firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 23:06:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rmorL_wygrEE7XTpt6SOKrp3FFFBryCfQKaYZUquJQx39y-UuUvCwg==
Age: 3066
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13332
Expires: Sat, 10 Sep 2022 03:39:22 GMT
Date: Fri, 09 Sep 2022 23:57:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5xcTCcpRsncxFphaV27ZobpLl53y_i9uIvrj-EdXybOVVI-sLGKXZA==
age: 72636
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:57:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 23:56:07 GMT
Expires: Sat, 10 Sep 2022 00:54:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4WdjGJRyUkv7e_w7TFdpHQOSNmKrkPGYAUzVR7Ci2d_c9rtGqFJqKg==
Age: 63
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1657
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:57:11 GMT
Last-Modified: Fri, 09 Sep 2022 23:29:34 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.136.7101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.136.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OXFTZF9+nPTT0GZjbChNWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Am4GQeVww+8XJAK8JjMW7+mFm7E=
fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C700&ver=5.8.5
142.250.74.10200 OK 469 B URL HTTP/1.1 fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C700&ver=5.8.5
IP 142.250.74.10:0
Hash 39409d1f330da28afc0d9720a95d9581
fbcf32fc2d27c78f96d36474462c41b76aaa2051
a88ce51c89ff1bf64fd085d078c8378bda2727c6ad13b2df0cb29658f0d8fd7b
GET /css?family=Poppins%3A300%2C400%2C700&ver=5.8.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 09 Sep 2022 23:57:12 GMT
Date: Fri, 09 Sep 2022 23:57:12 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9910
Expires: Sat, 10 Sep 2022 02:42:22 GMT
Date: Fri, 09 Sep 2022 23:57:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9910
Expires: Sat, 10 Sep 2022 02:42:22 GMT
Date: Fri, 09 Sep 2022 23:57:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412441a2a064555c5d7f1400c2741360
7532d9543b93248891324e07e8edff10a36d174d
421b3e9db572f1077abd4ef2748696b38a4117e33db6ae0b5fa46841afa2693f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14312
x-amzn-requestid: 4d301754-9ed3-401f-9ad5-1862533d7559
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj5wGowIAMF4WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb371-7729383d0bc0f729231ad5b8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:43:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QWNGLaXe2lZ7niw6TU6KUOuMnWi-Ml3hkw6WLB8vD_jWsg5YMuFWbw==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:54:57 GMT
age: 7335
etag: "7532d9543b93248891324e07e8edff10a36d174d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15249f3dafdd1690bc87ebb4fa6d518d
f930fcb22325e28592bc39b0b1974f5197c19afd
a0b9e88c78e85a037363e0b0e4e03478718f8715fe69e72bfd159922eca28301
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 435fc2f4-fbcb-4eec-81d8-a23154dcec61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFUwZEfvIAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63186802-2348a4000430702d4e9ea132;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 09:44:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORlM8dFTc_iThvJghFakY86D3ToJ5TCmP8Ip2PcvXCCkSKKHpWQ0Zw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:12:29 GMT
age: 6283
etag: "f930fcb22325e28592bc39b0b1974f5197c19afd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250c93aa-253b-4354-9955-25ab2a663bc0.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250c93aa-253b-4354-9955-25ab2a663bc0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e23b206e95320e5f944478f1c873d4c
d2bde7891908b44713e8ac81d39d2bfa27abf108
fa1fdad0bc869977cccef69be469e4c6e7ad018c5424480d9ec3f2bd2a7c22fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250c93aa-253b-4354-9955-25ab2a663bc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8220
x-amzn-requestid: 163470c8-ddaf-447c-994d-36d058fc5d82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkDJFMSIAMF1XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb3ad-157b820053ff36286de2b6a2;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:44:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _6Njy49_HmnGfo_gczCXLsMseZKkCwRgIN2iOBO6dx6SXUvxsAn5oA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:01:26 GMT
etag: "d2bde7891908b44713e8ac81d39d2bfa27abf108"
content-type: image/jpeg
age: 6946
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9910
Expires: Sat, 10 Sep 2022 02:42:22 GMT
Date: Fri, 09 Sep 2022 23:57:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650e3430-718e-4b70-a2f5-c4bec923098f.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650e3430-718e-4b70-a2f5-c4bec923098f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b9bf10913988c3d8098baae8eb29f937
9b1ec76924c5e221cea1930bdd5b4a83b5247485
9119956d8afb52924448c5a9e39d5708c365ae771eb9cae9865dd332e2151a28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650e3430-718e-4b70-a2f5-c4bec923098f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7948
x-amzn-requestid: 2cd47c00-69f6-4ead-ba92-3fe84fae8483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkOLFVbIAMFxMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb3f4-5b0150e42047a034114c0b2f;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:45:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 2oqlYjwZJq_MHdp4ChE70SCSAYE4D6IvF09_KU88cM_3Los_4-vT6Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:39 GMT
etag: "9b1ec76924c5e221cea1930bdd5b4a83b5247485"
content-type: image/jpeg
age: 6213
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9910
Expires: Sat, 10 Sep 2022 02:42:22 GMT
Date: Fri, 09 Sep 2022 23:57:12 GMT
Connection: keep-alive
www.costavoyages.ma/destinations/turkey/
162.241.158.186200 OK 96 kB URL HTTP/1.1 www.costavoyages.ma/destinations/turkey/
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1820), with CRLF, LF line terminators
Hash 62afcb6f10bf07dd4fe01f786b965728
e79dd03667d8806f63ed73a1c76fd72f2803169f
f373e81ae24271e048cb332a05d1fce7ef15f3c86a29e65e48cc943a4e52d7f1
Analyzer Verdict Alert fortinet Phishing
GET /destinations/turkey/ HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:10 GMT
Server: Apache
Link: <http://www.costavoyages.ma/wp-json/>; rel="https://api.w.org/", <http://www.costavoyages.ma/?p=21>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36959cfa-cb15-4529-b6bc-286a72766d06.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36959cfa-cb15-4529-b6bc-286a72766d06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7781b358945b9d3c27eb2fb4bb828ae6
88ce2a7b680aa35b5192e9d6b87f21e532576ad8
928826d3926f1e8b8283ca4b4c6efa82ce893d1feda9a2fcc33e35ab1f6dc817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36959cfa-cb15-4529-b6bc-286a72766d06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6806
x-amzn-requestid: bd1f299c-2a92-4637-9a5a-95fe969ec3e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuuHD0oAMFUWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb191-3dc0545917116f6d3fab4157;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: XkEftKRNEQPh-TWCtZEmLPyQj_oRS8vKX_XeBVrmOVqAZpl6UAIGvg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:10:54 GMT
age: 6378
etag: "88ce2a7b680aa35b5192e9d6b87f21e532576ad8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9910
Expires: Sat, 10 Sep 2022 02:42:22 GMT
Date: Fri, 09 Sep 2022 23:57:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ade70e6dbcfb3ca1765f95112671e69
3768753be084c0e0fc268be5b192d02d769114b6
9670a3bf2476ba193cfeb3153c1254bdcfc980a28503dda0d9b398a3a59f53f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: 720a4111-91de-4672-88c8-f40db517c07d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHsjRE13oAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63195ae1-288f1f5456bf4d146dcf774c;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 03:00:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HwwG0Hjf8uZn1AtbLU_wKs3w9lict3tRP31XQY6tIxDz9KDNaBMAqw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:00:01 GMT
age: 71831
etag: "3768753be084c0e0fc268be5b192d02d769114b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.costavoyages.ma/wp-content/plugins/nd-travel/assets/css/style.css?ver=5.8.5
162.241.158.186200 OK 31 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/nd-travel/assets/css/style.css?ver=5.8.5
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a331e7389c560fa9234bf8b5f3f55bdd
5a9393b864694e8d87e66505ea7652b3d2e27b6a
86aabf823997e86133ca2945d403979ff972cd3d2d3e7286c66debb7042e61b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nd-travel/assets/css/style.css?ver=5.8.5 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:12 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:57 GMT
Accept-Ranges: bytes
Content-Length: 30735
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.2
162.241.158.186200 OK 40 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.2
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 55d01c7aec2a7f9de8a89f9e680a8236
ea0509fb10624d578bb7e3464f4cde321aee5099
7668ad2d758ed874c4111801a36f17f643cbbf8f65e238656e629a177daea5d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.2 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:12 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 14:52:30 GMT
Accept-Ranges: bytes
Content-Length: 39820
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.9.1
162.241.158.186200 OK 18 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.9.1
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17923), with no line terminators
Hash 1cbcc9e85ba99c007f519bf1a67feb58
82d238c9b2a1797c0ad785c01309c49dc1f302af
48052f6267b2e21fb086ad26457c715b3b8b5e8c6fcbcdea42589da06b05e9be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.9.1 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:37:14 GMT
Accept-Ranges: bytes
Content-Length: 17925
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-content/plugins/nd-shortcodes/css/style.css?ver=5.8.5
162.241.158.186200 OK 54 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/nd-shortcodes/css/style.css?ver=5.8.5
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (309)
Hash c381952712cbc50ffff99e92760d3b3b
49f3dab2c566d889d6ab09f15c8eabf42f2b1c1a
15a901c23d311c9b16788f414532624f1285cf6c23a2cefc4eb81a303e2b6cab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nd-shortcodes/css/style.css?ver=5.8.5 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:12 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:55 GMT
Accept-Ranges: bytes
Content-Length: 54114
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.9.1
162.241.158.186200 OK 63 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.9.1
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (62789), with no line terminators
Hash 7892d7349e74e7dd7fae386eda2dded7
bd31f749a68bfffc0ba299d94b5de5d3803d9b9b
37811d4d55ec74751bcaa643b3a9798f1d577ac2910b63c6ca202c2e36544e05
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.9.1 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:37:14 GMT
Accept-Ranges: bytes
Content-Length: 62803
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
162.241.158.186200 OK 90 kB URL HTTP/1.1 www.costavoyages.ma/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:29 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0
162.241.158.186200 OK 5.3 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5305), with no line terminators
Hash ee78f26525b08d4e372b92a1a3ed1d26
b4dbb4706c8a479b3891cbeddf19e162e36bd61a
7fcaa4d432eb8627f0ab7efdc3ce11a4e593f29443fc6bb1888f4955c55f868b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:12 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:37:13 GMT
Accept-Ranges: bytes
Content-Length: 5305
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.241.158.186200 OK 11 kB URL HTTP/1.1 www.costavoyages.ma/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:29 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7
162.241.158.186200 OK 485 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Size 485 kB (484758 bytes)
Hash 1d631ff6e5e0c48d06c17e294924c762
94d01897df7c13fd9d5eef562dca4873488cc9d4
18fd322583b992be8df5cc0713fee5fc2ec1f43004f1d838cfe1a76d49cb8f4a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 14:52:31 GMT
Accept-Ranges: bytes
Content-Length: 484758
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.2
162.241.158.186200 OK 65 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.2
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (64614), with CRLF line terminators
Hash e1223af8dbcd0552f6f6dc540431451e
c01d6134f72ae04cb327a86918f3e88a63684e90
27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.2 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 14:52:30 GMT
Accept-Ranges: bytes
Content-Length: 64949
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1
162.241.158.186200 OK 9.5 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9151)
Hash 2e96f622673104a3fb67ab56f849c073
f4c17ae4709cad9bc997357581f4e30fc4bbee2c
b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:37:14 GMT
Accept-Ranges: bytes
Content-Length: 9545
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1
162.241.158.186200 OK 3.0 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:37:14 GMT
Accept-Ranges: bytes
Content-Length: 3037
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
162.241.158.186200 OK 2.7 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:12 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:56 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
162.241.158.186200 OK 81 kB URL HTTP/1.1 www.costavoyages.ma/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 43c4bc05b5e3b0a6684a7c3a52e63590
ed6d95d525a710a82e8b8583e9ba7bce3b2a4722
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.5 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:12 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:29 GMT
Accept-Ranges: bytes
Content-Length: 80574
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.7
162.241.158.186200 OK 895 B URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.7
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 902b7ca09549975e55e136fb0026df9a
ae9b808c87bbbf57b9f3132c41effaaa12af03ff
2685c1caf9a3e6616da70c63212ff6d6a6747e4929edf55832ebd18ef7a43ccf
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.7 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 14:52:31 GMT
Accept-Ranges: bytes
Content-Length: 895
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0
162.241.158.186200 OK 192 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 192 kB (192102 bytes)
Hash 07cbe55d3b4a9fb7f079a6b3411159ea
86fbea1de32414a6a87f70ef7fedbbfa754dae25
b63468a1ed4bc776b1f43f4e7afea63235656b39065695e3ece1a9db2271c403
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:12 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:37:13 GMT
Accept-Ranges: bytes
Content-Length: 192102
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.2
162.241.158.186200 OK 111 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.2
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (27287), with CRLF line terminators
Size 111 kB (110564 bytes)
Hash 67a9644e880e7a471d49c73bb7621932
2ac89b145da02402ce1877c580850e08076c5109
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.2 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 14:52:30 GMT
Accept-Ranges: bytes
Content-Length: 110564
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5
162.241.158.186200 OK 18 kB URL HTTP/1.1 www.costavoyages.ma/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15224)
Hash 116c86c56f8db0bb63f15ceda50fdc98
75e308982ecf7cd43644b8b426e6aa1a0b0fbe26
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.5 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:13 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:29 GMT
Accept-Ranges: bytes
Content-Length: 18181
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/332.app.js?ver=3.7
162.241.158.186200 OK 5.4 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/332.app.js?ver=3.7
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5441), with no line terminators
Hash ac64b0e9e79af0a73092c59ce90e22c1
bdf5ccfcb4bd8b244e0dd1843eafebb44ef81ebe
0f3302e45439ab4ee06481fbe79cec9826124252ca12d76ac358aa0c5b0c94e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/332.app.js?ver=3.7 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Fri, 31 Dec 2021 13:58:43 GMT
Accept-Ranges: bytes
Content-Length: 5441
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.nicdarkthemes.com/themes/travel/wp/demo/city-tours/wp-content/uploads/sites/5/2018/11/right-arrow.png
162.253.32.37200 OK 1.1 kB URL HTTP/1.1 www.nicdarkthemes.com/themes/travel/wp/demo/city-tours/wp-content/uploads/sites/5/2018/11/right-arrow.png
IP 162.253.32.37:0
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash e1fc01da0a88d7b53c2cf3cd00e96a6b
3f7a3a6a23593a4a8ce89489bf6f893d23b92669
774267251102045e0ab3f8dc9c8d94f3ea1d3e81f880cf6b0dbe3b0c4c779e6e
GET /themes/travel/wp/demo/city-tours/wp-content/uploads/sites/5/2018/11/right-arrow.png HTTP/1.1
Host: www.nicdarkthemes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Thu, 22 Nov 2018 16:06:16 GMT
Accept-Ranges: bytes
Content-Length: 1065
Cache-Control: max-age=31536000
Expires: Sat, 09 Sep 2023 23:57:14 GMT
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/png
www.costavoyages.ma/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
162.241.158.186200 OK 6.4 kB URL HTTP/1.1 www.costavoyages.ma/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6406), with no line terminators
Hash 8fe2803a01c9fa77cb1a2618c3552dce
2230dd8f0604e4328e7c2a3f9437a6bf2986f592
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:29 GMT
Accept-Ranges: bytes
Content-Length: 6406
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.241.158.186200 OK 16 kB URL HTTP/1.1 www.costavoyages.ma/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash 38400d9c6ba7d41239fccfaa9f523558
fe9a1548961441ce82e5399444f2be5408d2644c
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:29 GMT
Accept-Ranges: bytes
Content-Length: 16470
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
162.241.158.186200 OK 12 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (11862), with no line terminators
Hash 862c82d8373e4d69aa5af6c994389bda
042bb60eee9e7dbffcbd43d529517e562f97f455
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:56 GMT
Accept-Ranges: bytes
Content-Length: 11862
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/1.1 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.costavoyages.ma
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7884
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Sep 2022 00:26:16 GMT
Expires: Fri, 08 Sep 2023 00:26:16 GMT
Cache-Control: public, max-age=31536000
Age: 171058
Last-Modified: Wed, 27 Apr 2022 17:03:52 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/1.1 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.costavoyages.ma
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7816
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 23:15:01 GMT
Expires: Thu, 07 Sep 2023 23:15:01 GMT
Cache-Control: public, max-age=31536000
Age: 175333
Last-Modified: Wed, 27 Apr 2022 16:11:40 GMT
Content-Type: font/woff2
www.costavoyages.ma/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.9.1
162.241.158.186200 OK 2.1 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.9.1
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.9.1 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:37:14 GMT
Accept-Ranges: bytes
Content-Length: 2139
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.9.1
162.241.158.186200 OK 1.8 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.9.1
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.9.1 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:37:14 GMT
Accept-Ranges: bytes
Content-Length: 1834
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.9.1
162.241.158.186200 OK 2.9 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.9.1
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 51af5d767f0300f23ecec6298b707395
5eb2d3d937fe0392a974937125d0420666b9396c
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.9.1 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:37:14 GMT
Accept-Ranges: bytes
Content-Length: 2938
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-includes/js/wp-embed.min.js?ver=5.8.5
162.241.158.186200 OK 1.4 kB URL HTTP/1.1 www.costavoyages.ma/wp-includes/js/wp-embed.min.js?ver=5.8.5
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391)
Hash 905225d5711b559d3092387d5ffbedbd
6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
GET /wp-includes/js/wp-embed.min.js?ver=5.8.5 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:29 GMT
Accept-Ranges: bytes
Content-Length: 1426
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7
162.241.158.186200 OK 20 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19706), with no line terminators
Hash 9d22f9409c43e4abec30c88531a5c5df
277c5fa5e6412254b72c12d4cdbc8a8063c2f854
2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 14:52:31 GMT
Accept-Ranges: bytes
Content-Length: 19706
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-includes/js/imagesloaded.min.js?ver=4.1.4
162.241.158.186200 OK 5.6 kB URL HTTP/1.1 www.costavoyages.ma/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:29 GMT
Accept-Ranges: bytes
Content-Length: 5629
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-includes/js/masonry.min.js?ver=4.2.2
162.241.158.186200 OK 24 kB URL HTTP/1.1 www.costavoyages.ma/wp-includes/js/masonry.min.js?ver=4.2.2
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23966)
Hash 3b3fc826e58fc554108e4a651c9c7848
76778fd446e2ff2377588a7b4ac4d79f258427c9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:29 GMT
Accept-Ranges: bytes
Content-Length: 24138
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.costavoyages.ma/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.9.1
162.241.158.186200 OK 7.0 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.9.1
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.9.1 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:37:14 GMT
Accept-Ranges: bytes
Content-Length: 7043
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.costavoyages.ma/wp-content/plugins/nd-shortcodes/addons/customizer/header/header-2/img/icon-close-white.svg
162.241.158.186200 OK 1.3 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/nd-shortcodes/addons/customizer/header/header-2/img/icon-close-white.svg
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (406)
Hash ead518e9aea11525aeafd91c71cb909f
414eaa7e0beec25ae3719a5b4ee17f266dabad5e
791ad507c4e8155b7f226e00444be1dddb2de7829a16130b3542b99dd252539d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nd-shortcodes/addons/customizer/header/header-2/img/icon-close-white.svg HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:55 GMT
Accept-Ranges: bytes
Content-Length: 1325
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/svg+xml
www.costavoyages.ma/wp-content/uploads/2019/10/logo-costa-voyages.png
162.241.158.186200 OK 54 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/uploads/2019/10/logo-costa-voyages.png
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 349 x 162, 8-bit/color RGBA, interlaced\012- data
Hash 68faddc380991829ec6d15a56dc24cb2
19bda2e27341702b9eab17f1cb3d0a11d0616b96
593fd95f906f7086cfe52d961995b1aa654ed39b774caa0a88e8decf41ad9c86
GET /wp-content/uploads/2019/10/logo-costa-voyages.png HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 15:33:52 GMT
Accept-Ranges: bytes
Content-Length: 54478
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.costavoyages.ma/wp-content/plugins/nd-travel/templates/cpt-3-layouts/icon-planet-earth-white.png
162.241.158.186200 OK 2.6 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/nd-travel/templates/cpt-3-layouts/icon-planet-earth-white.png
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced\012- data
Hash 4323230d5900dd52880ae2ced3e9dffa
a52548f6d71d6639425cf129cda8e1f1353d3758
35c37ac9631cc5c7ce099b1801717356693bd7b0ad39f4279f79e265bce73169
GET /wp-content/plugins/nd-travel/templates/cpt-3-layouts/icon-planet-earth-white.png HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:57 GMT
Accept-Ranges: bytes
Content-Length: 2607
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
www.costavoyages.ma/wp-content/plugins/nd-travel/templates/cpt-3-layouts/icon-map-location-white.svg
162.241.158.186200 OK 5.2 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/nd-travel/templates/cpt-3-layouts/icon-map-location-white.svg
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (845)
Hash c0d6f745752b7a5ab337d373869b2223
2e9ff7e3e5e5b14057880559b3b9fc0f35e42e98
6ca126602b9b461928d69a7a9de18b983155cc59911d32431bca253f09ba48ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nd-travel/templates/cpt-3-layouts/icon-map-location-white.svg HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:57 GMT
Accept-Ranges: bytes
Content-Length: 5227
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
www.costavoyages.ma/wp-content/plugins/nd-travel/templates/cpt-3-layouts/icon-message-white.svg
162.241.158.186200 OK 2.6 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/nd-travel/templates/cpt-3-layouts/icon-message-white.svg
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (2093)
Hash 9357cfb63973c9d11d15cb4c93985204
fc3385fff45f322a147fd061af55aa43fd392b61
c0d73c7710a03ce86a8a13613d2844ff21da0952472b20e3b485549be0f2eabf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nd-travel/templates/cpt-3-layouts/icon-message-white.svg HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:57 GMT
Accept-Ranges: bytes
Content-Length: 2628
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
www.costavoyages.ma/wp-content/uploads/2018/11/facebook.png
162.241.158.186200 OK 1.2 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/uploads/2018/11/facebook.png
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash e9d5026e0cbdf8244d306c6a28ec932e
e509e2e57ac186ca63b6454145b05e6c9deb1cad
96c7c4be1589d0d9ae360c7d9f6d7eea673ddf3f18d147bad96cf57ce003b9c7
GET /wp-content/uploads/2018/11/facebook.png HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 15:09:43 GMT
Accept-Ranges: bytes
Content-Length: 1205
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
www.costavoyages.ma/wp-content/uploads/2018/04/5d960008e7a1a.png
162.241.158.186200 OK 1.2 MB URL HTTP/1.1 www.costavoyages.ma/wp-content/uploads/2018/04/5d960008e7a1a.png
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1024 x 683, 8-bit/color RGB, non-interlaced\012- data
Size 1.2 MB (1154309 bytes)
Hash c2d2d918f5347239cb7e59bea57eebdd
c6a7c071371b50f63b2178c6eee200afa33b640b
cba2dedbf52d73886a20e5bfd2d1b34cef4bd976e4170edc580eda3fce996eb5
GET /wp-content/uploads/2018/04/5d960008e7a1a.png HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 14:44:30 GMT
Accept-Ranges: bytes
Content-Length: 1154309
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.costavoyages.ma/wp-content/uploads/2018/11/twitter.png
162.241.158.186200 OK 2.6 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/uploads/2018/11/twitter.png
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash de4a557d3535f72b9ef6e0459a4e55c8
0ce376530ecbeb45a053c3a2735a969bfcec46b0
b0c2be894ee59bc15ec1345634d7eb54e15797c4c40d20abc6aa7039b3c8c903
GET /wp-content/uploads/2018/11/twitter.png HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 15:09:43 GMT
Accept-Ranges: bytes
Content-Length: 2551
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.costavoyages.ma/wp-content/uploads/2018/11/youtube.png
162.241.158.186200 OK 1.5 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/uploads/2018/11/youtube.png
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash b447df75c3a603bbcca74440d8b20e85
b3e8aa8c7d84d274982550a218ee4ddf19a324f6
b5354fb1e707d2d307a6e5ad17d198c093e5a1ec5016320dab5ebda43aed9e13
GET /wp-content/uploads/2018/11/youtube.png HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 15:09:43 GMT
Accept-Ranges: bytes
Content-Length: 1476
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.costavoyages.ma/wp-content/plugins/nd-shortcodes/addons/customizer/header/header-2/img/icon-menu.svg
162.241.158.186200 OK 2.5 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/plugins/nd-shortcodes/addons/customizer/header/header-2/img/icon-menu.svg
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 1cb93f3a203b74cad5ee4e81c51dafd1
9601628c7e8bfd1a85c306a837fcf158e4079c8f
a96125847ebc1b0e686e133c1407f4779d91d751158c77f3854e7fa7ff8488f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nd-shortcodes/addons/customizer/header/header-2/img/icon-menu.svg HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 09:24:55 GMT
Accept-Ranges: bytes
Content-Length: 2499
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/svg+xml
www.costavoyages.ma/wp-content/uploads/2018/11/para-07.jpg?id=1845
162.241.158.186200 OK 150 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/uploads/2018/11/para-07.jpg?id=1845
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1280, components 3\012- data
Size 150 kB (149958 bytes)
Hash ede168a3ae7ed79e44a4e43f3c12a201
77dbc5283c18f4ebb4f2338573b1f5e817e01177
d4125e46285f9bf6fd5d1fda33fc70ee1c52be810e2674fd37e18946c81374df
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2018/11/para-07.jpg?id=1845 HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Wed, 02 Oct 2019 15:24:01 GMT
Accept-Ranges: bytes
Content-Length: 149958
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.costavoyages.ma/wp-content/uploads/2021/12/cropped-fav-192x192.png
162.241.158.186200 OK 13 kB URL HTTP/1.1 www.costavoyages.ma/wp-content/uploads/2021/12/cropped-fav-192x192.png
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e0466609cb53bf9f82fa94d97a2adeae
cba10abf5e203ba6a87b8a78afe6e3ec61021d71
b51a65713c48549494e060c1eb093ea80c8d502e04359ecd3bda25e2ba08658e
GET /wp-content/uploads/2021/12/cropped-fav-192x192.png HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Fri, 31 Dec 2021 14:08:02 GMT
Accept-Ranges: bytes
Content-Length: 13383
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.costavoyages.ma/wp-content/uploads/2021/12/cropped-fav-32x32.png
162.241.158.186200 OK 994 B URL HTTP/1.1 www.costavoyages.ma/wp-content/uploads/2021/12/cropped-fav-32x32.png
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash cc75512bcf0cf5924654f57cf6c7b414
4c2959968a2853ec4eaf4dfa82ec24412b4563fd
743097c8822bdbcaf14d5c73184e2e7354fe65c4522390c212133e50406840c1
GET /wp-content/uploads/2021/12/cropped-fav-32x32.png HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Last-Modified: Fri, 31 Dec 2021 14:08:02 GMT
Accept-Ranges: bytes
Content-Length: 994
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
www.costavoyages.ma/?wc-ajax=get_refreshed_fragments
162.241.158.186200 OK 208 B URL HTTP/1.1 www.costavoyages.ma/?wc-ajax=get_refreshed_fragments
IP 162.241.158.186:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with no line terminators
Hash 21f27aa533b58c6147246aecf34dc6ba
c6582367fb4708bc54095008c023bcd0cbf240bf
a8b04509d8b1a35314d19eae7475024cb56f6caeeb2edf0691e151b6e4106a8b
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.costavoyages.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://www.costavoyages.ma
Connection: keep-alive
Referer: http://www.costavoyages.ma/destinations/turkey/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:57:14 GMT
Server: Apache
Access-Control-Allow-Origin: http://www.costavoyages.ma
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8