Report - draitseddik.ma/

Report Overview

Submitted URL
draitseddik.ma/
IP
145.239.140.147
ASN
#16276 OVH SAS
Submitted
2022-09-24 18:22:00
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	9.8 kB	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	110 kB	142.250.74.163
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	20 kB	142.250.74.174
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	68 kB	34.120.237.76
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	694 B	142.250.74.3
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
draitseddik.ma	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	1.2 MB	145.239.140.147
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.39.175.179
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	3.0 kB	142.250.74.10
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	587 B	709 B	64.233.162.157
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-24	medium	draitseddik.ma/	Phishing
2022-09-24	medium	draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/wpforms.js?ver=1.5.3.1	Phishing
2022-09-24	medium	draitseddik.ma/wp-includes/js/wp-embed.min.js?ver=5.2.16	Phishing
2022-09-24	medium	draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.0	Phishing
2022-09-24	medium	draitseddik.ma/wp-includes/css/dist/block-library/style.min.css?ver=5.2.16	Phishing
2022-09-24	medium	draitseddik.ma/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.9.2	Phishing
2022-09-24	medium	draitseddik.ma/wp-includes/css/dashicons.min.css?ver=5.2.16	Phishing
2022-09-24	medium	draitseddik.ma/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js?ver=1.9.2	Phishing
2022-09-24	medium	draitseddik.ma/wp-content/themes/Divi/core/admin/js/common.js?ver=3.24	Phishing
2022-09-24	medium	draitseddik.ma/	Phishing
2022-09-24	medium	draitseddik.ma/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	Phishing
2022-09-24	medium	draitseddik.ma/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	Phishing
2022-09-24	medium	draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2	Phishing
2022-09-24	medium	draitseddik.ma/wp-content/themes/Divi/js/custom.min.js?ver=3.24	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (36)

	URL	Size	First Seen	Last Seen
	draitseddik.ma/	356 B	2023-03-07	2023-05-25
Pretty URL draitseddik.ma/ IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2023-05-25 20:21:14 Times Seen4 Hash 05e1a6011a1a9abe99d74e569aec9de3 e4746bed7a5bf18ed3180e78e86963fccd6f194c f42db51f8da17b167fb63de524a741d1c067baf0a9f053a14e3df23d32d61266 Loading...

	draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2	4.0 kB	2023-03-07	2024-04-19
Pretty URL draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:05 Last Seen2024-04-19 05:29:07 Times Seen3066 Hash 84cdf2af726ea0ad5c67b7ec6479e363 bba43108f022eaa28a7637c1ed7b7cb287d1691d 8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 17:05:57 Times Seen36963227 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d33.68754549859888&2d-7.416057166530048&2m2&1d33.72119071624302&2d-7.37589997127736&2u12&4sen&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._48guvm&client=google-maps-embed&token=72390	4.1 kB	2023-03-07	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d33.68754549859888&2d-7.416057166530048&2m2&1d33.72119071624302&2d-7.37589997127736&2u12&4sen&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._48guvm&client=google-maps-embed&token=72390 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2023-03-08 00:35:25 Times Seen1 Hash 73d7a9cb1fed7b0255bc5cb5e966f8c4 fe463150063af74754dc8d55e655aa9ea9430da0 2b9196d654ce0a83321076a23a9157f76ab2bca253c2dd0507625b2986cbc0c6 Loading...

	draitseddik.ma/	353 B	2023-03-07	2023-05-25
Pretty URL draitseddik.ma/ IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2023-05-25 20:21:13 Times Seen4 Hash 9bbbc641436b85142e75ce23ccaa2afa cd7e6d6378698b7355beffd19faf4726685392fb defd9cdc06017726d27206f6879c5e7532709e14b348e5085094ca922bda63c6 Loading...

	draitseddik.ma/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.9.2	1.5 kB	2023-03-07	2024-04-16
Pretty URL draitseddik.ma/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.9.2 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:23 Last Seen2024-04-16 07:13:32 Times Seen357 Hash b554a878cd1c765decedc9aabcb7b103 431c26ab8bf86e3497397b44fb2774a4ca1f79aa bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/6/onion.js	28 kB	2023-03-07	2023-03-08
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/6/onion.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:53:41 Last Seen2023-03-08 03:07:26 Times Seen1 Hash 504e2af1af235b43a9f7087334afe36b bdb6022c92e76752ac0860db6472c3d717eeb6b8 34725ee368d02e21f81a344faf32a5b543d3294ed4bc3aa4a7ee50b7dc08b44f Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/6/search_impl.js	2.8 kB	2023-03-07	2023-03-08
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/6/search_impl.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:54:54 Last Seen2023-03-08 03:07:26 Times Seen1 Hash e68d4a524db9e4eec94e4e574bcf462e 13a4ac9984de00040b2ffa4d9545922c1c8ffa46 0237bccee042a397442b7e204d07e524ffcde76100a42f1ffb5acf3b8fb719ea Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7sg8nsqz&10e1&callback=_xdc_._je60ye&client=google-maps-embed&token=105022	62 B	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7sg8nsqz&10e1&callback=_xdc_._je60ye&client=google-maps-embed&token=105022 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:25 Last Seen2023-03-08 00:35:25 Times Seen1 Hash 1b25186f7751e6c716923b7d7422f4dd e0165a30e67a02f805eb16a0831c846007b37869 b7dfa119e05faede82d58ba0b72c33863e29b0de52899027307faedf8a3c3bf7 Loading...

	draitseddik.ma/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	10 kB	2023-03-07	2024-04-19
Pretty URL draitseddik.ma/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-19 11:30:37 Times Seen37091 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3319.1633637476057!2d-7.398446684794088!3d33.70472148070202!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x15d740426d9abea9!2sM%C3%A9decin+G%C3%A9n%C3%A9raliste+Dr+Soaad+Ait+Seddik!5e0!3m2!1sen!2sae!4v1560113065326!5m2!1sen!2sae	3.5 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3319.1633637476057!2d-7.398446684794088!3d33.70472148070202!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x15d740426d9abea9!2sM%C3%A9decin+G%C3%A9n%C3%A9raliste+Dr+Soaad+Ait+Seddik!5e0!3m2!1sen!2sae!4v1560113065326!5m2!1sen!2sae IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:25 Last Seen2023-03-08 00:35:25 Times Seen1 Hash 542a789c7ae84f372d668f2d33e506bb 48f0ce8852df5750415b762d5bb705c93ddf4579 8ebcf35c5dd2ae068404f7e8f36f87eb5696e40b55ebe198694219ffbdd686de Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/6/map.js	72 kB	2023-03-07	2023-03-08
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/6/map.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:53:41 Last Seen2023-03-08 03:07:26 Times Seen1 Hash 3879b8ce682bd9aeddae1ec171d598e4 cce0e90503509ca5a313c9e2720d41dafab21d43 b123f4c5ea191fa6460046c73664b0be01b82c5344f13a014694848062b82862 Loading...

	draitseddik.ma/	1.3 kB	2023-03-07	2023-05-25
Pretty URL draitseddik.ma/ IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2023-05-25 20:21:14 Times Seen4 Hash dda98e1201d0c7dd6d12c32f6f59602f 40fd82084f1e0cbf8b9056ef4370002449158963 b42df8549c42f4690a274bccbaefe8f75d6e1eb6e6985152eaf27420e320f3c0 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	draitseddik.ma/	2.1 kB	2023-03-07	2023-03-08
Pretty URL draitseddik.ma/ IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2023-03-08 00:35:25 Times Seen1 Hash 7f481585fbf07e3569bfbd78e0175472 01cb0cd34695912c1b5d674772613c9b86b54719 033e3d459544fb228b3fa74f8026bc5dbdcfb805846c239f416d0a09b422fb40 Loading...

	draitseddik.ma/	119 B	2023-03-07	2023-05-25
Pretty URL draitseddik.ma/ IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2023-05-25 20:21:14 Times Seen4 Hash 015ab5d00a92943fad03f58eff8142eb 42b5c0044c9ca97ae6e21ede71e24f8a3b5182b6 c3fb73adc5082601be590706768443226a391a0be4e35686d7a2843c0d1be0b9 Loading...

	draitseddik.ma/wp-content/themes/Divi/core/admin/js/common.js?ver=3.24	1.4 kB	2023-03-07	2024-04-15
Pretty URL draitseddik.ma/wp-content/themes/Divi/core/admin/js/common.js?ver=3.24 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:40 Last Seen2024-04-15 11:39:20 Times Seen1375 Hash 82b34a0f20682b94458a89521a92c7ca cd97bdd72c8f7ca65a37ea7d78ff71580633169a c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b Loading...

	draitseddik.ma/wp-includes/js/wp-embed.min.js?ver=5.2.16	1.4 kB	2023-03-07	2024-04-17
Pretty URL draitseddik.ma/wp-includes/js/wp-embed.min.js?ver=5.2.16 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-17 18:30:12 Times Seen2983 Hash 570ae0f3c201604926ea599d3d1f6c04 2c29243a73660964d4712b969d2a15e27777bc14 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d33.69225455638247&2d-7.4376316652968395&2m2&1d33.71715644445076&2d-7.3548931339732&2u16&4sen&5e0&6sm%40619000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._el41dk&client=google-maps-embed&token=77702	35 kB	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d33.69225455638247&2d-7.4376316652968395&2m2&1d33.71715644445076&2d-7.3548931339732&2u16&4sen&5e0&6sm%40619000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._el41dk&client=google-maps-embed&token=77702 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:25 Last Seen2023-03-08 00:35:25 Times Seen1 Hash 53759f2cf45ca4049ee0f4000e99ffee d249477fa4e29186f9f261aeb4588e384e07d22b db15bd24dea6cf337f3696a6752039329c9d5eb30e0af54488c28b9b409534b7 Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7sg8numr&10e1&callback=_xdc_._yzuuhz&client=google-maps-embed&token=35770	62 B	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7sg8numr&10e1&callback=_xdc_._yzuuhz&client=google-maps-embed&token=35770 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:25 Last Seen2023-03-08 00:35:25 Times Seen1 Hash d10e9044e44325fb69b7d633864b8ade 1630e325720c15d96052645d877d33e61d2136a4 1ae0c6c36d1298e1c99fb47a7bdfcf25b0319823b4e41726d62b40ef0d26b41b Loading...

	draitseddik.ma/	47 B	2023-03-07	2024-04-19
Pretty URL draitseddik.ma/ IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-19 12:31:46 Times Seen6608 Hash 2f518cfc8223c53c44094f57eacc972f a919f586352875054a0a7f438c3e3d33cb5768b3 1d89df5c4aeb93c45e67d479e74ca02e5a104d7e421e4f2415e4a204c9816b0b Loading...

	draitseddik.ma/	1.1 kB	2023-03-08	2023-03-08
Pretty URL draitseddik.ma/ IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:25 Last Seen2023-03-08 00:35:25 Times Seen1 Hash 69c0ff89b18b140754daea22bc4bd663 d0204797c38398431658b431061e2139ee1e6b53 e326356e1fa7b1743ee9a4414983bf207f3d7071ba876ab3de627f985aed7909 Loading...

	maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&callback=_xdc_._lkdbea&client=google-maps-embed&token=130194	62 B	2023-03-07	2023-03-17
Pretty URL maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&callback=_xdc_._lkdbea&client=google-maps-embed&token=130194 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-03-17 12:55:46 Times Seen1 Hash 0e17a392d717b51a588445d5d37fde38 bf28db243e1250adcbc26ead733c95fde9b8ff9d e8787b986ce1452c351a4976cb95b95be50429a278530debf91d524e72a65ec8 Loading...

	draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/wpforms.js?ver=1.5.3.1	49 kB	2023-03-07	2023-12-09
Pretty URL draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/wpforms.js?ver=1.5.3.1 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2023-12-09 19:07:21 Times Seen18 Hash 4401db087df6b6eb489897217d709d35 0eafb60862b194858d1b3172154b155a736dd59f 703c9a583449912e1a7f9b86cb9bf997790ebb9e4dd74d517c61b5e2cd623332 Loading...

	draitseddik.ma/	2.2 kB	2023-03-07	2023-05-25
Pretty URL draitseddik.ma/ IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2023-05-25 20:21:14 Times Seen4 Hash 5615c3ba6e90810192fc00894c29c165 0a3edc20086f018927f1070a5f6d12971d497da5 9ba2ed06c55d83595d0a766de841ad37e191ca313df05ecbac4a48c1ea96e3b4 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/6/util.js	162 kB	2023-03-07	2023-03-08
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/6/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:47:31 Last Seen2023-03-08 03:11:05 Times Seen1 Hash d025c70ff0f9d652f7f2588550a50655 7ccc317814e37ffd3b56c9b4319f7800ccd734fe 7c57756950e7e2a4219d67ac9f6822c57a3bd19484e7cd197e7c3b35fccaa05f Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/6/overlay.js	3.6 kB	2023-03-07	2023-03-08
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/6/overlay.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:54:54 Last Seen2023-03-08 03:07:26 Times Seen1 Hash 8c0b67a456bdaf58f051ef9afafa46ae c45b6fa01721570237877c828a8467cddecf5ba7 30c95c3b9adb7f826844bfd1966319f6801cc3432f57f1c6f79ddb49a64721df Loading...

	draitseddik.ma/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js?ver=1.9.2	3.7 kB	2023-03-07	2024-02-05
Pretty URL draitseddik.ma/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js?ver=1.9.2 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2024-02-05 11:49:31 Times Seen331 Hash 7ff5596e1f2696392ad1280abe83ce9c 7b789a9dc3818b677bba41638489001d1839f5d5 a29506b4cfbfcae55dd6d932ff8c48da7ba9c48413ccdbfc7392a80243795b99 Loading...

	draitseddik.ma/wp-content/themes/Divi/js/custom.min.js?ver=3.24	272 kB	2023-03-07	2023-06-19
Pretty URL draitseddik.ma/wp-content/themes/Divi/js/custom.min.js?ver=3.24 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2023-06-19 03:23:19 Times Seen12 Hash a22241f8d959b230c48f6b785038df44 5821cd2c446663c7eade16dac88d81fe5d84a3d7 afa5f33b58db185004ea0c776e61610ebef5e525269dec35c1d2ddd042d03def Loading...

	draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.0	24 kB	2023-03-07	2024-04-19
Pretty URL draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.0 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-19 15:06:48 Times Seen1730 Hash 23d73c6bd6cbea8f06d0cc227896a827 3815cf11e1020ac70cc86789ba2adaf07d3db434 6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5CFMFVG	140 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5CFMFVG IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:25 Last Seen2023-03-08 00:35:25 Times Seen1 Hash 932d0914ba35f7c2dfdbfaa7dcaf5622 cd4ef25070e1bc6f691e47853e5ebbf98f91e1ec 4f546a966b4df7525452b9b439e9a8e1db257b5607a7a547fe9e4a7ef7e4ccef Loading...

	maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ae&callback=onApiLoad	174 kB	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ae&callback=onApiLoad IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:25 Last Seen2023-03-08 00:35:25 Times Seen1 Hash 9fc7f72c2ab8d95600b65e576c820f54 01b6e5f78dee8dd68ce8f9cd3131147515f42feb 1aaf47b5e248b376d58b12eb3f81d3b47861d86e0548747859067f19008ee004 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/6/common.js	252 kB	2023-03-07	2023-03-08
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/6/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:47:31 Last Seen2023-03-08 03:11:05 Times Seen1 Hash d3fd1f634c6bb18b363f3d03b7b3925e a2a082e3a12138256cc67310c21e4378d4378508 f37f4f2ac2c66956043d95284071e516a633f7113819e8a675a68577c82b29ad Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/6/controls.js	93 kB	2023-03-07	2023-03-08
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/6/controls.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:51:55 Last Seen2023-03-08 03:07:26 Times Seen1 Hash 8c318723077254983c1bc3ac4e3297d6 be2bbb964e8b91022c394fa883f179fafc28bed4 bf527935a58d517ff8b899fdc11893b8f90d413a9a5b82a7d2ef51a2f84519b3 Loading...

	draitseddik.ma/	362 B	2023-03-07	2024-03-17
Pretty URL draitseddik.ma/ IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:26 Last Seen2024-03-17 17:29:48 Times Seen46 Hash ed6f85281c563b677f0499e9f7afe559 3901f21053e2b37204c382aa014b6078a6df3010 185aae9260d344598a757bfedf54f4ff3c8b2c3902d211848afa3e44ea4fe35a Loading...

	draitseddik.ma/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	97 kB	2023-03-07	2024-04-19
Pretty URL draitseddik.ma/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-04-19 11:25:12 Times Seen17720 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

HTTP Transactions (74)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 17:43:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 81lOgLBHvtLL1EI3Kawdz6PH-vx5VWXbZiJ_j92j_P9YMuGOJhOzzg==
Age: 2277

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rRZB-spmRdl1LqYzDMsw7l0_FJkAi6z9M1RnOKIDmzoq6TSf1QZBFw==
age: 49595
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5889
Expires: Sat, 24 Sep 2022 19:59:58 GMT
Date: Sat, 24 Sep 2022 18:21:49 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

draitseddik.ma/

145.239.140.147

301 Moved Permanently

0 B

URL HTTP/1.1
draitseddik.ma/
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 24 Sep 2022 18:21:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Pingback: http://draitseddik.ma/xmlrpc.php
X-Redirect-By: WordPress
Location: https://draitseddik.ma/
X-Powered-By: PHP/7.1.33, PleskLin

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 18:04:17 GMT
Expires: Sat, 24 Sep 2022 18:56:43 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hPuk85iwNJ02nv2ZvOEhEf5XAh0hvTaTq0WpDSRFjTzpanuG8JdGOw==
Age: 1052

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2da72b07775267d4d24baafa47d4c034
5dd5d9a2022b06e222a9c7eee65148f88d390646
7d5fd57da6a29f3ea204e8e11c66acbb393c2fbae64326c830b4818cb3444614

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D5FD57DA6A29F3EA204E8E11C66ACBB393C2FBAE64326C830B4818CB3444614"
Last-Modified: Sat, 24 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Sun, 25 Sep 2022 00:21:36 GMT
Date: Sat, 24 Sep 2022 18:21:50 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4899
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:50 GMT
Last-Modified: Sat, 24 Sep 2022 17:00:11 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.39.175.179

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.175.179:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ci7+MNREyoyco7aAETejuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7ZrlST+Lmids88J16tOAavAAEmU=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

draitseddik.ma/wp-content/uploads/2019/06/DrAitSeddick-Logo_02.jpg

145.239.140.147

200 OK

26 kB

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/06/DrAitSeddick-Logo_02.jpg
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 246x120, components 3\012- data
Size
26 kB (26187 bytes)
Hash
3c085f6321833178aa592036dcf2146b
1da51336a671ab970c0e30d543fe6a4f614eb916
528039e549a63d0e9f7f318f33d12ae76d862331d7913a00da527789c59f7824

HTTP Headers

GET /wp-content/uploads/2019/06/DrAitSeddick-Logo_02.jpg HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/jpeg
content-length: 26187
last-modified: Sun, 09 Jun 2019 20:23:29 GMT
etag: "5cfd6ac1-664b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

draitseddik.ma/wp-content/uploads/2019/05/doctor-07.jpg

145.239.140.147

200 OK

57 kB

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/doctor-07.jpg
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
57 kB (56561 bytes)
Hash
06997ad07b4e8e32ad76514d39533efe
8c2fe32f243bb1786ff67ecc6d34ce28761e1cfc
14c374ce0e905c435bd1ff112be1d8a89b9a9c2f3fe0861c5b1f068b7c00819c

HTTP Headers

GET /wp-content/uploads/2019/05/doctor-07.jpg HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/jpeg
content-length: 56561
last-modified: Sat, 18 May 2019 12:25:59 GMT
etag: "5cdff9d7-dcf1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/uploads/2019/05/health-icon-4-3.png

145.239.140.147

200 OK

1.2 kB

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/health-icon-4-3.png
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1180 bytes)
Hash
a5a9585dd6bb96695c23f2b58d20e457
a177a0c7f5b57b6082f533614032c418a801f57d
3162ec1ee5d48487b6fa06a9656ba137e3339e3ced0609d46d73ae55172b3b00

HTTP Headers

GET /wp-content/uploads/2019/05/health-icon-4-3.png HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/png
content-length: 1180
last-modified: Sat, 18 May 2019 12:26:01 GMT
etag: "5cdff9d9-49c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/uploads/2019/05/health-icon-10-3.png

145.239.140.147

200 OK

902 B

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/health-icon-10-3.png
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
902 B (902 bytes)
Hash
44e9cb140a567b0a37c37e54c4e13979
72f3c972e11af60e94d5f2cd22305f537e2d3e71
a1935272135432fa026a5b6329fded5b5f87c89cbd10cca0faecc934dea6ad70

HTTP Headers

GET /wp-content/uploads/2019/05/health-icon-10-3.png HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/png
content-length: 902
x-accel-version: 0.01
last-modified: Sat, 18 May 2019 12:25:59 GMT
etag: "386-589289a03c745"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/uploads/2019/05/DrAitSeddick-Logo_01.png

145.239.140.147

200 OK

2.4 kB

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/DrAitSeddick-Logo_01.png
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
PNG image data, 83 x 94, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2438 bytes)
Hash
fa8ab2f3b8f544e021d1739d55f3d4d0
ad0257b4a5ab5407977e08ca747bb8d013fca4e4
b58fdd42e9994dd6225125fdfe887a9e1d8969c2801ccbbb161447b4b3867320

HTTP Headers

GET /wp-content/uploads/2019/05/DrAitSeddick-Logo_01.png HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/png
content-length: 2438
last-modified: Sat, 18 May 2019 12:52:05 GMT
etag: "5cdffff5-986"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/uploads/2019/05/health-icon-10-2.png

145.239.140.147

200 OK

861 B

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/health-icon-10-2.png
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
861 B (861 bytes)
Hash
d607ba138a104463ddc0cff575316fe1
9ef64ec6dd254a4efef4f8654d681fc2074dd6f1
9f7cf21b4861a2bd98e1cd2d4342829f9e0e306d978e5058e3ca29301d6714f0

HTTP Headers

GET /wp-content/uploads/2019/05/health-icon-10-2.png HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/png
content-length: 861
x-accel-version: 0.01
last-modified: Sat, 18 May 2019 12:26:19 GMT
etag: "35d-589289b41449d"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/uploads/2019/05/health-icon-16-3.png

145.239.140.147

200 OK

1.3 kB

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/health-icon-16-3.png
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1335 bytes)
Hash
918fd7173a638a6f211bc2761efe7204
57bd5d5f306e3b8d7f7ab7841df3e77c2df2a0b8
f241c0a78712497ec53d5805517438919c65381e6437dd8b009e19b12e8ea6fe

HTTP Headers

GET /wp-content/uploads/2019/05/health-icon-16-3.png HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/png
content-length: 1335
last-modified: Sat, 18 May 2019 12:26:01 GMT
etag: "5cdff9d9-537"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/uploads/2019/05/health-icon-2-3.png

145.239.140.147

200 OK

820 B

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/health-icon-2-3.png
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
820 B (820 bytes)
Hash
b538f12c9d52904ee44c724068005f84
0b39fc29100b34661e210b691162667580ca8752
32e8bcdd04c3c138f08b07697bc9cfda6b084986a825ea7d3ab2c890bb7ce858

HTTP Headers

GET /wp-content/uploads/2019/05/health-icon-2-3.png HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/png
content-length: 820
x-accel-version: 0.01
last-modified: Sat, 18 May 2019 12:26:02 GMT
etag: "334-589289a315b3d"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/uploads/2019/05/doctor-23.jpg

145.239.140.147

200 OK

136 kB

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/doctor-23.jpg
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
136 kB (135863 bytes)
Hash
4f31831e34817db9edb5128b617bea7a
47ff31c726ec536a66c2eec6aca29fa958fc545d
42ebe8a685d5517a37a3389a80406dfa9cea4227bccf74d0fbe9615915e3cf24

HTTP Headers

GET /wp-content/uploads/2019/05/doctor-23.jpg HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/jpeg
content-length: 135863
last-modified: Sat, 18 May 2019 12:26:01 GMT
etag: "5cdff9d9-212b7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/uploads/2019/05/doctor-05.jpg

145.239.140.147

200 OK

95 kB

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/doctor-05.jpg
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
95 kB (95433 bytes)
Hash
84067a58b0ffa17af36df421f741b82c
4c61dfe0a8439916bbd28caa4884855043120341
6d931db22769a698fcf46b02da6d457c84b7277a930071b68edba1c398427ade

HTTP Headers

GET /wp-content/uploads/2019/05/doctor-05.jpg HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/jpeg
content-length: 95433
last-modified: Sat, 18 May 2019 12:26:01 GMT
etag: "5cdff9d9-174c9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

draitseddik.ma/wp-content/uploads/2019/05/CTA-Image-01.jpg

145.239.140.147

200 OK

406 kB

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/CTA-Image-01.jpg
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=762, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], progressive, precision 8, 1920x914, components 3\012- data
Size
406 kB (406343 bytes)
Hash
ee9424e5524f7d1aa66752c8a91064b3
464a6b36592c5ef19de9463d32a67ad8146f2490
786efc240d3a91797e2e9faab25a85b911528c8f3731e0e6060be0b4f26e6e05

HTTP Headers

GET /wp-content/uploads/2019/05/CTA-Image-01.jpg HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/wp-content/cache/et/2/et-core-unified-16618712981497.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:51 GMT
content-type: image/jpeg
content-length: 406343
last-modified: Sat, 18 May 2019 12:25:57 GMT
etag: "5cdff9d5-63347"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/uploads/2019/05/doctor-02.jpg

145.239.140.147

200 OK

136 kB

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/doctor-02.jpg
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x1200, components 3\012- data
Size
136 kB (135702 bytes)
Hash
bff15c0e0b0890bc65e7b68c2f9ddce5
c0880952a0c4859fa845b6b865719197a122bf0f
82355ade1858c0243bffdba10515780e8b137a36eb3f0712a79b3ff00a6275c2

HTTP Headers

GET /wp-content/uploads/2019/05/doctor-02.jpg HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/wp-content/cache/et/2/et-core-unified-16618712981497.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:51 GMT
content-type: image/jpeg
content-length: 135702
last-modified: Sat, 18 May 2019 12:26:14 GMT
etag: "5cdff9e6-21216"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.2.16

142.250.74.10

200 OK

1.5 kB

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.2.16
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1459 bytes)
Hash
f0ec17077f77b0cf25810cea50251b51
a3e0edfae7b39044c741cb1de3a2d00985874008
95acf8a6de912b6fb9bba41838cb74cd1612950093f7b2c35f575aae7603fb6b

HTTP Headers

GET /css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.2.16 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 18:21:50 GMT
date: Sat, 24 Sep 2022 18:21:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://draitseddik.ma
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 1226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/wpforms.js?ver=1.5.3.1

145.239.140.147

200 OK

65 kB

URL HTTP/2
draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/wpforms.js?ver=1.5.3.1
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
65 kB (65320 bytes)
Hash
6deef18f1aa68ea4911578f32b8b7e7a
85a666f5fbcf39ac51c125ce48d6e2b13877becf
ddaf5ddc171e1c01ca12f7c3042fa8e135060eea23debf4133fbe8fa335284c2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/wpforms.js?ver=1.5.3.1 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Tue, 25 Jun 2019 11:45:43 GMT
etag: W/"5d120967-bdd9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-includes/js/wp-embed.min.js?ver=5.2.16

145.239.140.147

200 OK

93 kB

URL HTTP/2
draitseddik.ma/wp-includes/js/wp-embed.min.js?ver=5.2.16
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (1391), with no line terminators
Size
93 kB (93039 bytes)
Hash
a5a2892faeddae4ceddb445aadc47f63
cfe0ec9892188167ead4edca3dc7e01cf135674f
9a2a06c80fd636d79ebc74caf38d8794331d1a76355821ecb48a940123647049

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.2.16 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 04:00:30 GMT
etag: W/"6077ba5e-56f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.163

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://draitseddik.ma
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 178893
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

142.250.74.163

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://draitseddik.ma
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 22:19:01 GMT
expires: Tue, 19 Sep 2023 22:19:01 GMT
cache-control: public, max-age=31536000
age: 417770
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

draitseddik.ma/favicon.ico

145.239.140.147

200 OK

114 kB

URL HTTP/2
draitseddik.ma/favicon.ico
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
MS Windows icon resource - 7 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size
114 kB (113459 bytes)
Hash
1db747255c64a30f9236e9d929e986ca
384023452346aa087d40c93c23ca2f5e32ff1b1f
88baf40feb43463a8f6aa6543e88bdbe33f0db9a317486e786eee1e5c76a9544

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:51 GMT
content-type: image/vnd.microsoft.icon
content-length: 113459
last-modified: Wed, 03 Apr 2019 13:47:53 GMT
etag: "5ca4b989-1bb33"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.0

145.239.140.147

200 OK

9.0 kB

URL HTTP/2
draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.0
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (24228)
Size
9.0 kB (9015 bytes)
Hash
ab013fa8348ac00c171fd7276e877a15
69782a5cd5e156ced7622611d6de5f660e3cc032
9f9b63db76a7e48e1fddcb089d73b3697475b4b569da8b7aa3fa450e6c56cf65

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.0 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Tue, 25 Jun 2019 11:45:43 GMT
etag: W/"5d120967-5f30"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 24 Sep 2022 16:41:09 GMT
expires: Sat, 24 Sep 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 6042
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.css?ver=1.5.3.1

145.239.140.147

200 OK

76 kB

URL HTTP/2
draitseddik.ma/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.css?ver=1.5.3.1
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
76 kB (75528 bytes)
Hash
594a829493e569258966115bd7cd79a0
d8fc857104f0d132042c6c82f458f649ca27f350
c90dd59883b3986bc700a014b8108a6b02d2261ff4c52d9ebf4bbcfd8b3627b4

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.css?ver=1.5.3.1 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: text/css
last-modified: Tue, 25 Jun 2019 11:45:43 GMT
etag: W/"5d120967-9398"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-includes/css/dist/block-library/style.min.css?ver=5.2.16

145.239.140.147

200 OK

4.5 kB

URL HTTP/2
draitseddik.ma/wp-includes/css/dist/block-library/style.min.css?ver=5.2.16
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (29271), with no line terminators
Size
4.5 kB (4463 bytes)
Hash
46b12dc7dc56abbf9da401fcb9a4ee62
36115a3221dc3ab88181aa95472477c26fc6a03b
fc370d2961abea45707ed484813cc9f52fda4a3bf128b089b74e844da16d9835

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.2.16 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 04:00:30 GMT
etag: W/"6077ba5e-7257"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8065
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 18:21:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8065
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 18:21:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8065
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 18:21:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8065
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 18:21:51 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10032 bytes)
Hash
aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 73495
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8065
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 18:21:51 GMT
Connection: keep-alive

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10279 bytes)
Hash
8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:12:38 GMT
age: 50953
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6386 bytes)
Hash
d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 73755
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8354 bytes)
Hash
e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dXqPCGTGK8gW86McTltPuNYKXQgUuSqcL_XbyRQitinH5LsUscmU2w==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 74042
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:59:08 GMT
age: 73363
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9935 bytes)
Hash
55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 73681
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-141739453-1&cid=855131478.1664043710&jid=823902215&gjid=512265876&_gid=441141057.1664043710&_u=YEBAAEAAAAAAAC~&z=1766294159

64.233.162.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-141739453-1&cid=855131478.1664043710&jid=823902215&gjid=512265876&_gid=441141057.1664043710&_u=YEBAAEAAAAAAAC~&z=1766294159
IP
64.233.162.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-141739453-1&cid=855131478.1664043710&jid=823902215&gjid=512265876&_gid=441141057.1664043710&_u=YEBAAEAAAAAAAC~&z=1766294159 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://draitseddik.ma
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://draitseddik.ma
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 24 Sep 2022 18:21:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-141739453-1&cid=855131478.1664043710&jid=823902215&_u=YEBAAEAAAAAAAC~&z=1953535065

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-141739453-1&cid=855131478.1664043710&jid=823902215&_u=YEBAAEAAAAAAAC~&z=1953535065
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-141739453-1&cid=855131478.1664043710&jid=823902215&_u=YEBAAEAAAAAAAC~&z=1953535065 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 18:21:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
443b0617be50ed9c9a81efccc9e01157
d1298731f176c8e13a878be5d37c40bf45da7ec2
a63e8b9e4e05dd3bfefb01b74196c89c6ac9c8d1809f66d750b533ca81991e24

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7963 bytes)
Hash
5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:02 GMT
age: 73496
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.9.2

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.9.2
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.9.2 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Mon, 10 Jun 2019 05:57:53 GMT
etag: W/"5cfdf161-5cf"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/cache/et/2/et-core-unified-16618712981497.min.css

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-content/cache/et/2/et-core-unified-16618712981497.min.css
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/cache/et/2/et-core-unified-16618712981497.min.css HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: text/css
last-modified: Tue, 30 Aug 2022 14:55:00 GMT
etag: W/"630e24c4-7f72"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-includes/css/dashicons.min.css?ver=5.2.16

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-includes/css/dashicons.min.css?ver=5.2.16
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=5.2.16 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 04:00:30 GMT
etag: W/"6077ba5e-b9cc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js?ver=1.9.2

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js?ver=1.9.2
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js?ver=1.9.2 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Mon, 10 Jun 2019 05:57:53 GMT
etag: W/"5cfdf161-e8d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/themes/Divi/core/admin/js/common.js?ver=3.24

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-content/themes/Divi/core/admin/js/common.js?ver=3.24
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Divi/core/admin/js/common.js?ver=3.24 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Mon, 10 Jun 2019 05:46:35 GMT
etag: W/"5cfdeebb-550"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 04:00:30 GMT
etag: W/"6077ba5e-33a7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://draitseddik.ma/xmlrpc.php
link: <https://draitseddik.ma/index.php/wp-json/>; rel="https://api.w.org/", <https://draitseddik.ma/>; rel=shortlink
x-powered-by: PHP/7.1.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Fri, 20 May 2016 06:11:28 GMT
etag: W/"573eaa90-2748"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Wed, 22 May 2019 00:57:16 GMT
etag: W/"5ce49e6c-17a69"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 18:21:50 GMT
date: Sat, 24 Sep 2022 18:21:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Tue, 25 Jun 2019 11:45:43 GMT
etag: W/"5d120967-fae"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/themes/Divi/style.css?ver=3.24

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-content/themes/Divi/style.css?ver=3.24
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/Divi/style.css?ver=3.24 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: text/css
last-modified: Mon, 10 Jun 2019 05:46:36 GMT
etag: W/"5cfdeebc-ade28"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/uploads/2019/05/doctor-01.jpg

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-content/uploads/2019/05/doctor-01.jpg
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2019/05/doctor-01.jpg HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: image/jpeg
content-length: 79599
last-modified: Sat, 18 May 2019 12:25:59 GMT
etag: "5cdff9d7-136ef"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

draitseddik.ma/wp-content/themes/Divi/js/custom.min.js?ver=3.24

145.239.140.147

200 OK

0 B

URL HTTP/2
draitseddik.ma/wp-content/themes/Divi/js/custom.min.js?ver=3.24
IP
145.239.140.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Divi/js/custom.min.js?ver=3.24 HTTP/1.1
Host: draitseddik.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draitseddik.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 18:21:50 GMT
content-type: application/javascript
last-modified: Mon, 10 Jun 2019 05:46:35 GMT
etag: W/"5cfdeebb-424a7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP