Report - camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2

Report Overview

Submitted URL
camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2
IP
104.21.79.70
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-26 23:48:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.24.78.9
merendella.premium.secureholiday.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	4.5 kB	13.69.68.19
translate.googleapis.com	1005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	4.6 kB	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	6.5 kB	23.36.76.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	6.7 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	71 kB	34.120.237.76
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	77 kB	142.250.74.168
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	2.5 kB	142.250.74.10
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	35 kB	93.184.220.29
corse.v5.secureholiday.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	3.4 kB	40.118.96.231
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	703 B	543 B	216.239.32.36
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	432 B	393 B	104.16.57.101
www.camping-haute-corse.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	537 B	1.1 kB	172.67.169.54
camping-haute-corse.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	938 B	1.8 kB	104.21.79.70
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.23
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	34 kB	216.58.207.195
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	28 kB	142.250.74.46
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	6.0 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2	Malware
2022-11-26	medium	camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2	Malware
2022-11-26	medium	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (41)

	URL	Size	First Seen	Last Seen
	www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=6.5.0	22 kB	2023-03-07	2024-05-03
Pretty URL www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=6.5.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:00 Last Seen2024-05-03 11:33:38 Times Seen167 Hash abd6bbbacaa7402af14b159b1f182803 c128af4d5b8b10e2b5c94f33e1dc88c2592eb1f1 88aaecda68b50302ff3e9ac1876e6febf68f59e3dd26a46ff7076d4c297c8b66 Loading...

	www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/imagesloaded.pkgd.min.js?ver=6.5.0	7.2 kB	2023-03-07	2024-04-16
Pretty URL www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/imagesloaded.pkgd.min.js?ver=6.5.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:41 Last Seen2024-04-16 10:07:21 Times Seen98 Hash 8fa7006631b9bd4677d5a89b87e33e65 de1fdeb1c38dca9a2cc48ae11cfd05368f1d9590 26884bf155386d37907ad46bedf05580de5df62c414bfc18a52ddf26776b0674 Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2	76 kB	2023-03-11	2023-03-11
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2 IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash 7e1c823bf93e9bd1e674fdea7abab9ee 3f6f6a7d30a5994c319b27e3b8b6430dbfe505c6 4b77faf8e960057ab0b049989e7cf78949b7efddecfaae7394880822c5175e27 Loading...

	www.camping-haute-corse.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-05-04
Pretty URL www.camping-haute-corse.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-05-04 19:06:44 Times Seen2832 Hash 64e89b93b02055fb75ea0913089ded0b 9ccf854a6acedb27496725fa7570a670fd7bd572 a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd Loading...

	www.camping-haute-corse.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-07
Pretty URL www.camping-haute-corse.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-07 18:09:18 Times Seen69101 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	1.4 kB	2023-03-11	2023-03-11
Pretty URL www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ IP 172.67.169.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash 1f6f4415745aec195ab89a8e50ec3ef2 1fdbbdad6117e23f15e9f679b35c2e41e2b77db6 6b92b79fa2a59b76cc39bfa02d7d6c852b6ed6564ccf56170d7b25342eb855df Loading...

	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	151 B	2023-03-07	2023-12-29
Pretty URL www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ IP 172.67.169.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:31 Last Seen2023-12-29 00:38:09 Times Seen38 Hash 8ac2d9afad4909c9befb43a1dddaeea5 6dee55e46b59f30017d20a681261d85921b11861 6d161024075d11d6b42c87c53227631e760bfe5b0cbde0a74040037b5bf2740d Loading...

	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	77 B	2023-03-07	2024-05-05
Pretty URL www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ IP 172.67.169.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:28 Last Seen2024-05-05 21:39:08 Times Seen934 Hash ff6c592795f4c4b7a66be5d8092cee9d 379d396226dd1d4d95e8c0e581b291e4a4c1d3f0 a1639d5a80b162ce20e1bb8d7057939dc7fd7145a870969dffccf3160a135352 Loading...

	www.camping-haute-corse.com/wp-content/themes/cuberism/js/slidepanel.js?ver=20160909	139 B	2023-03-11	2023-03-11
Pretty URL www.camping-haute-corse.com/wp-content/themes/cuberism/js/slidepanel.js?ver=20160909 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash ce879c5dc39c18b19970f50fafe6a075 96a928ea2e6719ee2e538a4be0047a8cd4053436 441d0970f6f3bf9406f593110d482d8e91e8444b59a7b85f7323f45d550ab861 Loading...

	www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0	9.2 kB	2023-03-07	2024-05-07
Pretty URL www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:50 Last Seen2024-05-07 17:21:38 Times Seen3217 Hash 5ff487a413612cbbf6bc391c10ff7bac acbbd8a96ecad33158f29e45afcd41e4b2dd6579 357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8 Loading...

	www.camping-haute-corse.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21	3.9 kB	2023-03-10	2023-09-24
Pretty URL www.camping-haute-corse.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:12:12 Last Seen2023-09-24 05:47:29 Times Seen3 Hash 3f72eea288f0c3e044dc1bc7234cb7db abfb91e543a092e461678c86d6b9d1cbfdfaa8f3 af96bd176c6eaa479ffaabedb2b14745bbbe5167067052301d874e690a5adc7f Loading...

	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	153 B	2023-03-11	2023-03-11
Pretty URL www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ IP 172.67.169.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash 17dbda522c7ad1562b4809f1d48ac020 fbb041b845195f6450c112931cb2c5670dcc4b79 b7270c0a0123274d3234a0c57d179aedbc91f1b8b3b5285e1f153afba22a8171 Loading...

	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	30 B	2023-03-07	2024-05-05
Pretty URL www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ IP 172.67.169.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:28 Last Seen2024-05-05 18:46:08 Times Seen424 Hash 679db76ba3d73d824f89166df549d5c5 b9af7241b0b9b90fdfd1d4623f0b0741d4cd2c50 9795a3cbd22f4c09606f96174a1fe4d65b717c25faa5196f288436f90a72b06c Loading...

	http:srcdoc	1.2 kB	2023-03-08	2023-04-22
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2023-04-22 02:10:05 Times Seen1280 Hash 1bdd099873761648dd3aa8aad60e2ac3 713e5a99347bd73f3d9c359acd1c885430e22060 0624e7ce1ad63657924f8ca830c5a9a16c721b527ea1b98d2ef471d04348a07d Loading...

	www.camping-haute-corse.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6	9.7 kB	2023-03-07	2024-05-06
Pretty URL www.camping-haute-corse.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-05-06 17:36:14 Times Seen4724 Hash cfb428c02811f0cbe515d5f3dca61de6 e95f8696fbe29a706e66ccf582b36d9bd650ab9f 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78 Loading...

	www.camping-haute-corse.com/wp-includes/js/underscore.min.js?ver=1.13.1	19 kB	2023-03-07	2024-05-04
Pretty URL www.camping-haute-corse.com/wp-includes/js/underscore.min.js?ver=1.13.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-05-04 19:27:15 Times Seen1670 Hash 47e07d05e0e32338ed2e112d3f46cac1 331fa3259ce673bf92047a25542305242eb6f35f 4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a Loading...

	www.camping-haute-corse.com/cookie-consent.js	179 kB	2023-03-11	2023-03-11
Pretty URL www.camping-haute-corse.com/cookie-consent.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash 7be723b65de65afc4402fb584f8c7e17 1c67641d3bc7ef4bb2e4983f906ee9b6abb70845 ee320727475f95e614ea93f2616d323056e572de2ff9c9b3f24d718f7ca6fa85 Loading...

	merendella.premium.secureholiday.net/8095/WidgetProviderV3?Lg=	9.5 kB	2023-03-11	2023-03-11
Pretty URL merendella.premium.secureholiday.net/8095/WidgetProviderV3?Lg= IP 13.69.68.19 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash 6a36e13627991f27c9f72500038f3d4f 1a2d3337e97506697e70b2d40fc70cfc2a2753f5 49757e1aac9d188b3cc01f1c1dcc7c1716c055312adf49396b40e07cebd56d82 Loading...

	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	466 B	2023-03-11	2023-03-11
Pretty URL www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ IP 172.67.169.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash e7cbeae41c34bccdbab24f94acda2c42 bbb3e9085393f4ad99368d31cc365b1d878b48c3 652f29580d4ad1b180d4cf07685167e1d3d7c70164cbcc6fba5959659bff51eb Loading...

	www.googletagmanager.com/gtag/js?id=G-7V2WC0XJBR	217 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-7V2WC0XJBR IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash d29e09e8af4fed6c45743e7ef4db6bec 196fa0df4ae81133e463eb8123b8e26becd50505 8bce9d2977c41063ae590a99748997e2fed6ee673b7d41ac3b5c57ee79c50fcf Loading...

	www.camping-haute-corse.com/wp-content/themes/cuberism/js/sticky.js?ver=1	263 B	2023-03-11	2023-03-11
Pretty URL www.camping-haute-corse.com/wp-content/themes/cuberism/js/sticky.js?ver=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash 87c18fefcf21b009331991c2412a85c8 23419b69c1f165d929668560121ff28b156b5103 8e92a4e677c36f1a5b2618efa0103b0cb7ad08c1969a533ee78443da9428c95b Loading...

	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	2.2 kB	2023-03-11	2023-03-11
Pretty URL www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ IP 172.67.169.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash 43a689e2705612dfc2fd889de8544952 4df55c7207c632e4fd81003c664cd5ae2206599e 2bc681dfac8c3d3c56ccbde5169d2cdd2b9bdd868b1671cbd4814429eaf71f66 Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	www.camping-haute-corse.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=650	12 kB	2023-03-07	2024-01-06
Pretty URL www.camping-haute-corse.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=650 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:57 Last Seen2024-01-06 11:53:38 Times Seen21 Hash 7d7e2f7cb6e74e8ab542b08a1b626843 fbf2890b7c781a90fa9d1f881b1f7cba7811a285 3592af7586d799cfb42f1f10437cbf1b6987c07640e008d4c96d1bee7c4ea829 Loading...

	www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/owl.carousel.min.js?ver=6.5.0	42 kB	2023-03-07	2024-05-02
Pretty URL www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/owl.carousel.min.js?ver=6.5.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:57 Last Seen2024-05-02 12:52:59 Times Seen275 Hash fc20ccaad0cf5ce51d7b7a1b66589cd3 9e398996cff9a8fa2877766b3d11734cd774a68d 689c9ac02b0a03fd9a206833df33ec989dd5ed79eab24a1802fb281bb9accc26 Loading...

	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	1.1 kB	2023-03-07	2024-04-24
Pretty URL www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ IP 172.67.169.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:57 Last Seen2024-04-24 22:40:37 Times Seen95 Hash 16c05593f3531aea3884878cf6fccf4e 5ab4668ea7a35ff0904daa6edd1c0ab7b506791f c0f10a6d53a9b73b44f20330b512880d06d419316ba4e08e84ca4902208cc0e3 Loading...

	www.camping-haute-corse.com/wp-content/themes/cuberism/js/scroll.js?ver=1	1.2 kB	2023-03-11	2023-03-11
Pretty URL www.camping-haute-corse.com/wp-content/themes/cuberism/js/scroll.js?ver=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash c2df5586d11c9c970597f07b7fe95659 5f188636f816201ae2378606bdc93c97e20b3db1 22980a54dd91882f707655302ed3a29d5b7f3b8aeff49ab1ac7f130272f785e0 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main	211 kB	2023-03-08	2024-05-04
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2024-05-04 08:51:17 Times Seen142 Hash 416b0fc07995be8d2b5b67aba46171b0 dd355df12143ce031c19ed0b2b8bf512b6c7d5f1 99a05e6c4657850662d766688752248659646b186aff567879d5d159812d1904 Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-05-07
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-07 16:46:47 Times Seen14336 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	www.camping-haute-corse.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-05-07
Pretty URL www.camping-haute-corse.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-07 18:07:53 Times Seen32056 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.5.0	13 kB	2023-03-07	2024-03-12
Pretty URL www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.5.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:41 Last Seen2024-03-12 14:39:21 Times Seen142 Hash ade884e25b5077cfff55ed34ef6a3ce4 e513f2db9f408e16678a9a2e906e9798f44e86e6 c48de9bfcac5427e9b7f3b77b203ecb07dbff5e91fd908f36b148d546323780b Loading...

	corse.v5.secureholiday.net/corse/FR/Widget/Provider?v=2	6.8 kB	2023-03-11	2023-03-11
Pretty URL corse.v5.secureholiday.net/corse/FR/Widget/Provider?v=2 IP 40.118.96.231 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash 743d525f18e6d0acdbdd3ceba0b056bf c95183c3d715d5d29d6c3ff3d142a1f2af3dd3a8 27d010236b838deca66199b4b932a697ba466de03ff297fb34c5596128e76302 Loading...

	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	41 B	2023-03-07	2024-05-07
Pretty URL www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ IP 172.67.169.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2024-05-07 11:12:04 Times Seen7200 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	www.camping-haute-corse.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3	18 kB	2023-03-07	2024-05-07
Pretty URL www.camping-haute-corse.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-07 16:32:28 Times Seen12696 Hash 116c86c56f8db0bb63f15ceda50fdc98 75e308982ecf7cd43644b8b426e6aa1a0b0fbe26 def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Loading...

	www.camping-haute-corse.com/wp-content/themes/cuberism/js/jquery.validate.min.js?ver=5.9.3	21 kB	2023-03-07	2024-04-12
Pretty URL www.camping-haute-corse.com/wp-content/themes/cuberism/js/jquery.validate.min.js?ver=5.9.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:13 Last Seen2024-04-12 07:13:00 Times Seen32 Hash b0fc6ded487b881f8258bfc5a6fcc7a9 3c9dc0cd37e5d30724b531308697eed3a45b0fa2 c2e2bb0b6070315a55bb04a3b8e78b4882c920b31f45058c625b17938305136b Loading...

	www.camping-haute-corse.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-07
Pretty URL www.camping-haute-corse.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-07 18:02:22 Times Seen56162 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.js?ver=6.5.0	26 kB	2023-03-09	2024-02-27
Pretty URL www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.js?ver=6.5.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:42:26 Last Seen2024-02-27 03:13:49 Times Seen38 Hash 0f0343817a8cf161664bfff8b5fd7767 3362529c371a3fcbe525ddd407110ebe59681dc2 bcefd4ee2c7fe5788db26abe02e24d753d29e643602e41d4ed7f70babfc7f754 Loading...

	www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0	21 kB	2023-03-07	2024-05-07
Pretty URL www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:33 Last Seen2024-05-07 17:21:38 Times Seen867 Hash 6d9891ac8ff815503194acfdfb33d65a 1b9c16ab6b2852198485b6b78aa273e7abdcfdec d4e6e79818a2eea4b4353e93f6edb3883a72983484377e43879c3710b3de8c96 Loading...

	www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto.min.js?ver=6.5.0	24 kB	2023-03-07	2024-02-27
Pretty URL www.camping-haute-corse.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto.min.js?ver=6.5.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:41 Last Seen2024-02-27 03:13:49 Times Seen63 Hash e3f4fec3925c0a28cf8b47677952a95f cc98bf9dca2cde98d5ac03908e2661bcd5bd8d5d dfc0db6b80d7b68e5b14661a63aabb26091100724114d69203f7f05fe0fb0e0c Loading...

	www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/	154 B	2023-03-11	2023-03-11
Pretty URL www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ IP 172.67.169.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:01:45 Last Seen2023-03-11 21:01:45 Times Seen1 Hash 5d5f5a9502dfde365a6dbc450a82d989 00a7d90110da0f022808ffc16e19cc2e83c9e485 2ba42483d2e845e43690936c1fef5e016d1d2c60fec8d51b6805a5b3e9d4f84c Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (46)

URL IP Response Size

camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2

104.21.79.70

301 Moved Permanently

0 B

URL HTTP/1.1
camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2
IP
104.21.79.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2 HTTP/1.1
Host: camping-haute-corse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 23:48:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 00:48:13 GMT
Location: https://camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2
Server-Timing: cf-q-config;dur=6.9999950937927e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIjeJsr%2F7cdZNlQNFfJPGPnz0MDuizlxSccBWQgdiAsdcJwmhUsKxKX1bZrQvSZ9X0Bdwa8zAQTVTds3DQUv8rLDjhpw8%2FKk21stQ5UBmQUAjvjrWnkqqn2T90IMIjk9c4%2F31GCU32lhQg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7706837f38da1c02-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13432
Expires: Sun, 27 Nov 2022 03:32:05 GMT
Date: Sat, 26 Nov 2022 23:48:13 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5769
Cache-Control: max-age=130744
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:13 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 12:07:17 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2345
Expires: Sun, 27 Nov 2022 00:27:18 GMT
Date: Sat, 26 Nov 2022 23:48:13 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 23:19:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1736
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: FlhTK7aZMhdIaAPz12HGb/+UX2nd92ilpBQ2dRDFuNDkWbUPJV1k4q5efba/Ymla1o7Hz+jLy64=
x-amz-request-id: 2AE0F6GE5712Q7B2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 23:44:25 GMT
age: 228
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:48:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
b422ba26919fbebf597a48fb11dfff22
2e3beaf0d2c6681ded7d0d9ac9feabb8173146ce
0cf20edc0dce3b9a32472ed692b5af7c5b32a0d8f62af9c175b276b43f86c4b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=102281
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:13 GMT
Etag: "63819246-116"
Expires: Mon, 28 Nov 2022 04:12:54 GMT
Last-Modified: Sat, 26 Nov 2022 04:12:54 GMT
Server: nginx
Content-Length: 278

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 23:08:54 GMT
cache-control: public,max-age=3600
age: 2359
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
b422ba26919fbebf597a48fb11dfff22
2e3beaf0d2c6681ded7d0d9ac9feabb8173146ce
0cf20edc0dce3b9a32472ed692b5af7c5b32a0d8f62af9c175b276b43f86c4b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=102281
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:14 GMT
Etag: "63819246-116"
Expires: Mon, 28 Nov 2022 04:12:55 GMT
Last-Modified: Sat, 26 Nov 2022 04:12:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6072
Cache-Control: max-age=125989
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:14 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:48:03 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.24.78.9

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.24.78.9:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kOxD97Ckwk27naGmiwK9FA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iCLXMZqO0DNy73sxDsAccGTX80w=

ocsp.digicert.com/

93.184.220.29

200 OK

32 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
32 kB (32239 bytes)
Hash
3d5d376fecf3bba093e79dd3d2d61bc4
bf305cbb60a6dddf54439139303c521193bee165
8b39b85ae3b50beec294111cf5b48bbe3c176e3f40f5eea755da0e68454569d7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4803
Cache-Control: max-age=116069
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:14 GMT
Etag: "6381b560-118"
Expires: Mon, 28 Nov 2022 08:02:43 GMT
Last-Modified: Sat, 26 Nov 2022 06:42:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

r3.o.lencr.org/

23.36.76.226

200 OK

4.4 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
4.4 kB (4390 bytes)
Hash
5a8b6ee9f8be44798716e8219f872c27
5d35153a296da47f7d3d0c35de2af0450d9c09ec
11dea0a4574eee18503d5cd38baf3d7c032f3ba907f9d37f722d8dc1e3a0685c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10940
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 23:48:14 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

1.2 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1244 bytes)
Hash
5475d9f48edfe80cf97a66f48e99550d
951b2af572d835458a0665886f9fa6978ce8a2ae
cb3bad3ea77e3734000300754b18b8f33114e81798e6ca9d112f3bff4d872ed8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

838 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
838 B (838 bytes)
Hash
4ee29d23132853afc98290705e8e253e
294540d1c693b20ec5cd9eba5535b45255db1350
2d3cae230e9b41d8785ba257201343e187351f870bb5cbce7d0b77966b38eaba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5099 bytes)
Hash
433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 6993
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8145 bytes)
Hash
cc51742200b699c93a6ede66c7997d2a
1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6
a7cc50883ac1a59fc14f0467551dec16cef3b033df599b23916427c5e42be1aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8145
x-amzn-requestid: ff37a7a0-ac51-4629-bb45-8983c4bcdd96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFFCuFL4oAMFpRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb544-7644e0183e2abc225f5e0938;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0oFg5UqP5KArhT2955eVqJsGhcnVoe7Je9nf6yTA7BLSsMVT2mXXUA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:26:21 GMT
age: 12113
etag: "1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 6997
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13049 bytes)
Hash
1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z7Hy7zEJmW8khrRb_uNcDa3UATX8DaKsdis-wUJAXfOZN4BM-0JtvQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 01:46:48 GMT
age: 79286
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6859 bytes)
Hash
f80a9a9b55da31c98663e157dde74a19
26b8dd82140c0db021048e11bff65a391dc6b444
680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6859
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTHRroAMFR8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D24B6xoLZ2nu1NdlMU5TgJSc-DfzD6vrMzgU3s6tAiAsUuzBb_t89Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 08:23:04 GMT
age: 55510
etag: "26b8dd82140c0db021048e11bff65a391dc6b444"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6883 bytes)
Hash
f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: agN3iI99V_lKDGyKTEkZg_jgR8P6nrI53d-fXsHGHkQP55suaCC2xA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:30:06 GMT
age: 65888
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7V2WC0XJBR

142.250.74.168

200 OK

76 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-7V2WC0XJBR
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19102)
Size
76 kB (75947 bytes)
Hash
3fe45e819bcc37c42b867493d024c1ba
3168ea4a019726c53c94f14f4abeb35aaee5e9fe
8890a19de5e01c877560d0433432a81de2eda8461bd208891069140a310dc189

HTTP Headers

GET /gtag/js?id=G-7V2WC0XJBR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 23:48:14 GMT
expires: Sat, 26 Nov 2022 23:48:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75947
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

merendella.premium.secureholiday.net/8095/WidgetProviderV3?Lg=

13.69.68.19

200 OK

3.7 kB

URL HTTP/2
merendella.premium.secureholiday.net/8095/WidgetProviderV3?Lg=
IP
13.69.68.19:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (6747), with CRLF line terminators
Size
3.7 kB (3668 bytes)
Hash
60170ee2d8da730ae4e3a91c5b5f9abc
ad2efb7bacf5efc430c0270ae2332612d923eaa1
622dc9ab2cf0882327d920e92d6882758fdd3d25b603aff7e1c494af3066dff3

HTTP Headers

GET /8095/WidgetProviderV3?Lg= HTTP/1.1
Host: merendella.premium.secureholiday.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
date: Sat, 26 Nov 2022 23:48:14 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=600
content-encoding: gzip
expires: Sat, 26 Nov 2022 23:58:15 GMT
set-cookie: ARRAffinity=96fb5dcc80475275582f7001fcfc3411c0bd963f5c09352e5e0c2cabf8eb3d45;Path=/;HttpOnly;Secure;Domain=merendella.premium.secureholiday.net
ARRAffinitySameSite=96fb5dcc80475275582f7001fcfc3411c0bd963f5c09352e5e0c2cabf8eb3d45;Path=/;HttpOnly;SameSite=None;Secure;Domain=merendella.premium.secureholiday.net
vary: Accept-Encoding
content-length: 3668
x-xss-protection: 0
machine: RD281878E9A36A
request-context: appId=cid-v1:9ba59a8e-e6c9-45aa-9d1b-c806579d2382
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
fadeae7c8a620033ff82d1c02558c2a6
5962a5b090be9096bb60ab916f3c93722138f630
5fa393991129ba19777713a21ed9d21d276ae18c8104d28353d33d44e13cbc1b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 23:48:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 21:50:52 GMT
Expires: Sun, 27 Nov 2022 21:50:52 GMT
ETag: "5962a5b090be9096bb60ab916f3c93722138f630"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

corse.v5.secureholiday.net/corse/FR/Widget/Provider?v=2

40.118.96.231

200 OK

3.1 kB

URL HTTP/2
corse.v5.secureholiday.net/corse/FR/Widget/Provider?v=2
IP
40.118.96.231:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (6777), with no line terminators
Size
3.1 kB (3069 bytes)
Hash
2e59e15dc69ed6428a3fb22e16dc7dd5
f60460831ff9bc232738ae6b05337ac7c2d755c1
5ff63e2ebdcd4fdaff32ebec42010ef131b3f280d23c6e7e53f726de209a8fec

HTTP Headers

GET /corse/FR/Widget/Provider?v=2 HTTP/1.1
Host: corse.v5.secureholiday.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
date: Sat, 26 Nov 2022 23:48:14 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
content-length: 3069
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.106

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18670)
Size
3.6 kB (3619 bytes)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 23:38:24 GMT
expires: Sun, 27 Nov 2022 00:38:24 GMT
cache-control: public, max-age=3600
age: 591
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.camping-haute-corse.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 274447
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:48:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=latin&ver=6.5.0

142.250.74.10

200 OK

1.8 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=latin&ver=6.5.0
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.8 kB (1771 bytes)
Hash
60cfd8bf87e737e6fe7beba6795cd92d
2270151831203fa2d4e7979f303c77305cfc677d
2b352b6f599fa23869fc02f233ac9bc5ab76e28fd261a4cd69f651a621c69799

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=latin&ver=6.5.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 23:48:14 GMT
date: Sat, 26 Nov 2022 23:48:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.camping-haute-corse.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 294043
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

142.250.74.46

200 OK

27 kB

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
data
Size
27 kB (27292 bytes)
Hash
f95401dc149f6b56b3704bd892f545f2
dda588825cc1ad361c1da4baed60b8c587a63e66
e5cd74c51eaea075e7cd52135c724701fe0e6c2c44afd710809a8d7a9e231a9d

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 23:48:14 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+232; expires=Mon, 25-Nov-2024 23:48:14 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.163

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 23:30:43 GMT
expires: Sun, 26 Nov 2023 23:30:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-7V2WC0XJBR&gtm=2oeb90&_p=1811185273&cid=967586896.1669506495&ul=en-us&sr=1280x1024&_s=1&sid=1669506495&sct=1&seg=0&dl=https%3A%2F%2Fwww.camping-haute-corse.com%2Factivites-canyoning%2Factivites-canyoning-bastia-cap-corse%2Faltore-2%2F&dt=ALTORE%20%E2%8B%86%20Campings%20Haute%20Corse&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-7V2WC0XJBR&gtm=2oeb90&_p=1811185273&cid=967586896.1669506495&ul=en-us&sr=1280x1024&_s=1&sid=1669506495&sct=1&seg=0&dl=https%3A%2F%2Fwww.camping-haute-corse.com%2Factivites-canyoning%2Factivites-canyoning-bastia-cap-corse%2Faltore-2%2F&dt=ALTORE%20%E2%8B%86%20Campings%20Haute%20Corse&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7V2WC0XJBR&gtm=2oeb90&_p=1811185273&cid=967586896.1669506495&ul=en-us&sr=1280x1024&_s=1&sid=1669506495&sct=1&seg=0&dl=https%3A%2F%2Fwww.camping-haute-corse.com%2Factivites-canyoning%2Factivites-canyoning-bastia-cap-corse%2Faltore-2%2F&dt=ALTORE%20%E2%8B%86%20Campings%20Haute%20Corse&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: null
date: Sat, 26 Nov 2022 23:48:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.163

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 23:29:34 GMT
expires: Sun, 26 Nov 2023 23:29:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

142.250.74.163

200 OK

910 B

URL HTTP/2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
910 B (910 bytes)
Hash
efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 07:35:34 GMT
expires: Sat, 25 Nov 2023 07:35:34 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 144762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8817 bytes)
Hash
741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6v42KU65wdKKPvjE7TRA3Li3o2dvrdPH7oGVDZGPPsAepqFFjQJkkA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:15:20 GMT
age: 27181
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9073 bytes)
Hash
ccb536b51f31391c89fb2abe3be6c749
c9a5ab962bfdd174aecd4809d770f0fe305ab8e4
b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9073
x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JuVHY7IAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:41:41 GMT
age: 25601
etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2

172.67.169.54

301 Moved Permanently

0 B

URL HTTP/2
camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2
IP
172.67.169.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2 HTTP/1.1
Host: camping-haute-corse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Sat, 26 Nov 2022 23:48:14 GMT
content-type: text/html; charset=UTF-8
location: https://www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/
x-redirect-by: WordPress
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 23:48:13 GMT
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aucv0o6Ba0Nq14L8Cl1vzTWdrlrmFB4fHrRZ23QNYQsAYsRsmpR7HKl68JqtWNoi0wbgGP%2B4dPY9vCiUt3xXdtarMD2ByfDJGjbvwJd4NkMF8i8HTYIn0vwBVIg%2FlU49Eka%2BKUaGIg%2B5PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770683824d1cb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/

172.67.169.54

200 OK

0 B

URL HTTP/2
www.camping-haute-corse.com/activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/
IP
172.67.169.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /activites-canyoning/activites-canyoning-bastia-cap-corse/altore-2/ HTTP/1.1
Host: www.camping-haute-corse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:48:14 GMT
content-type: text/html; charset=UTF-8
link: <https://www.camping-haute-corse.com/wp-json/>; rel="https://api.w.org/", <https://www.camping-haute-corse.com/wp-json/wp/v2/pages/7564>; rel="alternate"; type="application/json", <https://www.camping-haute-corse.com/?p=7564>; rel=shortlink
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 23:48:14 GMT
vary: Accept-Encoding
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTvWmURRVUYzAawG5Z%2F3Q3FvpjtW3gsXZVRX50QeietZT5Bimwyvby4pu4LBt%2F5Xcww04bg4TB4t0H35PKkJWXhKaM5eNVJiKTMLOYESTNKmPdfZGMupPZ10I21FHF7BRM7kxXx1kkbqkwFhKRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770683840f1ab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

104.16.57.101

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
104.16.57.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.camping-haute-corse.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:48:14 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 770683890de30b41-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (41)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations