r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15337
Expires: Tue, 06 Dec 2022 13:49:30 GMT
Date: Tue, 06 Dec 2022 09:33:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2507
Cache-Control: max-age=92353
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:33:53 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:13:06 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 09:20:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 810
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15406
Expires: Tue, 06 Dec 2022 13:50:39 GMT
Date: Tue, 06 Dec 2022 09:33:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: F0ymdoldGfGNgVKi1zOP7X0SpPBakbaa9fsY41IZoVU30RdSIDJ3Qqt4JspiHzsgnq7yFFPmN74=
x-amz-request-id: CKT493QJ6PG3Q176
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 08:48:52 GMT
age: 2701
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:33:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 09:11:20 GMT
cache-control: public,max-age=3600
age: 1353
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2510
Cache-Control: max-age=87288
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:33:54 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:48:42 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.34.4.233101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.4.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N2lXjLaSWVN1e6gILfHUuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HZoT3WOJDcPDqEq5bB9iOrid6j4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12608
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 09:33:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12608
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 09:33:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12608
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 09:33:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12608
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 09:33:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12608
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 09:33:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18bbcbf84b00d3bc602830478ff1bd7f
1f25392db4cf3693259202b24e898f21093b8bf9
cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5790
x-amzn-requestid: 2e409a5f-ce04-4b9b-b3a2-74e5bbd256d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvoEoUoAMFsxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64ca-72e1bb13187b18aa26c8566f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WBNaNTgYQaDVlJqu2u341xYy_6zmr5LqmCD2BPjGPGgmAG20WNHyKw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
age: 42423
etag: "1f25392db4cf3693259202b24e898f21093b8bf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 40246
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 41439
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5e953213b7b13b8ee202406147fac52
67a09d8cd23ed444667b225f7fbf4bb17b9f42dd
cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15732
x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVIIESBIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:21 GMT
age: 40294
etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53afd826523f4c18bf968764818d7ca7
9a26884875abb0652c568c50438b65f801779f9a
4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12293
x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyGHPOIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4f0QQ4-21m-DiP4oUtIG75_vremc835laqhfDerlqCuW-WyKClvc9Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:29:38 GMT
age: 39857
etag: "9a26884875abb0652c568c50438b65f801779f9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 557e6b38-7be9-4953-968b-2e5bd3491ef4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUDYEQbIAMFwRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e2-1fcd8fc4719bc0bc7d11abd2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z1_zJTJMuk724WMOmIc660b54AyZK8ffNVF5N7ehZ00W2kaL3Lcd1A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:14 GMT
age: 42401
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ecosiam.ma/
94.23.45.221200 OK 133 kB IP 94.23.45.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5530), with CRLF, CR, LF line terminators
Size 133 kB (133041 bytes)
Hash 0373f46c4adffdec65b6afc734f6b2a5
a549f3748e83f3cfb7f408b9b0c801c5afc043ab
52bafb8412dde95130a3ccd7422c4e9400d675868e772d97fe32627ae0bdb421
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:53 GMT
Server: Apache
Link: <http://ecosiam.ma/wp-json/>; rel="https://api.w.org/", <http://ecosiam.ma/wp-json/wp/v2/pages/1369>; rel="alternate"; type="application/json", <http://ecosiam.ma/>; rel=shortlink
X-Powered-By: PHP/7.3.11, PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-header.css?ver=5.8.5
94.23.45.221200 OK 24 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-header.css?ver=5.8.5
IP 94.23.45.221:0
Hash 6e940b3062a6bfdf4c011eaedb9995d0
288d22312d44f462dc50d2827c6676c7cfbd40bc
8172a7ab4b225f5941452dab207d78ed2d3684d94df61946e11a8a70a33ac456
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/css/thegem-header.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Wed, 07 Apr 2021 17:21:44 GMT
ETag: "5d75-5bf652a30da00"
Accept-Ranges: bytes
Content-Length: 23925
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Lato:100,300,regular,700,900,400&subset=latin%2Clatin-ext
142.250.74.74200 OK 432 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato:100,300,regular,700,900,400&subset=latin%2Clatin-ext
IP 142.250.74.74:0
Hash e141e32d1114e28e714857ac655df013
3d3253fae51694b279f7c6482bfb96b84918117b
14fd78c0c5510b97df0507a27d68e3a1efcd5e4969b3a381cd68ecb4b10c16c8
GET /css?family=Lato:100,300,regular,700,900,400&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 06 Dec 2022 09:33:55 GMT
Date: Tue, 06 Dec 2022 09:33:55 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin%2Clatin-ext%2Cvietnamese&ver=5.8.5
142.250.74.74200 OK 1.7 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin%2Clatin-ext%2Cvietnamese&ver=5.8.5
IP 142.250.74.74:0
Hash 0e8384d846028217b4bc8b237e6ce5c0
24fde90f8892b71fddda5a52280b9c6192556a32
13de52195bf1c1cb375eea55441b2728747a9f06493dbcb1f8466afadf5bf191
GET /css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin%2Clatin-ext%2Cvietnamese&ver=5.8.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 06 Dec 2022 09:33:55 GMT
Date: Tue, 06 Dec 2022 09:33:55 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-preloader.css?ver=5.8.5
94.23.45.221200 OK 3.4 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-preloader.css?ver=5.8.5
IP 94.23.45.221:0
Hash cba4f100f3bba7094857f196ab977599
2dda28f96d16a127280104c007b6fc5c38d363cc
f3e0ae0153526793a6aa6ca8bdcfaa026b455f943ec58221804b864258fd04dd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/css/thegem-preloader.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "d4d-5bad914409680"
Accept-Ranges: bytes
Content-Length: 3405
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-reset.css?ver=5.8.5
94.23.45.221200 OK 4.1 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-reset.css?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash 55d67784362cd62bc956b31bbdf447a7
9ee8e985206176beeae4f7d02e22f7a6d8a8897f
5f73e4af9e5e40532d52233ba4c81674d2e89796fede9b70a8e91c28d70f7a5b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/css/thegem-reset.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "1003-5bad914409680"
Accept-Ranges: bytes
Content-Length: 4099
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-grid.css?ver=5.8.5
94.23.45.221200 OK 11 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-grid.css?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (540), with CRLF line terminators
Hash aaa568bd783ee5c642068aa5bf538a58
09474f0df7cc84de4e0e945d9704eb03d45de7d5
bba29f87f4915c6dfcff67d63b43ad69cc5b59f04e9378af044c8695b0ecc3a3
GET /wp-content/themes/thegem-elementor/css/thegem-grid.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "2a59-5bad914409680"
Accept-Ranges: bytes
Content-Length: 10841
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.8
94.23.45.221200 OK 22 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.8
IP 94.23.45.221:0
Hash f9045ce83e2afad7776ae7558e053144
0669a21caf97aeea41d9ae79985d94bd118f15f7
e0f987f16687328f1504bff870acba9b30333eff550220a7307f9fe7e73fb5d2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.8 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 13:35:19 GMT
ETag: "555a-5d54e862fd3c0"
Accept-Ranges: bytes
Content-Length: 21850
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-pagespeed-lazy-items.js
94.23.45.221200 OK 26 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-pagespeed-lazy-items.js
IP 94.23.45.221:0
File type ASCII text, with very long lines (1969)
Hash 791bba6f9632eb93e705f45ce9bf8337
102b6335598f22d6f71d1c6973fa7d57cd11209a
8fbe80d16f48d838de6b02df526d77d77137a4319050135daac5c428cde89941
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/thegem-pagespeed-lazy-items.js HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Wed, 25 Aug 2021 17:47:34 GMT
ETag: "667a-5ca65d85c7980"
Accept-Ranges: bytes
Content-Length: 26234
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-perevazka-css.css?ver=5.8.5
94.23.45.221200 OK 18 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-perevazka-css.css?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash a13b08af533d6fecf15b5e925c74e145
9386b47ee22589c7d2ecb1e31fa0bcccce908cd1
39b7df7fd92d7c971f037888620e8c9102caa056da1d6d39ba5023c25807084a
GET /wp-content/themes/thegem-elementor/css/thegem-perevazka-css.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Wed, 18 Aug 2021 16:13:38 GMT
ETag: "4696-5c9d7b78a5080"
Accept-Ranges: bytes
Content-Length: 18070
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-new-css.css?ver=5.8.5
94.23.45.221200 OK 40 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-new-css.css?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash c13cbb4e74b701e102b56fd4b557d1d3
ad6e55fc2dc2691226dba967fb4f80f9c3fe768f
11084e256a6b277698177030478b354ee83fecb271c417155d2348634c6040b3
GET /wp-content/themes/thegem-elementor/css/thegem-new-css.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Mon, 22 Feb 2021 14:49:28 GMT
ETag: "9d3d-5bbede8a00e00"
Accept-Ranges: bytes
Content-Length: 40253
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecosiam.ma/wp-content/themes/thegem-elementor/css/custom-x2NMfFJX.css?ver=5.8.5
94.23.45.221200 OK 269 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/custom-x2NMfFJX.css?ver=5.8.5
IP 94.23.45.221:0
Size 269 kB (268669 bytes)
Hash 017a7ed42e257629de4c5a65dd4c4b62
e8484d3afebcdffbf1a1538379b79ac71127cc2e
f995c827277904ec4e41ddbc988177555a4b51b14d07a3c6a7ef58dca4615573
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/css/custom-x2NMfFJX.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Fri, 14 Jan 2022 17:34:15 GMT
ETag: "4197d-5d58e3633f3c0"
Accept-Ranges: bytes
Content-Length: 268669
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox.min.css?ver=5.8.5
94.23.45.221200 OK 13 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox.min.css?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (12795), with no line terminators
Hash a2d42584292f64c5827e8b67b1b38726
1be9b79be02a1cfc5d96c4a5e0feb8f472babd95
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox.min.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Sun, 14 Mar 2021 02:47:44 GMT
ETag: "31fb-5bd762854f400"
Accept-Ranges: bytes
Content-Length: 12795
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
94.23.45.221200 OK 81 kB URL HTTP/1.1 ecosiam.ma/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
IP 94.23.45.221:0
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 43c4bc05b5e3b0a6684a7c3a52e63590
ed6d95d525a710a82e8b8583e9ba7bce3b2a4722
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:13 GMT
ETag: "13abe-5d8124a699e40"
Accept-Ranges: bytes
Content-Length: 80574
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-widgets.css?ver=5.8.5
94.23.45.221200 OK 68 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-widgets.css?ver=5.8.5
IP 94.23.45.221:0
File type Unicode text, UTF-8 text, with CRLF, CR line terminators
Hash 507964e1e559a58295a2d2c56fd874f3
50890be469afcb6c69d5765ea1216add22f207c1
e313acd5badeb66a22afc86b76a50458d217371aaae9d3ef2944dda119095c94
GET /wp-content/themes/thegem-elementor/css/thegem-widgets.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Fri, 03 Sep 2021 14:27:04 GMT
ETag: "1086a-5cb1817e39e00"
Accept-Ranges: bytes
Content-Length: 67690
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/style.css?ver=5.8.5
94.23.45.221200 OK 280 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/style.css?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (800)
Size 280 kB (279852 bytes)
Hash 1f758ce1d481d3bc40b29cf4b0685c7e
f919f4652d0ed0018230f8a2bed6311546fbae2e
9ab104c96d370139053ca72a8bdf2ac80b81aa2f57da343f660cb4722700255f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/style.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:55 GMT
Server: Apache
Last-Modified: Thu, 16 Sep 2021 12:41:48 GMT
ETag: "4452c-5cc1c235cfb00"
Accept-Ranges: bytes
Content-Length: 279852
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0
94.23.45.221200 OK 19 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0
IP 94.23.45.221:0
File type ASCII text, with very long lines (18854)
Hash 529682ac55e7a01d92eaca49121fc540
8ce3714f3f8b249639d628b7011ac59d21152789
d2a442e1bc1180697fefe701f9b67b9cf4d819e2837bdb43898a2db6ef8e8262
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "49d4-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 18900
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2
94.23.45.221200 OK 1.9 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2
IP 94.23.45.221:0
Hash 5adf7d491095d37be5902f8aea47288f
c74b8251277a6f009269827c4614253a3c6ef632
3ddc2daa3935e81bec0daa5effbf1861f60ed8ddea3c348c95c5302912233858
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "77d-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 1917
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.4.7
94.23.45.221200 OK 3.9 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.4.7
IP 94.23.45.221:0
File type ASCII text, with very long lines (3815)
Hash f475fc479c16d9dd7ac1d66cd1336447
144edffc0e341a22ed3d47be4a4cbaa5b6cf0f43
398598aaf1760e85c241df272fdfb69e370bb8282038028e6cc36e37d9f5b02d
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.4.7 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "f0e-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 3854
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/uploads/elementor/css/post-812.css?ver=1641915622
94.23.45.221200 OK 948 B URL HTTP/1.1 ecosiam.ma/wp-content/uploads/elementor/css/post-812.css?ver=1641915622
IP 94.23.45.221:0
File type ASCII text, with very long lines (948), with no line terminators
Hash 93d483899c1930fde3e9099748eb95e1
5489288b7018689d95ca5f0dedabea404dea38da
ba6b0752d1388f19b43ccf38eb860237326530e5ee2011aa56a149ac641c8204
GET /wp-content/uploads/elementor/css/post-812.css?ver=1641915622 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:12 GMT
ETag: "3b4-5d8124a5a5c00"
Accept-Ranges: bytes
Content-Length: 948
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.7
94.23.45.221200 OK 132 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.7
IP 94.23.45.221:0
File type ASCII text, with very long lines (65497)
Size 132 kB (131479 bytes)
Hash f583ec8e378f875f9078faad0a3e9d1f
38b36ff2de64b8d7fb9432832e7055a46c1feda1
c453736e49a5470d86094d2f4510bc96d7aa5f1510b20d0fc427624b1562d64a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.7 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "20197-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 131479
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/uploads/elementor/css/post-1369.css?ver=1642077920
94.23.45.221200 OK 42 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/elementor/css/post-1369.css?ver=1642077920
IP 94.23.45.221:0
File type ASCII text, with very long lines (42193), with no line terminators
Hash 713e7b0a959e11447b1f6348d3801130
ed5c841d698dd5fe2bda4231672a342fd388082d
4d497cf98968b03987028f38c75744b8a2b3af9c36bd1d342a8572e33baaa3b1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-1369.css?ver=1642077920 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Thu, 13 Jan 2022 12:45:20 GMT
ETag: "a4d1-5d5760f1d7800"
Accept-Ranges: bytes
Content-Length: 42193
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
94.23.45.221200 OK 669 B URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 94.23.45.221:0
File type ASCII text, with very long lines (483)
Hash 9eb2d3c87feb6bb2ffa63b70532b1477
38f226335a05ab0e30497bc7419eb5e243a9e26c
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "29d-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 669
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-settings-init.js?ver=5.8.5
94.23.45.221200 OK 2.2 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-settings-init.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash 5b1da69f59260673e9252507f675bfdf
f7922e626cd60d9fb57fe99cf49c41d8d94b9a58
cad511b3096391740cb95ba32f4004e8d0bcec99c375638152ff6e29e89bfb18
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/thegem-settings-init.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "8ba-5bad914409680"
Accept-Ranges: bytes
Content-Length: 2234
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.5.0
94.23.45.221200 OK 328 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.5.0
IP 94.23.45.221:0
File type ASCII text, with very long lines (65493)
Size 328 kB (327993 bytes)
Hash 0b0d0164c94bf847886c05e0f7078da2
99fabf78c497fa70ca9a55f9ee42854709782c4c
6df60485e0d832fe09dae8e5fee275a8dc9999ca9a979553250c60d1103cdd27
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.5.0 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:09 GMT
ETag: "50139-5d8124a2c9540"
Accept-Ranges: bytes
Content-Length: 327993
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
94.23.45.221200 OK 11 kB URL HTTP/1.1 ecosiam.ma/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 94.23.45.221:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:13 GMT
ETag: "2bd8-5d8124a699e40"
Accept-Ranges: bytes
Content-Length: 11224
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
94.23.45.221200 OK 58 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 94.23.45.221:0
File type ASCII text, with very long lines (57726)
Hash eeb705d0bdccfd645d3bbd46dd1fbab3
066def290f42ed8c00860e573cc880bd46e9ced4
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "e238-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 57912
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
94.23.45.221200 OK 90 kB URL HTTP/1.1 ecosiam.ma/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 94.23.45.221:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:13 GMT
ETag: "15db1-5d8124a699e40"
Accept-Ranges: bytes
Content-Length: 89521
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5
94.23.45.221200 OK 18 kB URL HTTP/1.1 ecosiam.ma/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (15224)
Hash 116c86c56f8db0bb63f15ceda50fdc98
75e308982ecf7cd43644b8b426e6aa1a0b0fbe26
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:13 GMT
ETag: "4705-5d8124a699e40"
Accept-Ranges: bytes
Content-Length: 18181
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.8
94.23.45.221200 OK 123 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.8
IP 94.23.45.221:0
File type ASCII text, with very long lines (65315)
Size 123 kB (122981 bytes)
Hash c1d1665e9a9976e59c098b5cdc5e0869
a1c3fb5d0304bead8e0fb746c464d8d814c948bb
f67eb60570b3cafc392cb473d3f7f2dc3ea0f0299f34d6efbdb2506433745516
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.8 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 13:35:19 GMT
ETag: "1e065-5d54e862fd3c0"
Accept-Ranges: bytes
Content-Length: 122981
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.8
94.23.45.221200 OK 123 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.8
IP 94.23.45.221:0
File type ASCII text, with very long lines (65322)
Size 123 kB (123164 bytes)
Hash e4a0b70d3537492f9b8989a042ad99a3
48e76dd50081b2edb27d106f10a1e5cf4430b6d7
e0adb7430cf5745bf1d05eec5a8f8fc6985e6561b3437fcb43f84f55219c02b7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.8 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 13:35:19 GMT
ETag: "1e11c-5d54e862fd3c0"
Accept-Ranges: bytes
Content-Length: 123164
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.8
94.23.45.221200 OK 22 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.8
IP 94.23.45.221:0
File type Unicode text, UTF-8 text, with very long lines (21440)
Hash db19740a613d114cd7f9153f0389301f
2486aa2e357426dbbe38e6f54ee71f0c920c04b4
ef138d7fbd35f65650c0cc7812600026e6ddd9daf470e3e3d7699ccdce1b1642
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.8 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 13:35:19 GMT
ETag: "5513-5d54e862fd3c0"
Accept-Ranges: bytes
Content-Length: 21779
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-fullwidth-loader.js?ver=5.8.5
94.23.45.221200 OK 4.5 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-fullwidth-loader.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash e4f51077268d43af15f5db0d5ae775b8
5f57c184feab4dd2328111ec6b412db669af7374
72cb3ae9a555c81a5e2d156c0969a72cb14d2bde1afe7e9ec3511446f8b21c0a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/thegem-fullwidth-loader.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "1171-5bad914409680"
Accept-Ranges: bytes
Content-Length: 4465
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-lazy-loading-animations.css?ver=5.8.5
8.1 kB URL ecosiam.ma/wp-content/themes/thegem-elementor/css/thegem-lazy-loading-animations.css?ver=5.8.5
IP :0
Hash a2f2f100a71ccc301bee92e59eae3030
aa365abb896fb71aed9713765627e132fa4d29b6
93a8cefc58aa0f1b83b674da2d617d20c25dbf4abf3d9a89d66043823345a387
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/css/thegem-lazy-loading-animations.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/quickfinders/assets/css/thegem-quickfinder.css
94.23.45.221200 OK 8.8 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/quickfinders/assets/css/thegem-quickfinder.css
IP 94.23.45.221:0
File type CSV text\012- , ASCII text
Hash e6912ab9e374e4149509e5d8f20ee3b8
6cfddf7d75ab5043341e3f172aac9136dbe90244
79bb6770131a65fe859ff7c02909ccd24c92a94853f8906e6395cd455cf36b01
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/quickfinders/assets/css/thegem-quickfinder.css HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:06 GMT
ETag: "2266-5d55044726180"
Accept-Ranges: bytes
Content-Length: 8806
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/icon/assets/css/thegem-icon.css
94.23.45.221200 OK 8.3 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/icon/assets/css/thegem-icon.css
IP 94.23.45.221:0
Hash 63ec6d718e6b80aa6403d2fbc63fa3dd
6731238ae7c062b22bd458bbf17d427c24f00fe6
f1ff32252f5c90ec58706eaf1968c069f84a0aa0d8e1f6d0bd9b50343bfcccd2
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/icon/assets/css/thegem-icon.css HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:06 GMT
ETag: "2055-5d55044726180"
Accept-Ranges: bytes
Content-Length: 8277
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/contact-form-7/assets/css/thegem-cf7.css
94.23.45.221200 OK 2.6 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/contact-form-7/assets/css/thegem-cf7.css
IP 94.23.45.221:0
Hash 11fcc7759aad993f76b7f11d9e05d306
95f7faff8cfc64f001dc56e11f534295bdb46aa2
1d5962f967cc949780c78769bdb0fb94dc72f73d210e8c542e6c471361b97298
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/contact-form-7/assets/css/thegem-cf7.css HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:05 GMT
ETag: "a3d-5d55044631f40"
Accept-Ranges: bytes
Content-Length: 2621
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/counter/assets/css/thegem-counter.css
94.23.45.221200 OK 13 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/counter/assets/css/thegem-counter.css
IP 94.23.45.221:0
Hash 27c3a87a0c846838679111f34eecd08e
97fa08845bf097ea7638a7edc15d2a1494b0f76c
6b8ce4a6a47aa5cd03ee9f077f4616428547680acb9a99bf7fe177ffec9763dd
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/counter/assets/css/thegem-counter.css HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:06 GMT
ETag: "33ed-5d55044726180"
Accept-Ranges: bytes
Content-Length: 13293
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/textbox/assets/css/thegem-styled-textbox.css
94.23.45.221200 OK 4.9 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/textbox/assets/css/thegem-styled-textbox.css
IP 94.23.45.221:0
File type CSV text\012- , ASCII text
Hash 29e1a550e39285b549d4f62134450dbb
3c3a6d6ac7fe8faa5de7e947b227950b2e586a77
c0e85897416f9aaa59f5bbe505164f7c332c90319ee3a742a700d7969c976d2b
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/textbox/assets/css/thegem-styled-textbox.css HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:06 GMT
ETag: "1316-5d55044726180"
Accept-Ranges: bytes
Content-Length: 4886
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/testimonials/assets/css/thegem-testimonials.css
94.23.45.221200 OK 18 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/testimonials/assets/css/thegem-testimonials.css
IP 94.23.45.221:0
Hash 4faae312d311739e11b25ca915fd431b
fdfd4c473826a7fb4ed5ce93a764c7e2a0e0ec13
24663e8394808903884fad7adbdb0dcd37f5d0cd5b4abff765746b0cb59617de
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/testimonials/assets/css/thegem-testimonials.css HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:06 GMT
ETag: "4714-5d55044726180"
Accept-Ranges: bytes
Content-Length: 18196
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/quickfinders/assets/css/thegem-quickfinder-vertical.css
94.23.45.221200 OK 9.7 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/quickfinders/assets/css/thegem-quickfinder-vertical.css
IP 94.23.45.221:0
Hash 8689d56b8af06e5e118c023a6eb3e790
ae5b0828f4ac41ee7a9d997fc6518c7d00fba3d3
9c0d1c6e8eb9e379f869b0dda35e30349cc2c06a832e4e496215cc9181987cc3
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/quickfinders/assets/css/thegem-quickfinder-vertical.css HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:06 GMT
ETag: "25fb-5d55044726180"
Accept-Ranges: bytes
Content-Length: 9723
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/team/assets/css/thegem-team.css
94.23.45.221200 OK 8.7 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/team/assets/css/thegem-team.css
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash 9a070d965d94c64cd3232a5aec7da689
73f22f29816a558c9b10b1e849c793354fa6f674
e250f69f03b230e3f3b442c01457a54a21903d49d87f1984ca5cb08c5c545cb6
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/team/assets/css/thegem-team.css HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:06 GMT
ETag: "21db-5d55044726180"
Accept-Ranges: bytes
Content-Length: 8667
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/button/assets/css/thegem-button.css
94.23.45.221200 OK 4.2 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/button/assets/css/thegem-button.css
IP 94.23.45.221:0
Hash e286dbc8ec43348926ed010dabdddf30
fb6fcce885d6e56b192313defd548d7fc9cccd22
fa872f9bb002a56746e7a17c60d4b6410fd5f503ce6d50dae9af384a87fff0f7
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/button/assets/css/thegem-button.css HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:05 GMT
ETag: "104d-5d55044631f40"
Accept-Ranges: bytes
Content-Length: 4173
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/uploads/elementor/css/post-18.css?ver=1642013531
94.23.45.221200 OK 16 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/elementor/css/post-18.css?ver=1642013531
IP 94.23.45.221:0
File type ASCII text, with very long lines (16207), with no line terminators
Hash 0b937070b5662a4826c88f6a50e7f4be
dee896e115381f482e70ab081a841fb5179b45d7
6bcee465c3bc007d7225a54c87d3b7199d075180785bfa8f7a75a5d237cf8e4f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-18.css?ver=1642013531 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Wed, 12 Jan 2022 18:52:11 GMT
ETag: "3f4f-5d567113b4cc0"
Accept-Ranges: bytes
Content-Length: 16207
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.7
94.23.45.221200 OK 18 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.7
IP 94.23.45.221:0
File type ASCII text, with very long lines (10019)
Hash 4601ba55044413706c2022cb6c1c3d05
5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.7 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "4824-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 18468
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.6
94.23.45.221200 OK 58 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.6
IP 94.23.45.221:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 4c3247fd7a9515c2bb4c588f29590de2
e027694b5bcf5f282c35b37761c25d39bf047af0
c30c5b740610275fd73ab469fea10cc11844d60befb266be86845c738b2ecec4
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.6 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 13:35:21 GMT
ETag: "e152-5d54e864e5840"
Accept-Ranges: bytes
Content-Length: 57682
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-menu_init.js?ver=5.8.5
94.23.45.221200 OK 35 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-menu_init.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash 7ed12ddb4e9c651316ec57867eff6b89
cee973a18e3f3c4ed4c1ef9cca13f7f2543c3eee
9db94622a3a44c2fe9cd702cde326a889588d2e1cb34863c3f6bee1f4c8190c3
GET /wp-content/themes/thegem-elementor/js/thegem-menu_init.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 19:05:38 GMT
ETag: "88c0-5ca025a57c480"
Accept-Ranges: bytes
Content-Length: 35008
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/jquery.easing.js?ver=5.8.5
94.23.45.221200 OK 4.2 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/jquery.easing.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash d96c6dc5ebeeda3944c9d32427a60716
64166fb45f4ae0c6ce70c8cd5e9a31620020985c
8924a332d10ef08e1870547aa7c91431c2c79e5b1f5e2a48865385d0fa1a9772
GET /wp-content/themes/thegem-elementor/js/jquery.easing.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "1066-5bad914409680"
Accept-Ranges: bytes
Content-Length: 4198
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/SmoothScroll.js?ver=5.8.5
94.23.45.221200 OK 23 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/SmoothScroll.js?ver=5.8.5
IP 94.23.45.221:0
Hash ffdbee020ef4c175a4e0d38e51529fdb
36ab4f71eceed9a7c8eb5e91fe4fdd510177b1f5
28600b70955fd64e11bb759821b4576e32e9c8a0e16240eb306b2d96b9b96ef6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/SmoothScroll.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "5b2a-5bad914409680"
Accept-Ranges: bytes
Content-Length: 23338
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-form-elements.js?ver=5.8.5
94.23.45.221200 OK 1.8 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-form-elements.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash 0fd156974edf4633c46210b0af6c722c
a0a06fdabb2b8cb563aa979db6c753d3bd48feb7
906fd77500d6ba9a3be43c86f8a599071174cd07747ee44809e4f112b0aac149
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/thegem-form-elements.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "6fb-5bad914409680"
Accept-Ranges: bytes
Content-Length: 1787
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/functions.js?ver=5.8.5
94.23.45.221200 OK 22 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/functions.js?ver=5.8.5
IP 94.23.45.221:0
Hash ca7086dcad0863c4e6cae4943ce761c6
9b3ab19b3797e273f5f288dbb1b50939de9e3f97
4b9c0997a2d0228ea7d5e3525528b37818681ebc3f3b195092cf34227bd38dfa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/functions.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Fri, 10 Sep 2021 17:29:16 GMT
ETag: "56f4-5cba774605300"
Accept-Ranges: bytes
Content-Length: 22260
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/fancyBox/jquery.mousewheel.pack.js?ver=5.8.5
94.23.45.221200 OK 1.4 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/fancyBox/jquery.mousewheel.pack.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (524), with CRLF line terminators
Hash b0f7225166e217cfb64b80ae8ebbb604
5d6f224e3080fd4066f8ef5c63d3f467e9d29e66
89063c896f3ff978cbecd97312879f288e207d519781425f0d7f9dd203dff653
GET /wp-content/themes/thegem-elementor/js/fancyBox/jquery.mousewheel.pack.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "574-5bad914409680"
Accept-Ranges: bytes
Content-Length: 1396
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox-init.js?ver=5.8.5
94.23.45.221200 OK 2.4 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox-init.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash 837c491328e57af6c7dd6d94b9e4d7f0
f2f3f8c4c9086372f1b0ac64fa46b6681b6d2241
b08e1cb924fa6810dc2e72389d323982ee5671ffdcdf33d98375186a3bfa4611
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox-init.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 19 Apr 2021 17:05:52 GMT
ETag: "97d-5c056578afc00"
Accept-Ranges: bytes
Content-Length: 2429
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox.min.js?ver=5.8.5
94.23.45.221200 OK 68 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox.min.js?ver=5.8.5
IP 94.23.45.221:0
File type HTML document, ASCII text, with very long lines (31972)
Hash 49a6b4d019a934bcf83f0c397eba82d8
6181412e73966696d08e1e5b1243a572d0f22ba6
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
GET /wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox.min.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Sun, 14 Mar 2021 02:47:44 GMT
ETag: "10a9d-5bd762854f400"
Accept-Ranges: bytes
Content-Length: 68253
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2
94.23.45.221200 OK 14 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2
IP 94.23.45.221:0
Hash 309e1a27ab5c8722dea8f46fc8c384d5
784a35686079a37cf469e27fd7efa1b2fac7ac97
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "3719-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 14105
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-includes/js/wp-embed.min.js?ver=5.8.5
94.23.45.221200 OK 1.4 kB URL HTTP/1.1 ecosiam.ma/wp-includes/js/wp-embed.min.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (1391)
Hash 905225d5711b559d3092387d5ffbedbd
6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
GET /wp-includes/js/wp-embed.min.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:13 GMT
ETag: "592-5d8124a699e40"
Accept-Ranges: bytes
Content-Length: 1426
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.0
94.23.45.221200 OK 2.9 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.0
IP 94.23.45.221:0
File type HTML document, ASCII text, with very long lines (2921), with no line terminators
Hash 3b46b5b1a3ab31bc5603156781dbae05
93db4cd557fed145fa94eb4c83504b41092a0a1a
6e244abc7224f0d09a459628f4b146d1eab85dbeafad852405cd2dfca3648469
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.0 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:10 GMT
ETag: "b69-5d8124a3bd780"
Accept-Ranges: bytes
Content-Length: 2921
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-lazyLoading.js?ver=5.8.5
94.23.45.221200 OK 12 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/thegem-lazyLoading.js?ver=5.8.5
IP 94.23.45.221:0
Hash 572ec923e80ba8ed8d71a6781b3f9643
363284396c3f83191e3256b01134f36c94126990
255549f42ac7c26f7d657183f1bef962d7a195c73d3410898907d20e26bad26d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/thegem-lazyLoading.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Wed, 18 Aug 2021 16:29:28 GMT
ETag: "2f1d-5c9d7f02a2a00"
Accept-Ranges: bytes
Content-Length: 12061
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/odometer.js?ver=5.8.5
94.23.45.221200 OK 21 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/odometer.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (447), with CRLF line terminators
Hash 03cee585dc5ccbd17038109764b1bad2
852e74c4ffd8bf6d3ffb19a9b3d6548d1edf970f
cc2b99728c70376595c682d950f6ccf9233361509c1dc9f7f8459b97cccd4d1f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/odometer.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 22 Feb 2021 16:26:00 GMT
ETag: "5259-5bbef41daf600"
Accept-Ranges: bytes
Content-Length: 21081
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/counter/assets/js/thegem-counters.js
94.23.45.221200 OK 1.8 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/counter/assets/js/thegem-counters.js
IP 94.23.45.221:0
Hash bdb4db8b4ac2b84b6b5e6fdc9b2314cb
cfd3f0f638a12a90b604db889de545d6919f18fb
24b412f906c584ce043ad8d593dd538cd5827be84ff8bbd642130f61af8902e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/counter/assets/js/thegem-counters.js HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:06 GMT
ETag: "6de-5d55044726180"
Accept-Ranges: bytes
Content-Length: 1758
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/team/assets/js/thegem-team-hover.js
94.23.45.221200 OK 4.2 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/team/assets/js/thegem-team-hover.js
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash f7aabc7fedc0d795dae96f8bbb3ac091
e036e15936ffdaf5eb4669a4483faeb47c11a205
e64a4c4cbf0f8792d2f3f4c33142634f764036df1dd2b94608482da653279b9d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/team/assets/js/thegem-team-hover.js HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:06 GMT
ETag: "106b-5d55044726180"
Accept-Ranges: bytes
Content-Length: 4203
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/jquery.touchSwipe.min.js?ver=5.8.5
94.23.45.221200 OK 12 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/jquery.touchSwipe.min.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (11969), with no line terminators
Hash 938114de9f102f3797bdcca94089e52e
13ea5f32ec0e653bf9f814cf1ad8cc885ae483b3
2457851c744cac5ef83b9485017d9d17242906f10f90071b8706b7c850e26343
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/jquery.touchSwipe.min.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "2ec1-5bad914409680"
Accept-Ranges: bytes
Content-Length: 11969
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.227200 OK 13 kB URL HTTP/1.1 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ecosiam.ma
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 13036
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 05:43:23 GMT
Expires: Fri, 01 Dec 2023 05:43:23 GMT
Cache-Control: public, max-age=31536000
Age: 445833
Last-Modified: Wed, 27 Apr 2022 16:04:42 GMT
Content-Type: font/woff2
ecosiam.ma/wp-content/themes/thegem-elementor/js/jquery.carouFredSel.js?ver=5.8.5
94.23.45.221200 OK 55 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/jquery.carouFredSel.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (32032), with CRLF line terminators
Hash 261216c12320526fa5e2d917f37f9878
d822bf383ff9483295eba1fd4c87a108fd67ad74
3cf03a6e87ef95d866c4715da2c9845b52c3569d7a1ac20935027fc017a430ac
GET /wp-content/themes/thegem-elementor/js/jquery.carouFredSel.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "d610-5bad914409680"
Accept-Ranges: bytes
Content-Length: 54800
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/testimonials/assets/js/testimonials-carousel.js
94.23.45.221200 OK 3.0 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/testimonials/assets/js/testimonials-carousel.js
IP 94.23.45.221:0
File type HTML document, ASCII text
Hash 19f31b27cf13261d8c6c977f495ea292
736b33e123241084e60fea2c14dff90fa8ed3de8
c4fecf173f9890849500e92a40afb5c020f43f4249d3078cb13c59f1846d4a86
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/testimonials/assets/js/testimonials-carousel.js HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:40:06 GMT
ETag: "bcf-5d55044726180"
Accept-Ranges: bytes
Content-Length: 3023
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.7
94.23.45.221200 OK 4.9 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.7
IP 94.23.45.221:0
File type ASCII text, with very long lines (4840)
Hash 7234ae733ce669efb42eca5fc3045ab8
7e094eb47e57aa7647ebc75c9900c236dac9f48d
bd1bff7954f120af88956d2577e4ae604e2f761c13ca0c494d7dd690cab41106
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.7 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "130f-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 4879
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.7
94.23.45.221200 OK 14 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.7
IP 94.23.45.221:0
File type ASCII text, with very long lines (13963)
Hash 865711a1b386bdedc1772484f283312e
0b082280b1cadb3003fed183f25ab11679c5886b
e91268ba3ec9909ec8544cc5ac11e8a8ab01594816250240f0a33be97eb887c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.7 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "36b2-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 14002
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/js/isotope.min.js?ver=5.8.5
94.23.45.221200 OK 41 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/js/isotope.min.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (32029), with CRLF line terminators
Hash c0896c643ae03973fbe97dd21c92b92f
db4d93b00ca92476538f10b32696b96691d8c1f4
bb48b1728896c6e57d5e750a5556a59fd9289222c10170a7cce271bd92889ef3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/js/isotope.min.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 18 May 2021 21:04:12 GMT
ETag: "9f9a-5c2a10d498b00"
Accept-Ranges: bytes
Content-Length: 40858
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.0
94.23.45.221200 OK 5.0 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.0
IP 94.23.45.221:0
File type ASCII text, with very long lines (4922)
Hash 53567a2f3e91727b7726f53cdeacad5e
75e3fd744bfd6df50672a5ff95780eb76053b1bb
22bda32d4df588760e75a3f7bea7f6fa13995094e1ba6430db31e95f45a0ec3f
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.0 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:09 GMT
ETag: "1365-5d8124a2c9540"
Accept-Ranges: bytes
Content-Length: 4965
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.0
94.23.45.221200 OK 20 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.0
IP 94.23.45.221:0
File type ASCII text, with very long lines (20250)
Hash 20e60eeb40db5552fb7bb122fbf52911
d1de88844a3391b22c777b4e31bae62d532a8b8c
f83c0c2a429f7f7708f733e8b9a2784d866d819247e65f044b85960419d9a4b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.0 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:09 GMT
ETag: "4f45-5d8124a2c9540"
Accept-Ranges: bytes
Content-Length: 20293
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecosiam.ma/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
94.23.45.221200 OK 12 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 94.23.45.221:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:09 GMT
ETag: "2fa6-5d8124a2c9540"
Accept-Ranges: bytes
Content-Length: 12198
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
94.23.45.221200 OK 21 kB URL HTTP/1.1 ecosiam.ma/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
IP 94.23.45.221:0
File type ASCII text, with very long lines (7973)
Hash 49fa677b9cd7ddf221dc06537b35e10f
7485f3f99c3c1a57197f2b099f3f8d68b8609d06
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:13 GMT
ETag: "5133-5d8124a699e40"
Accept-Ranges: bytes
Content-Length: 20787
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
94.23.45.221200 OK 139 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 94.23.45.221:0
File type ASCII text, with very long lines (65280)
Size 139 kB (139153 bytes)
Hash 15bb2b8491fc7e84137d65f610e1685a
cd76b70a5426893e9c022b9a75c50a7c1348e2d0
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:09 GMT
ETag: "21f91-5d8124a2c9540"
Accept-Ranges: bytes
Content-Length: 139153
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.7
94.23.45.221200 OK 2.6 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.7
IP 94.23.45.221:0
File type ASCII text, with very long lines (2577)
Hash 9bb8540493a7fe11b229870eb37be165
d77f17cb9057dc8f622b8c0bf23f6acb739b3b8e
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.7 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:09 GMT
ETag: "a12-5d8124a2c9540"
Accept-Ranges: bytes
Content-Length: 2578
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
94.23.45.221200 OK 11 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
IP 94.23.45.221:0
File type ASCII text, with very long lines (10725)
Hash 58baf0f238d7afc7ab926b8d51e5b559
8515e5f578269e29c048450f78c107935d325dff
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "2a6f-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 10863
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ecosiam.ma
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 356625
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ecosiam.ma/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.7
94.23.45.221200 OK 37 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.7
IP 94.23.45.221:0
File type ASCII text, with very long lines (36566)
Hash 794187659472213b74553d71cda0a5c5
b919b0fb2bc2f672e5ec0deb713b40b5e62a3ec1
ce8b36c2b69b8ba39cf14fbcfca379233556fa6a51df3a361795012a22935dca
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.7 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "8efd-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 36605
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.7
94.23.45.221200 OK 32 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.7
IP 94.23.45.221:0
File type ASCII text, with very long lines (32235)
Hash 75af0c1968f22801b803b34325c059f9
4ca9b9795df718b098c86a68f21fa5d9b2649494
070e9c4067b7b755decf6775ef626b600946fe297f87eaf89bd383166d8de301
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.7 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "7e12-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 32274
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-includes/js/underscore.min.js?ver=1.13.1
94.23.45.221200 OK 19 kB URL HTTP/1.1 ecosiam.ma/wp-includes/js/underscore.min.js?ver=1.13.1
IP 94.23.45.221:0
File type ASCII text, with very long lines (19041)
Hash 3d4eded8f539eacea148e8fc2e5eeba9
69256a9300408c05fc3fbeca2ee16b99bf49c573
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.1 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:13 GMT
ETag: "4a84-5d8124a699e40"
Accept-Ranges: bytes
Content-Length: 19076
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.5.0
94.23.45.221200 OK 6.6 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.5.0
IP 94.23.45.221:0
File type ASCII text, with very long lines (6595), with no line terminators
Hash e16a8821e5f099c3a619889ea7cf0399
a38e0c736aaf0b019b29b63b00e68c1381502217
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.5.0 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:09 GMT
ETag: "19c3-5d8124a2c9540"
Accept-Ranges: bytes
Content-Length: 6595
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-includes/js/wp-util.min.js?ver=5.8.5
94.23.45.221200 OK 1.3 kB URL HTTP/1.1 ecosiam.ma/wp-includes/js/wp-util.min.js?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with very long lines (1305)
Hash 8637362089372427b52fa10a43d8109c
6009bed674718329dce6055ab09fa95181162d81
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:13 GMT
ETag: "53c-5d8124a699e40"
Accept-Ranges: bytes
Content-Length: 1340
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecosiam.ma/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.6.8.1
94.23.45.221200 OK 754 B URL HTTP/1.1 ecosiam.ma/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.6.8.1
IP 94.23.45.221:0
File type ASCII text, with very long lines (754), with no line terminators
Hash afb55c29bdbcfc262d9fa56743572cad
d4b6cb9df2b1b5477cd968fb05cf5faa1d13d6bf
c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba
GET /wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.6.8.1 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:10 GMT
ETag: "2f2-5d8124a3bd780"
Accept-Ranges: bytes
Content-Length: 754
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/themes/thegem-elementor/fonts/thegem-icons.woff
94.23.45.221200 OK 21 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/fonts/thegem-icons.woff
IP 94.23.45.221:0
File type Web Open Font Format, TrueType, length 21380, version 1.0\012- data
Hash a706a9a51acc33ca9daddd84c08e12d9
f723305e4b84c3696ce3be86b96df647eba6430f
27fcd6c5455678826a6e24993c652d4471017ac9fa8d365df85fa53043ec6cda
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/fonts/thegem-icons.woff HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ecosiam.ma/wp-content/themes/thegem-elementor/style.css?ver=5.8.5
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Thu, 09 Sep 2021 12:35:14 GMT
ETag: "5384-5cb8f3afd6480"
Accept-Ranges: bytes
Content-Length: 21380
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/font-woff
ecosiam.ma/wp-content/themes/thegem-elementor/fonts/thegem-socials.woff
94.23.45.221200 OK 37 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/fonts/thegem-socials.woff
IP 94.23.45.221:0
File type Web Open Font Format, TrueType, length 36664, version 1.0\012- data
Hash 7acc8a4c341f257564da48ba984f2267
749a409a9dcba53bde6cdef5cc9331325541bd3e
7604e2c8e1abda7673ee2c62855e5a95c200207e29e52dd4a8c4712e5399f792
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/fonts/thegem-socials.woff HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ecosiam.ma/wp-content/themes/thegem-elementor/style.css?ver=5.8.5
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Thu, 27 May 2021 16:47:22 GMT
ETag: "8f38-5c3528359fa80"
Accept-Ranges: bytes
Content-Length: 36664
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/font-woff
ecosiam.ma/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
94.23.45.221200 OK 78 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 94.23.45.221:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ecosiam.ma/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "13174-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 78196
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
216.58.207.227200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Hash 1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ecosiam.ma
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22504
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 20:57:20 GMT
Expires: Wed, 29 Nov 2023 20:57:20 GMT
Cache-Control: public, max-age=31536000
Age: 563796
Last-Modified: Tue, 26 Apr 2022 16:04:16 GMT
Content-Type: font/woff2
ecosiam.ma/wp-content/uploads/2022/01/6.jpg
94.23.45.221200 OK 23 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/2022/01/6.jpg
IP 94.23.45.221:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1900x985, components 1\012- data
Hash f70aa457e88c099e39fd6d355958900c
3859bb7b3b244267521935e338ca877ce8fbc06d
5cc50b5a3a4d0b7b6f2916918d7fc21229399576291002168cfbaf2b33859822
GET /wp-content/uploads/2022/01/6.jpg HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/wp-content/uploads/elementor/css/post-1369.css?ver=1642077920
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 13:41:19 GMT
ETag: "5a25-5d54e9ba4fdc0"
Accept-Ranges: bytes
Content-Length: 23077
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
ecosiam.ma/wp-content/themes/thegem-elementor/css/post-arrow.svg
94.23.45.221200 OK 378 B URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/post-arrow.svg
IP 94.23.45.221:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text
Hash 847434ea4a7dccc66b6593296e7494dc
5e83fe52cbd4e765724c4b3ceb1f77c08175a74b
5e4fb3f455c5b44896928c67b0838ddc06ef11df950641d6119afd63b0756253
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/css/post-arrow.svg HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "17a-5bad914409680"
Accept-Ranges: bytes
Content-Length: 378
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/svg+xml
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ecosiam.ma
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:43:28 GMT
Expires: Wed, 29 Nov 2023 17:43:28 GMT
Cache-Control: public, max-age=31536000
Age: 575428
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ecosiam.ma
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 12:33:36 GMT
Expires: Fri, 01 Dec 2023 12:33:36 GMT
Cache-Control: public, max-age=31536000
Age: 421220
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Content-Type: font/woff2
ecosiam.ma/wp-content/uploads/2022/01/101010-1536x512.jpg
94.23.45.221200 OK 40 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/2022/01/101010-1536x512.jpg
IP 94.23.45.221:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1536x512, components 3\012- data
Hash 69b50f12f91b64a17be50a932d7fd6cd
ffa5f45ae7aefd8c4db2da52c4dd550a4a676a3d
fd6c82799ccbca6b28f318f3d8c5a6c9a915b71f0c1003db559cc26e303a00bf
GET /wp-content/uploads/2022/01/101010-1536x512.jpg HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:54:53 GMT
ETag: "9dc8-5d5507950ed40"
Accept-Ranges: bytes
Content-Length: 40392
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
ecosiam.ma/wp-content/uploads/thegem-logos/logo_7821aa98200e1547d743bed855693204_1x.png
94.23.45.221200 OK 6.4 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/thegem-logos/logo_7821aa98200e1547d743bed855693204_1x.png
IP 94.23.45.221:0
File type PNG image data, 191 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f7a6649012b8b97385e81e5b2fb25f3
1a8f2595cde83744114114a226e774d01a7a4ece
0020f7aa07162ad3c75dde53b6792f53f85132cef688f6c7dd58730ca4362141
GET /wp-content/uploads/thegem-logos/logo_7821aa98200e1547d743bed855693204_1x.png HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Fri, 14 Jan 2022 16:48:08 GMT
ETag: "1905-5d58d9146e200"
Accept-Ranges: bytes
Content-Length: 6405
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
216.58.207.227200 OK 13 kB URL HTTP/1.1 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Hash 1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ecosiam.ma
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 12956
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 16:11:01 GMT
Expires: Sun, 03 Dec 2023 16:11:01 GMT
Cache-Control: public, max-age=31536000
Age: 235375
Last-Modified: Wed, 27 Apr 2022 16:54:52 GMT
Content-Type: font/woff2
ecosiam.ma/wp-content/uploads/thegem-logos/logo_d4608e2953120a4525ed5ab001a696a4_1x.png
94.23.45.221200 OK 3.6 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/thegem-logos/logo_d4608e2953120a4525ed5ab001a696a4_1x.png
IP 94.23.45.221:0
File type PNG image data, 132 x 46, 8-bit colormap, non-interlaced\012- data
Hash 26c339137998b8dd9177dbefe77b88c8
82018a852595127c09a7c0a764767b79cabf44aa
06206bb0b30d66acdb3f9079e9fd891ba12886ce64552b6cdce6d06822b87c57
GET /wp-content/uploads/thegem-logos/logo_d4608e2953120a4525ed5ab001a696a4_1x.png HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Fri, 14 Jan 2022 16:48:08 GMT
ETag: "e25-5d58d9146e200"
Accept-Ranges: bytes
Content-Length: 3621
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
ecosiam.ma/wp-content/uploads/2022/01/220279269_1982647508568763_3630810262676481784_n.jpg
94.23.45.221200 OK 256 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/2022/01/220279269_1982647508568763_3630810262676481784_n.jpg
IP 94.23.45.221:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2], progressive, precision 8, 1974x1316, components 3\012- data
Size 256 kB (256362 bytes)
Hash 6761603f3e22fca81a2d2baab98191b1
cdff8f7d6ce2d56ec3407112a384cced54cd864d
c8debb865c4ef50212567b75756cd5f163cc45fa4649a99cda219dd396a6d3e3
GET /wp-content/uploads/2022/01/220279269_1982647508568763_3630810262676481784_n.jpg HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/wp-content/uploads/elementor/css/post-1369.css?ver=1642077920
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Wed, 12 Jan 2022 00:42:18 GMT
ETag: "3e96a-5d557d7814e80"
Accept-Ranges: bytes
Content-Length: 256362
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
ecosiam.ma/wp-content/uploads/2022/01/Logo-accreditation.png
94.23.45.221200 OK 32 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/2022/01/Logo-accreditation.png
IP 94.23.45.221:0
File type PNG image data, 160 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash cb93493a3283894bd71a6d92a6f47f07
127cdad267ee3f1016d3eff6879ec7e2153968b6
6cdf924aa60f86ef09c7df6b29ccc483fda12c398e17b63a262a4523d9296dfe
GET /wp-content/uploads/2022/01/Logo-accreditation.png HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:50:09 GMT
ETag: "7bff-5d55068636e40"
Accept-Ranges: bytes
Content-Length: 31743
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
ecosiam.ma/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.6
94.23.45.221200 OK 331 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.6
IP 94.23.45.221:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2048x1365, components 3\012- data
Size 331 kB (330737 bytes)
Hash ffd5b66baaf96344e39aa98403d7883f
82fcf366e76ff885c36d42db6c0d3e357c9aaed5
5563ab98ef071063fdcf464ae09cd62e41401c75dc6f072855f2dc6082eae7ec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.6 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 13:35:21 GMT
ETag: "5c2ff-5d54e864e5840"
Accept-Ranges: bytes
Content-Length: 377599
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/uploads/2022/01/6-1-1.jpg
94.23.45.221200 OK 99 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/2022/01/6-1-1.jpg
IP 94.23.45.221:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1900x1663, components 3\012- data
Hash 7af9d42f0fbd8d526d4d4df69bad144b
dc24356e245fefb08c9709c3edc948df9d6b972b
a1697bfe17f08c7dcaaf473cb95e02e67208b85699aa2668ba04f42bd0c11e07
GET /wp-content/uploads/2022/01/6-1-1.jpg HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/wp-content/uploads/elementor/css/post-1369.css?ver=1642077920
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 13:41:50 GMT
ETag: "18177-5d54e9d7e0380"
Accept-Ranges: bytes
Content-Length: 98679
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
ecosiam.ma/wp-content/uploads/layerslider/Summer-Collection/ls-slider-181-slide-1.jpg
94.23.45.221200 OK 78 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/layerslider/Summer-Collection/ls-slider-181-slide-1.jpg
IP 94.23.45.221:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1170x549, components 3\012- data
Hash 27465adf00b69e0d55213bfe527a171f
f87146041d481da31de604ea36e8d7baaa605f07
43f6e7216fae88f8bfab24818e2fb38143778126326624c7feb555078f732c61
GET /wp-content/uploads/layerslider/Summer-Collection/ls-slider-181-slide-1.jpg HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 15:17:54 GMT
ETag: "12f89-5d54ff50dac80"
Accept-Ranges: bytes
Content-Length: 77705
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
ecosiam.ma/wp-content/uploads/2022/01/219921013_1982647445235436_1834249047811565152_n.jpg
94.23.45.221200 OK 204 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/2022/01/219921013_1982647445235436_1834249047811565152_n.jpg
IP 94.23.45.221:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2], progressive, precision 8, 1974x1316, components 3\012- data
Size 204 kB (204277 bytes)
Hash 9f01345ffc0ce42ea16e048f042d6b9d
6c43f9202ec1f8675a33798bd3ae3189ef3eb8ee
5edc41ddb1246d9aff6b3c07dae1aadfc4f63ec4ccb6159c5393c4872b9ba0c1
GET /wp-content/uploads/2022/01/219921013_1982647445235436_1834249047811565152_n.jpg HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/wp-content/uploads/elementor/css/post-1369.css?ver=1642077920
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Wed, 12 Jan 2022 00:53:04 GMT
ETag: "31df5-5d557fe027c00"
Accept-Ranges: bytes
Content-Length: 204277
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
ecosiam.ma/wp-content/themes/thegem-elementor/css/icons-material.css?ver=1.0.0
94.23.45.221200 OK 66 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/icons-material.css?ver=1.0.0
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash ca62303a97d4cd9407698781a7b17c37
16c3f7e79da9b44f198b9dcba74f2dec91a24073
84a943f8f9a0c48bf7f813a9bd764f58112e9ae2d88fab7709fee5074bd27b4e
GET /wp-content/themes/thegem-elementor/css/icons-material.css?ver=1.0.0 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:57 GMT
Server: Apache
Last-Modified: Thu, 23 Apr 2020 12:59:22 GMT
ETag: "100f9-5a3f4d1471e80"
Accept-Ranges: bytes
Content-Length: 65785
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/css/icons-elegant.css?ver=5.8.5
94.23.45.221200 OK 19 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/icons-elegant.css?ver=5.8.5
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash df7dd64af4c1f201f4d889aebbd982b1
ad09fe7731c2dc17395789d8d02ef0d063aaccce
cfc077cfb00e398a4da3e9e56bdf196797d737fd823fd6c60fae31669cc17c78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/css/icons-elegant.css?ver=5.8.5 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:57 GMT
Server: Apache
Last-Modified: Mon, 30 Mar 2020 21:35:08 GMT
ETag: "4bf9-5a219399c9b00"
Accept-Ranges: bytes
Content-Length: 19449
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/themes/thegem-elementor/css/icons-elegant.css?ver=1.0.0
94.23.45.221200 OK 19 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/css/icons-elegant.css?ver=1.0.0
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash df7dd64af4c1f201f4d889aebbd982b1
ad09fe7731c2dc17395789d8d02ef0d063aaccce
cfc077cfb00e398a4da3e9e56bdf196797d737fd823fd6c60fae31669cc17c78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/css/icons-elegant.css?ver=1.0.0 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:57 GMT
Server: Apache
Last-Modified: Mon, 30 Mar 2020 21:35:08 GMT
ETag: "4bf9-5a219399c9b00"
Accept-Ranges: bytes
Content-Length: 19449
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/uploads/2018/12/logo-ecosiam.png
94.23.45.221200 OK 8.3 kB URL HTTP/1.1 ecosiam.ma/wp-content/uploads/2018/12/logo-ecosiam.png
IP 94.23.45.221:0
File type PNG image data, 220 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash 344db5708c312002b89ee462282fd756
612519bffbd2715fa1e8629c2ecb4b93420ffba8
09db6c9b355eaaa447878e0be95b6d734b54e8d410fdbf00c0c4c5c8eb894a73
GET /wp-content/uploads/2018/12/logo-ecosiam.png HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:57 GMT
Server: Apache
Last-Modified: Wed, 12 Jan 2022 18:39:33 GMT
ETag: "206f-5d566e40d2340"
Accept-Ranges: bytes
Content-Length: 8303
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6117
Cache-Control: max-age=109617
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:33:57 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 16:00:54 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ecosiam.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: DMn9JtNmDZ4kCNZespIqQ3e/iV9qSDrJydxLNrOr7xRiAbb9L9+6iVT8/H+jUH6WQ2L/PDI2Qj4UlUOaTveXpw==
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 09:33:57 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6117
Cache-Control: max-age=109617
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:33:57 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 16:00:54 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ecosiam.ma/wp-content/themes/thegem-elementor/fonts/material/materialdesignicons.woff
94.23.45.221200 OK 88 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/fonts/material/materialdesignicons.woff
IP 94.23.45.221:0
File type Web Open Font Format, TrueType, length 88492, version 1.0\012- data
Hash 4957887614ccc9456a40789924f4df2a
71da0b3f089e0c502a25576ea931a25204819c16
4d53fbbcf651e6ed2e9dd1a23b5e65359ff8368ba1e1c4fee3ef499510c51397
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/fonts/material/materialdesignicons.woff HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ecosiam.ma/wp-content/themes/thegem-elementor/css/icons-material.css?ver=1.0.0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:57 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "159ac-5bad914409680"
Accept-Ranges: bytes
Content-Length: 88492
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: application/font-woff
ecosiam.ma/wp-content/themes/thegem-elementor/fonts/elegant/ElegantIcons.woff
94.23.45.221200 OK 64 kB URL HTTP/1.1 ecosiam.ma/wp-content/themes/thegem-elementor/fonts/elegant/ElegantIcons.woff
IP 94.23.45.221:0
File type Web Open Font Format, CFF, length 63664, version 1.0\012- data
Hash fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thegem-elementor/fonts/elegant/ElegantIcons.woff HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ecosiam.ma/wp-content/themes/thegem-elementor/css/icons-elegant.css?ver=5.8.5
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:57 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2021 20:33:14 GMT
ETag: "f8b0-5bad914409680"
Accept-Ranges: bytes
Content-Length: 63664
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/font-woff
ecosiam.ma/wp-content/plugins/contact-form-7/images/ajax-loader.gif
94.23.45.221200 OK 847 B URL HTTP/1.1 ecosiam.ma/wp-content/plugins/contact-form-7/images/ajax-loader.gif
IP 94.23.45.221:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash af962b37779a443a77ab836b3b7a93f5
cad7feb11183c71b87470e11e022b16ecdcc7ac9
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
GET /wp-content/plugins/contact-form-7/images/ajax-loader.gif HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:57 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:08 GMT
ETag: "34f-5d8124a1d5300"
Accept-Ranges: bytes
Content-Length: 847
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/gif
www.facebook.com/tr/?id=625459655805346&ev=PageView&dl=http%3A%2F%2Fecosiam.ma%2F&rl=&if=false&ts=1670319237672&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670319237671.498248788&it=1670319237294&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=625459655805346&ev=PageView&dl=http%3A%2F%2Fecosiam.ma%2F&rl=&if=false&ts=1670319237672&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670319237671.498248788&it=1670319237294&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=625459655805346&ev=PageView&dl=http%3A%2F%2Fecosiam.ma%2F&rl=&if=false&ts=1670319237672&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670319237671.498248788&it=1670319237294&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ecosiam.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 06 Dec 2022 09:33:57 GMT
X-Firefox-Spdy: h2
ecosiam.ma/wp-content/plugins/LayerSlider/assets/static/layerslider/skins/numbers/skin.css
94.23.45.221200 OK 9.6 kB URL HTTP/1.1 ecosiam.ma/wp-content/plugins/LayerSlider/assets/static/layerslider/skins/numbers/skin.css
IP 94.23.45.221:0
File type ASCII text, with CRLF line terminators
Hash b7937b89d6696c73236947f2cb612f86
4e9b7078ad5453a033f9b600706f74dc61a59291
6903b5000ccc24709e369659f00c85b6f35b03b7d8202f00057f50a2d67ca06d
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/skins/numbers/skin.css HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
Cookie: _fbp=fb.1.1670319237671.498248788
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:57 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 13:35:19 GMT
ETag: "2593-5d54e862fd3c0"
Accept-Ranges: bytes
Content-Length: 9619
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: text/css
ecosiam.ma/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.5.0
94.23.45.221200 OK 0 B URL HTTP/1.1 ecosiam.ma/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.5.0
IP 94.23.45.221:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.5.0 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 17:59:09 GMT
ETag: "1f89e-5d8124a2c9540"
Accept-Ranges: bytes
Content-Length: 129182
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
ecosiam.ma/wp-content/uploads/2022/01/finance-copta-icon.png
94.23.45.221200 OK 0 B URL HTTP/1.1 ecosiam.ma/wp-content/uploads/2022/01/finance-copta-icon.png
IP 94.23.45.221:0
GET /wp-content/uploads/2022/01/finance-copta-icon.png HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Wed, 12 Jan 2022 00:22:14 GMT
ETag: "1adc0-5d5578fbdb980"
Accept-Ranges: bytes
Content-Length: 110016
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png
ecosiam.ma/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.6
94.23.45.221200 OK 0 B URL HTTP/1.1 ecosiam.ma/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.6
IP 94.23.45.221:0
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.6 HTTP/1.1
Host: ecosiam.ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecosiam.ma/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:33:56 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 13:35:21 GMT
ETag: "1e4e6-5d54e864e5840"
Accept-Ranges: bytes
Content-Length: 124134
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.5
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.5
IP 142.250.74.74:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ecosiam.ma/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 09:33:56 GMT
date: Tue, 06 Dec 2022 09:33:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2