f2067296876c75689e1d01d47b50e
810c760ef27ebe101bc67fe34e5a9edb1d0d678b8c23e1638a4a13280dbae5d8
GET /wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 290
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/css/layout.css?ver=21.8.5.2
159.8.122.140200 OK 19 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/css/layout.css?ver=21.8.5.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (393)
Hash f2c9604165e7d541dc8f68bd684458ee
d379f405f84b5797e3f588e967c356bf80c89af4
e96a5ee66e8f0b250125546b16a1242d3d22b179c7c054c9772629605e4af536
GET /wp-content/themes/betheme/css/layout.css?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19411
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.8.5.2
159.8.122.140200 OK 22 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.8.5.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (404)
Hash 86f74c2ebac66f6386395809c04d69d8
7c3792010b43817d32fd84d7d3c2a27cdb52e95a
3dd675ea59c40214e571fcd425ae7b2c3055a125dbd317212e0cdd21a99aa68b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/shortcodes.css?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: text/css
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21661
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
159.8.122.140200 OK 30 kB URL HTTP/2 o-sge.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 159.8.122.140:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2
159.8.122.140200 OK 41 kB URL HTTP/2 o-sge.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (65315)
Hash c6eb60ffa24e9e576d0122b5c47a274a
cdc252b675a60a21556af9fb91a50f302fad4d44
8e617d7b564b0d1d7a67a519058c71b3950adf8f2c415b088e961d70b94db53f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Thu, 12 Nov 2020 08:39:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 40773
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2
159.8.122.140200 OK 46 kB URL HTTP/2 o-sge.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (65322)
Hash df6f62e64ea2352f070bd6c980a3bb13
d0d9fe37ed1fec23596c0d4ecb8cf41de47bf287
59f9ba5f762073eaaa75118f5d817aafd0aaac0d8bbb022089d28b06a676a02f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Thu, 12 Nov 2020 08:39:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 45616
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23
159.8.122.140200 OK 44 kB URL HTTP/2 o-sge.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23
IP 159.8.122.140:0
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash 4fabca2522b46655d66e80a8e0f51b99
90deed5fcafb260dceec850841a335d883072967
1b8b3b55102a08e2bf87c5a743baf2a24da44ce11a2da488a8afaa1fdf77134c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Thu, 12 Nov 2020 08:39:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 43687
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 953635cff82596ecfcbd7ff83474031a
5ea2fa051d49d203df6582bc273639a90348f8d2
bb63f27f12c917fccddd13680972fc6e12a8e0e4dcb9b9340f7f911c8b1db9ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 21:33:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LfDdQsjAAAAAJiLNpRsvJXSBnN_UWMktfDKDw2H&ver=3.0
142.250.74.132400 Bad Request 119 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfDdQsjAAAAAJiLNpRsvJXSBnN_UWMktfDKDw2H&ver=3.0
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 96612d2b1b529ecfcf09798c3eb100bf
4f32d5d3ccf4d44ae71309dfa8d6f9d396614a27
7c58bfa17d0c600b7455e6bfb3d8371fbf93da20a7a53ed1efad37d692f1cba0
GET /recaptcha/api.js?render=6LfDdQsjAAAAAJiLNpRsvJXSBnN_UWMktfDKDw2H&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 17 Dec 2022 21:33:28 GMT
expires: Sat, 17 Dec 2022 21:33:28 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 119
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 157b62091fad279063f540564a4c72e6
9db33b844db31eed03695c97daf4c84a4d7d265f
92904432175c023613dea4d660d2c9098e00b7f3b628c8519bf5b404cad450a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 21:33:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
o-sge.com/wp-content/plugins/post-timeline/public/js/ptl-anim.js?ver=2.1.7
159.8.122.140200 OK 3.5 kB URL HTTP/2 o-sge.com/wp-content/plugins/post-timeline/public/js/ptl-anim.js?ver=2.1.7
IP 159.8.122.140:0
File type ASCII text, with CRLF line terminators
Hash 8a152eacb18279588b275cc1c0af6008
089ec75435cda7433cb35010d4b853a34a52594e
9bc2c2a1cea9072ee33d34580c74db9e16f7dbbc63bc257e5724bcc50915b546
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/post-timeline/public/js/ptl-anim.js?ver=2.1.7 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Fri, 13 Nov 2020 16:08:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3496
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/post-timeline/public/js/smooth-scroll.js?ver=2.1.7
159.8.122.140200 OK 5.6 kB URL HTTP/2 o-sge.com/wp-content/plugins/post-timeline/public/js/smooth-scroll.js?ver=2.1.7
IP 159.8.122.140:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 8ce2f40b6f745bd92742bbc4d8017949
2d424d93323989d29e8270c4e7f4595a0a92af9e
60a581f8c131cfb5dea15a5f28ea6a6ed05ac08fca1f435426d43549399ee5e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/post-timeline/public/js/smooth-scroll.js?ver=2.1.7 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Fri, 13 Nov 2020 16:08:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5555
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/post-timeline/public/js/slick.js?ver=2.1.7
159.8.122.140200 OK 15 kB URL HTTP/2 o-sge.com/wp-content/plugins/post-timeline/public/js/slick.js?ver=2.1.7
IP 159.8.122.140:0
File type ASCII text, with CRLF line terminators
Hash bda74a21522490be4cc514275fc62fd3
b02c13099ead026543c0db8a2190b6f8b7c6c244
fb21e99d78b2f70938cfed83329593a92c3dcf5fa6e96a90f1b2b80bc217b88b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/post-timeline/public/js/slick.js?ver=2.1.7 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Fri, 13 Nov 2020 16:08:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14665
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/post-timeline/public/js/post-timeline.js?ver=2.1.7
159.8.122.140200 OK 5.5 kB URL HTTP/2 o-sge.com/wp-content/plugins/post-timeline/public/js/post-timeline.js?ver=2.1.7
IP 159.8.122.140:0
File type ASCII text, with CRLF line terminators
Hash 830783add147962ae1ff956857f4c2c0
071e05efc9b4ea46171639617f8f495e8c9d3da2
1591b15da2adf7bec6167fbd885ffbe1f03bc2154843f4c130188c46e42160b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/post-timeline/public/js/post-timeline.js?ver=2.1.7 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Fri, 13 Nov 2020 16:08:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5490
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/contact-form-7/modules/recaptcha/script.js?ver=5.3
159.8.122.140200 OK 387 B URL HTTP/2 o-sge.com/wp-content/plugins/contact-form-7/modules/recaptcha/script.js?ver=5.3
IP 159.8.122.140:0
Hash d1f58b12af3778198f92c1e024e91f42
557f6f22d67cd19a7c4d6a7f3578fb1b6ac843cb
0ff87f364583a995098d7494e31dfc499b133c82a380802025169a11f8458437
GET /wp-content/plugins/contact-form-7/modules/recaptcha/script.js?ver=5.3 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Thu, 12 Nov 2020 08:38:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 387
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
159.8.122.140200 OK 6.8 kB URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 159.8.122.140:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
159.8.122.140200 OK 1.0 kB URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (3224)
Hash 8e5968255afb7b8150cfa6580a07f9fa
17d3ef1fc3886a503f677a777da4d69d3a081c13
d87df7901b51c7aa9309e2b0b87400f14a3bd0c4239386541cbacfe7d8157319
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1001
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
159.8.122.140200 OK 3.8 kB URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (11760)
Hash 3a8c0c6bf695efea9e3acfaff14c3ca5
38e58a427812d0655192a36bf644d51853febe8b
fe50234a7e2fa53617f7379107d8e4f2baba0a98fc8a20e001fc5b2766292743
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3760
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
159.8.122.140200 OK 2.6 kB URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (8632)
Hash 8238287357a4279c2ae038a097965ad3
3a677770d91002d75e397397671b82332724af10
b5c3686973bb5e86e3328dc87298dee495dd6908355ac1d6e7fee730c364e92e
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2646
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/js/plugins.js?ver=21.8.5.2
159.8.122.140200 OK 54 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/js/plugins.js?ver=21.8.5.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (32019)
Hash 82e200ce05d309339c454a8a9e52a037
df1457dd58735e1fcfaf4d7e42e3a6d0eab2235c
e4f8e1fb0552dd1015454606ee18a8d2dc298d2dee88f967e797c748b2cee144
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/plugins.js?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 54537
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/js/menu.js?ver=21.8.5.2
159.8.122.140200 OK 749 B URL HTTP/2 o-sge.com/wp-content/themes/betheme/js/menu.js?ver=21.8.5.2
IP 159.8.122.140:0
Hash 33c0b2d1963bf8d1aec85903f55372f2
1f8307e852a47838a785abdcde3dc260de017f1a
38df4b408528e6f2fe8651d3d3e06dd7fb197c650d1a9b67b40c61f968473c58
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/menu.js?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 749
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.8.5.2
159.8.122.140200 OK 546 B URL HTTP/2 o-sge.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.8.5.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (1723)
Hash 5b48708a52aa5ca52a57c2755b819dcf
193dbf26ea2832e79e02ba6510918b3ec73dd1a5
a8254794f2913c7b479260a23be7ff56f2b9fc9889bbf8c4a9d286e9cf111055
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 546
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.8.5.2
159.8.122.140200 OK 12 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.8.5.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (634)
Hash 9858dcd043a45dad216838c1cf23b5e4
ae36a19b4486e49bfdb6040a74d0a011b903e957
72b30a44944b5cd515871fe7c4422446e178d7cb347d4d899788871ed90a368e
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12379
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.8.5.2
159.8.122.140200 OK 1.4 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.8.5.2
IP 159.8.122.140:0
Hash 1856a0bdb6cce169fae6c4a00ef8b1c5
ee70452647e3ce7d3304b12eef800070f205779c
b7dd674dce9580e08b193135a9d7c451641b537d6361583a46f768150fe07a84
GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1397
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/js/scripts.js?ver=21.8.5.2
159.8.122.140200 OK 14 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/js/scripts.js?ver=21.8.5.2
IP 159.8.122.140:0
Hash 03619ba6f57b5485084c6639a42e0a7a
46f81737046d1a3a43a5bbb8e84dae66f7b2865e
26785b8d966336f0d1f98f7366e3ab9c8ee05736b8777c9e5eb3c441eacfcae7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/scripts.js?ver=21.8.5.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14116
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
159.8.122.140200 OK 4.6 kB URL HTTP/2 o-sge.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 159.8.122.140:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.2
159.8.122.140200 OK 510 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (819)
Hash 2b00eed53464c458684c78a0ec775d82
adf65fc9baac7e47145e856e966dd43b32e223e9
68a26e84a592affb8ed43622c42d519fed242175f31596a52f0b2c1077c6df1b
GET /wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 510
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.13.2
159.8.122.140200 OK 341 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (442)
Hash 60d261cfa5ac90da64921aa0bf652080
012912cfdc6448e8ea77713b76fcbaceed121b73
55d71422f5dbac12af9e29e11840caf84facaa1978ade7b96aaae726e439f8be
GET /wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 341
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.13.2
159.8.122.140200 OK 373 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (484)
Hash 5d61548d2f30dee9dce5db2998e949ab
49b2f90dc37a276affc9f7c238d7f42cc7f425b6
9991ca13784de68bd337e2e6f140aafce4e3f6895486f9198a17f663eac7331c
GET /wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 373
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.13.2
159.8.122.140200 OK 887 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (2290)
Hash adea47d592a22b05a7ae0f82d7c6ccf7
9d1276500c8ab811bad6d4bfb9b5d5d64f952640
909a2c99c1bf86783694608a01a5b0eff3d58099e179e84d96a3a68b87348c30
GET /wp-includes/js/jquery/ui/effect-size.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 887
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.2
159.8.122.140200 OK 369 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (521)
Hash 1cf9cb71dc7fb82ee305a7d63afb1f78
9f3605d9c4303cc27b6bbbd15abf39cd7f55f0e6
f3dbe7ee24363f7f3469053566ecd640420107a471de365b0559ea2aedacd5b8
GET /wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 369
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.2
159.8.122.140200 OK 433 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (644)
Hash 8cea198a013688b9ba96c31efa9a908c
77cb96df3468d1cc29a286fde26a76d80c1323d0
fd986ff5f970b6d55b76d3c51d5635609346efe640ebeb2158ffffd867b9c94b
GET /wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 433
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.2
159.8.122.140200 OK 486 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.2
IP 159.8.122.140:0
File type ASCII text, with very long lines (715)
Hash b57719c99ff35fa94992a22c023246e8
9fa7b179568cbf908b982cc952ff08e6b476b0bc
48afe608df9ac0ca3d6f27200f3462bafcb4356690d518e5252df2a6f93100cb
GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 486
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/rich-event-timeline/Scripts/Rich-Web-Timeline-Scripts.js?ver=6.1.1
159.8.122.140200 OK 0 B URL HTTP/2 o-sge.com/wp-content/plugins/rich-event-timeline/Scripts/Rich-Web-Timeline-Scripts.js?ver=6.1.1
IP 159.8.122.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/rich-event-timeline/Scripts/Rich-Web-Timeline-Scripts.js?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Tue, 17 Nov 2020 08:02:46 GMT
accept-ranges: bytes
content-length: 0
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/testimonial-rotator/js/jquery.cycletwo.js?ver=6.1.1
159.8.122.140200 OK 10 kB URL HTTP/2 o-sge.com/wp-content/plugins/testimonial-rotator/js/jquery.cycletwo.js?ver=6.1.1
IP 159.8.122.140:0
File type ASCII text, with CRLF line terminators
Hash 8e482c8a21ba6fc1bb06f043ed8a1451
0a18c9c8f88ae1d949215759abbafc00c2d38212
600bea461cba82dfab89d6c86de6bce06381927eb62d4ba621f2c7501b1a5cfe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/testimonial-rotator/js/jquery.cycletwo.js?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 14 Dec 2020 16:36:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10277
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/testimonial-rotator/js/jquery.cycletwo.addons.js?ver=6.1.1
159.8.122.140200 OK 2.9 kB URL HTTP/2 o-sge.com/wp-content/plugins/testimonial-rotator/js/jquery.cycletwo.addons.js?ver=6.1.1
IP 159.8.122.140:0
File type ASCII text, with very long lines (4213)
Hash d57159ebb2bd2709459abe616237b522
3236d434e36245820ad9226afb63c035eeb34a00
80378d9ad17a4e30736dddc61a564c3a1fdbb4be9fa25b58cef6731f56452c65
GET /wp-content/plugins/testimonial-rotator/js/jquery.cycletwo.addons.js?ver=6.1.1 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 14 Dec 2020 16:36:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2880
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3
159.8.122.140200 OK 3.7 kB URL HTTP/2 o-sge.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3
IP 159.8.122.140:0
Hash d195c191fe9bd887d9c0731b49295cc0
e3b86a888cacde393fc60365850cb4668f3e2ab2
1b91f8ebf36b0e4196a89c6560bb1e45ed6826232fe463e84c67b2502006443c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Thu, 12 Nov 2020 08:38:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3700
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/gs-testimonial/gst-files/assets/js/jquery.cycle2.min.js?ver=1.8.12
159.8.122.140200 OK 6.9 kB URL HTTP/2 o-sge.com/wp-content/plugins/gs-testimonial/gst-files/assets/js/jquery.cycle2.min.js?ver=1.8.12
IP 159.8.122.140:0
File type ASCII text, with very long lines (10280), with CRLF, CR line terminators
Hash 152170e8e209b9b044a4b23e382b3633
69e93b1637b3a9df83195d831043b9d58b386971
2d07ce6dfe9472d230a3651fa1d0bdee16dcef7b1e3f07440d01d4fd8df528f4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gs-testimonial/gst-files/assets/js/jquery.cycle2.min.js?ver=1.8.12 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 14 Dec 2020 16:03:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6877
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/gs-testimonial/gst-files/assets/js/jquery.cycle2.carousel.js?ver=1.8.12
159.8.122.140200 OK 2.6 kB URL HTTP/2 o-sge.com/wp-content/plugins/gs-testimonial/gst-files/assets/js/jquery.cycle2.carousel.js?ver=1.8.12
IP 159.8.122.140:0
File type ASCII text, with CRLF line terminators
Hash 62efd797b2f2ece7dfdc4bdd2fefbe0a
cc92906e32a0a2cf378e77b7eb95d052a864172e
643ca98514fa0621104e5c7d2fd8064f574bd094fdc32c1fe2ac1acbfad38d80
GET /wp-content/plugins/gs-testimonial/gst-files/assets/js/jquery.cycle2.carousel.js?ver=1.8.12 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 14 Dec 2020 16:03:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2556
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/post-timeline/public/js/mp.mansory.js?ver=2.1.7
159.8.122.140200 OK 1.6 kB URL HTTP/2 o-sge.com/wp-content/plugins/post-timeline/public/js/mp.mansory.js?ver=2.1.7
IP 159.8.122.140:0
File type ASCII text, with CRLF line terminators
Hash a8122aabb42653513a21c10696dbb2ad
d2b0c29d192769108934b3287639d4c30878f7bf
2c77f8d511d0b78079d6f49466500fea9a8e00074fc5b3be218b05c50ec44b48
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/post-timeline/public/js/mp.mansory.js?ver=2.1.7 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Fri, 13 Nov 2020 16:08:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1598
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/themes/betheme/fonts/mfn-icons.woff?31690507
159.8.122.140200 OK 81 kB URL HTTP/2 o-sge.com/wp-content/themes/betheme/fonts/mfn-icons.woff?31690507
IP 159.8.122.140:0
File type Web Open Font Format, TrueType, length 81448, version 1.0\012- data
Hash 743706216bfe3fc0728d0bd15313ac92
d923ae95df3ea7676e8dc34f4de04abf2eefaaab
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677
GET /wp-content/themes/betheme/fonts/mfn-icons.woff?31690507 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://o-sge.com/wp-content/themes/betheme/css/base.css?ver=21.8.5.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: font/woff
last-modified: Tue, 15 Sep 2020 11:13:44 GMT
accept-ranges: bytes
content-length: 81448
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.2
159.8.122.140200 OK 119 B URL HTTP/2 o-sge.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.2
IP 159.8.122.140:0
Hash 96612d2b1b529ecfcf09798c3eb100bf
4f32d5d3ccf4d44ae71309dfa8d6f9d396614a27
7c58bfa17d0c600b7455e6bfb3d8371fbf93da20a7a53ed1efad37d692f1cba0
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.2 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6328
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 21:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Titillium+Web%3A1%2C300%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800&font-display=swap&ver=6.1.1
142.250.74.106200 OK 954 B URL HTTP/2 fonts.googleapis.com/css?family=Titillium+Web%3A1%2C300%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800&font-display=swap&ver=6.1.1
IP 142.250.74.106:0
Hash 23e480d6d3034afcdcdee6bd65a5c43a
25a4152eb1a811fe29405d725c353510c17ed021
c6a401024cdf8a833c2e088f673497d8b980dda33f8e5e5b03c2a8fb43d2b1c4
GET /css?family=Titillium+Web%3A1%2C300%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800&font-display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Dec 2022 21:33:28 GMT
date: Sat, 17 Dec 2022 21:33:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
142.250.74.35200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12372, version 1.0\012- data
Hash 0ef99cf07a2a261ab43d5dc1937ffb27
bd39f9cd13ef2a6f912dcba8fa916fc67b4a19d9
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
GET /s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://o-sge.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 08:32:59 GMT
expires: Fri, 15 Dec 2023 08:32:59 GMT
cache-control: public, max-age=31536000
age: 219630
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
142.250.74.35200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11796, version 1.0\012- data
Hash 8d4079c3aa4f01e6d9bbd4f1bbcdf114
52ab47c062d0bfdbd34dbd31784008bd0e4c4227
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://o-sge.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 07:09:17 GMT
expires: Sat, 16 Dec 2023 07:09:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:47:01 GMT
content-type: font/woff2
age: 138252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 21:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/titilliumweb/v15/NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xW.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xW.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13792, version 1.0\012- data
Hash b4e3f31e50637009b7720956200ba5c4
b7b55887ca000cd5efeee3946a7a8a3771246810
51c77586201df2f52721fa5ded6b091f201aa2227b663903c2a3522d90dd8476
GET /s/titilliumweb/v15/NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://o-sge.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13792
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:27 GMT
expires: Sat, 16 Dec 2023 13:33:27 GMT
cache-control: public, max-age=31536000
age: 115202
last-modified: Wed, 27 Apr 2022 15:40:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 21:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
o-sge.com/wp-content/uploads/2020/11/cropped-osge_logo_epure_s-192x192.png
159.8.122.140200 OK 25 kB URL HTTP/2 o-sge.com/wp-content/uploads/2020/11/cropped-osge_logo_epure_s-192x192.png
IP 159.8.122.140:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 9344ea96f7ce939fbb51d58f69008e28
5a938b156c33737babd66d899dc2d38d8ab5ef16
d92dacc95f69752a4048d380b0d7b52639fbc084d2c155f381633b8e7e5d93e5
GET /wp-content/uploads/2020/11/cropped-osge_logo_epure_s-192x192.png HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: image/png
last-modified: Fri, 11 Dec 2020 17:13:20 GMT
accept-ranges: bytes
content-length: 25414
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/uploads/2020/11/cropped-osge_logo_epure_s-32x32.png
159.8.122.140200 OK 2.2 kB URL HTTP/2 o-sge.com/wp-content/uploads/2020/11/cropped-osge_logo_epure_s-32x32.png
IP 159.8.122.140:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b5b4f6c44c6dd9c1bdaa4a859e6e539
1634ae967042340f537794b5f1696adeddeaafdb
acc68878bc8edcaf56b262f9bfaebef3ad55002cfdc6a3dbacdcf2a1ff0838d1
GET /wp-content/uploads/2020/11/cropped-osge_logo_epure_s-32x32.png HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:29 GMT
content-type: image/png
last-modified: Fri, 11 Dec 2020 17:13:20 GMT
accept-ranges: bytes
content-length: 2181
date: Sat, 17 Dec 2022 21:33:29 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23
159.8.122.140200 OK 0 B URL HTTP/2 o-sge.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23
IP 159.8.122.140:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 21:33:28 GMT
content-type: application/javascript
last-modified: Thu, 12 Nov 2020 08:39:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 79911
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
159.8.122.140404 Not Found 0 B URL HTTP/2 o-sge.com/support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99
IP 159.8.122.140:0
GET /support/fre/chat/getstatus/(click)/internal/(position)/bottom_right/(ma)/br/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/7?r=&l=//www.marocainedesexperts.com/index.php?option=com_content&task=view&id=99 HTTP/1.1
Host: o-sge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.2.34
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://o-sge.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Dec 2022 21:33:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2