r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4248
Expires: Mon, 05 Dec 2022 19:06:48 GMT
Date: Mon, 05 Dec 2022 17:56:00 GMT
Connection: keep-alive
arthomson.com/
209.89.114.187301 Moved Permanently 230 B IP 209.89.114.187:0
ASN #852 TELUS Communications
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 58f19654a49c8d315fe67c1b37d5a48a
cea98c4765392def561ecd734db0b51fcaa8a71d
1bf985b12a91dfb2ed2935d39cddc90ae49b9b40b4c50eaa026aa48c6fdd5793
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 17:55:58 GMT
Server: Apache
Location: https://arthomson.com/
Content-Length: 230
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15879
Expires: Mon, 05 Dec 2022 22:20:39 GMT
Date: Mon, 05 Dec 2022 17:56:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5632
Cache-Control: max-age=151751
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:00 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:05:11 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mHEfRA5bCSv5uAxgWjktnljwl6Q36Xm71OR13BBrstwoR7rFwBVwfkjp3MRf+Bi/pzF1qDBIOAM=
x-amz-request-id: Y772P14DGS5QECW5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 17:48:36 GMT
age: 444
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 17:18:30 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2250
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 17:08:58 GMT
cache-control: public,max-age=3600
age: 2823
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5627
Cache-Control: max-age=146678
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:01 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:40:39 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.114.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.114.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TDCLtm3mi2VuQ+BPgVElhg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZrM1XbsfnpkDFbpthuGGwCtQ4TQ=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19391
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 17:56:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19391
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 17:56:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19391
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 17:56:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19391
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 17:56:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f76ad58139e6d5bf4402d442ed662f3c
0100b4fdd66d254d48395da715dfd6d760ae6cf6
1c1199744e75a69f9eedfec6ecdcc11e67b735f66fc50c8a0c2d60c40920532c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7454
x-amzn-requestid: b8250832-ecd8-499b-b292-5110afe2cd84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltkWEMroAMFatw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2e8-6d91fc504703cdd5128e5746;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: S9_U5ZapxEkMRuoSxt2YSGa3zJy7zdGlGK24yRN305GY7qkn3AdKIQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:26:17 GMT
age: 70185
etag: "0100b4fdd66d254d48395da715dfd6d760ae6cf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 72378
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
age: 72453
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 24580
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 72717
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 72803
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4rQwOwpmOw.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4rQwOwpmOw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16596, version 1.0\012- data
Hash 03df9c9e95a2762eea28aaaf7b3a2009
80e83645fa2dd449cc3741056dec5f124cdf2a71
2ef6e450ee04ac7da0a662584f231cce40df19dcc3fd62d948f3727934b2bd3d
GET /s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4rQwOwpmOw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://arthomson.com/
Origin: https://arthomson.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 19:07:24 GMT
expires: Wed, 29 Nov 2023 19:07:24 GMT
cache-control: public, max-age=31536000
age: 514120
last-modified: Mon, 11 Jul 2022 19:29:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4mE3OwpmOw.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4mE3OwpmOw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16536, version 1.0\012- data
Hash cb98577b8825cb8dcf32c139c9823293
3128cbdc3862cbf9ecda34a6d08db9fe8ce4347f
f34685780939e52d361bdcfcc518e14b7b43522cd46a8c8c649906bbec6bb6f2
GET /s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4mE3OwpmOw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://arthomson.com/
Origin: https://arthomson.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 05:47:44 GMT
expires: Sat, 02 Dec 2023 05:47:44 GMT
cache-control: public, max-age=31536000
age: 302900
last-modified: Mon, 11 Jul 2022 19:29:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arthomson.com/
209.89.114.187200 OK 640 kB IP 209.89.114.187:0
ASN #852 TELUS Communications
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (27485)
Size 640 kB (640005 bytes)
Hash af9bd11d29217426d5ed0a93f5ea880a
30156952c427358d88680fc9d7bec47d3b3e539f
241cc81d6c21b601df829efdbd14066f45e1bdb543082c979244b21a7ea571d3
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:55:59 GMT
Server: Apache
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
X-LiteSpeed-Tag: 4ef_HTTP.200
X-XSS-Protection: 1; mode=block
Expect-CT: max-age=7776000, enforce
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: default-src 'self'; img-src *; media-src * data:;
X-Content-Type-Options: nosniff
Content-Security-Policy: report-uri https://arthomson.com
Referrer-Policy: strict-origin-when-cross-origin
Cross-Origin-Embedder-Policy-Report-Only: unsafe-none; report-to="default"
Cross-Origin-Embedder-Policy: unsafe-none; report-to="default"
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="default"
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="default"
Cross-Origin-Resource-Policy: cross-origin
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), document-domain=(), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=(), window-placement=()
Feature-Policy: display-capture 'self'
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Link: <https://arthomson.com/wp-json/>; rel="https://api.w.org/", <https://arthomson.com/wp-json/wp/v2/pages/1508>; rel="alternate"; type="application/json", <https://arthomson.com/>; rel=shortlink
Last-Modified: Mon, 05 Dec 2022 17:56:00 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4o0wOwpmOw.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4o0wOwpmOw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16680, version 1.0\012- data
Hash 3c9c79db5bdaae71100af58c2a49a58f
1044166ad8f8e4b8955e77af715932900e1dfbfa
225895d153479d45ea5cd9257ef84cfd5eb8ae01f2fbd2d62d03854231850150
GET /s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4o0wOwpmOw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://arthomson.com/
Origin: https://arthomson.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16680
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 23:02:38 GMT
expires: Sun, 03 Dec 2023 23:02:38 GMT
cache-control: public, max-age=31536000
age: 154406
last-modified: Mon, 11 Jul 2022 19:29:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4mE3OwpmPQ.woff
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4mE3OwpmPQ.woff
IP 216.58.207.227:0
File type Web Open Font Format, TrueType, length 21272, version 1.1\012- data
Hash f1b8fec8bb5adae4d4b793204f4cd1c7
9e06a71021ed111947689468ac97165c4e706cfd
c14d50598f33aea2d7b405650130901ecf644843db387fb6be36602218a336da
GET /s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4mE3OwpmPQ.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://arthomson.com/
Origin: https://arthomson.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21272
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 10:54:20 GMT
expires: Sun, 03 Dec 2023 10:54:20 GMT
cache-control: public, max-age=31536000
age: 198104
last-modified: Mon, 11 Jul 2022 19:29:43 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arthomson.com/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.2
209.89.114.187200 OK 28 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.2
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (19226)
Hash ac25fb529183c5fef5887d02594d1828
ee5a0f815a931cf09eae8c235dc77458109e2701
98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.2 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Wed, 02 Nov 2022 03:05:04 GMT
Accept-Ranges: bytes
Content-Length: 27524
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 32 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 17517063842db7e44d4be1dcab482720
76e3250831b0167071b3c810991e51f7bb9e14b6
b697a53aabcbd69f93df5ab7dca1f1262497ffe0aa4618adcfc7566953507e00
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:03 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/6.1.1/wp-includes/js/dist/dom-ready.min.js
192.0.77.37200 OK 498 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/dom-ready.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (463)
Hash b0b80b0256874e70acdc820b52bbf1aa
9aace9a7989736bf535d65f229d0c10e9acea41b
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
GET /c/6.1.1/wp-includes/js/dist/dom-ready.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
content-length: 498
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4lM3OwpmOw.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4lM3OwpmOw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16596, version 1.0\012- data
Hash f9be588df37843b80423ceee566a8fc2
471dea63770ccb11b59ec5567ce1b31074651d15
6f44d1fa749dcbcdf71fb26c014dce2eaca6aa50ac1652b008e361b8d78235b5
GET /s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4lM3OwpmOw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://arthomson.com/
Origin: https://arthomson.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 22:02:19 GMT
expires: Fri, 01 Dec 2023 22:02:19 GMT
cache-control: public, max-age=31536000
age: 330825
last-modified: Mon, 11 Jul 2022 19:29:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arthomson.com/wp-content/et-cache/1508/et-divi-dynamic-1508-late.css?ver=1670017249
209.89.114.187200 OK 17 kB URL HTTP/1.1 arthomson.com/wp-content/et-cache/1508/et-divi-dynamic-1508-late.css?ver=1670017249
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (5325)
Hash c3e9a2de9d058113fd659197f59727f4
5ef6b2435df935ee5528c40f8aa8fbfa47f159e6
eee85cc23d8cf035fd4904a2d005899640c151fc54bfaa516846fe8a7cf66248
GET /wp-content/et-cache/1508/et-divi-dynamic-1508-late.css?ver=1670017249 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 21:41:08 GMT
Accept-Ranges: bytes
Content-Length: 17419
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
arthomson.com/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.2
209.89.114.187200 OK 55 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.2
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (55139)
Hash 07f5a0d965fe23537228feb793eb95b0
4fc9f70c0a5cf7ba57c25a6a2921d6253264b7ae
64f77a13c6e6d3adce340a06f37c55054d9cdd48cb1d9347943749592a2a565e
GET /wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.2 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Wed, 02 Nov 2022 03:05:04 GMT
Accept-Ranges: bytes
Content-Length: 55325
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
c0.wp.com/p/woocommerce/7.1.0/assets/js/jquery-blockui/jquery.blockUI.min.js
192.0.77.37200 OK 3.7 kB URL HTTP/2 c0.wp.com/p/woocommerce/7.1.0/assets/js/jquery-blockui/jquery.blockUI.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (9111)
Hash aa755a5902311fb379d2e7018fc3949f
e28fbb94af8fe52aa9ab45604d27f7a38e4ea384
ea4fb731b82226f16d89ea290eb46aa45166d89e6a4a67a8f0fa0cd99d2ed4a3
GET /p/woocommerce/7.1.0/assets/js/jquery-blockui/jquery.blockUI.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Oct 2022 20:34:37 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?hl=en&ver=6.1.1
216.58.207.228200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=en&ver=6.1.1
IP 216.58.207.228:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js?hl=en&ver=6.1.1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 05 Dec 2022 17:56:04 GMT
date: Mon, 05 Dec 2022 17:56:04 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-57880926-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-57880926-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash f676f998b50d889418ca97cbab6d0317
606d294ea590fd5f879f46545f9958ba1d33fdd0
78cc2acb33330e24fd81d7c77297a61f61a529f3ef89f4ebe7b57a31889eaf62
GET /gtag/js?id=UA-57880926-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 17:56:04 GMT
expires: Mon, 05 Dec 2022 17:56:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arthomson.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.8
209.89.114.187200 OK 1.8 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.8
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (1836), with no line terminators
Hash bd4a0f15980886a95cc5cbd16b77eae7
bfb0474f16e017c1ce9b33441b9b3f5d713a66f5
998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.8 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 00:31:38 GMT
Accept-Ranges: bytes
Content-Length: 1836
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
arthomson.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.8
209.89.114.187200 OK 44 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.8
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (44198), with no line terminators
Hash cb315b569c64ae0930b43594bcf716d0
79ed7d454b9fde5d8f01236b497a38f53af2bf16
5d1aa852a78da0ce534b6d3392e0fc4676106f5aa29104699d0bbaadc2dcf54e
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.8 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 00:31:04 GMT
Accept-Ranges: bytes
Content-Length: 44198
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
maps.google.com/maps/api/js?key=AIzaSyCwzZvTfM4lLokdUZ3auFaYWjZLWZiVCqA&libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.1.1
142.250.74.46200 OK 59 kB URL HTTP/2 maps.google.com/maps/api/js?key=AIzaSyCwzZvTfM4lLokdUZ3auFaYWjZLWZiVCqA&libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.1.1
IP 142.250.74.46:0
File type ASCII text, with very long lines (2396)
Hash e6e55472615b23932335704deeac0d1a
42b39a7e1b7e38dc0884894c544fdbe6ea26fee8
054efa8235884d71894efaa9f791c47ad1a45e0a44045f4eb26e171bc7c03352
GET /maps/api/js?key=AIzaSyCwzZvTfM4lLokdUZ3auFaYWjZLWZiVCqA&libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.1.1 HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 17:56:04 GMT
expires: Mon, 05 Dec 2022 18:26:04 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 59172
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/hooks.min.js
192.0.77.37200 OK 2.0 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/hooks.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (4875)
Hash 25d88ee021e9ee33feef08c9ad1cf7d2
e281187678244cd4d80e4cb758b75f9018423e75
3e055d3bc92ffd0412344bd58759df7f3eab49de4fc6dc7282f5883d631e5ca7
GET /c/6.1.1/wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
arthomson.com/wp-content/themes/Divi/js/smoothscroll.js?ver=4.19.2
209.89.114.187200 OK 5.7 kB URL HTTP/1.1 arthomson.com/wp-content/themes/Divi/js/smoothscroll.js?ver=4.19.2
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (5644)
Hash b6a40b8c22e5dd0e51404ac7aa45710a
823e4b015387a2714f826a7f386a0f6698c4b6e2
75079f39fe739015589a0f995f41b4c1c29d4ebac85c93a792926af09f61cc83
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/js/smoothscroll.js?ver=4.19.2 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 01 Dec 2022 19:42:14 GMT
Accept-Ranges: bytes
Content-Length: 5714
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
arthomson.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.19.2
209.89.114.187200 OK 3.3 kB URL HTTP/1.1 arthomson.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.19.2
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type HTML document, ASCII text
Hash fa07f10043b891dacdb82f26fd2b42bc
9c1dc49e9747758e033c0e9a7d016401bd78602c
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.19.2 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 01 Dec 2022 19:42:14 GMT
Accept-Ranges: bytes
Content-Length: 3349
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 40 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (65447)
Hash 52d570b6f4d623177be525c87c56cd76
894188cba33a41226a513adc473565c90df15f8e
6776616dee22876bcd9feb7e378dc584c91fff60e55f8f6d3c89028b4d656019
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
arthomson.com/wp-content/et-cache/1508/et-divi-dynamic-1508.css?ver=1670017249
209.89.114.187200 OK 64 kB URL HTTP/1.1 arthomson.com/wp-content/et-cache/1508/et-divi-dynamic-1508.css?ver=1670017249
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (13396)
Hash 5759b615eb8d3bc395cfe7f8736c2225
5672a9bd3112f84b05458cb5825191e2261f2fda
7820374e3f84bd340d0c1f50d82f42bf33b2eca6c860da418dd8e3bd24bd8658
Analyzer Verdict Alert fortinet Malware
GET /wp-content/et-cache/1508/et-divi-dynamic-1508.css?ver=1670017249 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 21:40:49 GMT
Accept-Ranges: bytes
Content-Length: 64367
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
arthomson.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.19.2
209.89.114.187200 OK 8.6 kB URL HTTP/1.1 arthomson.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.19.2
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (6322)
Hash bf7fe805ab945e4b2c4d56da59476811
307135fd2987f477c7bd50fcd0cc28a1cff1f568
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.19.2 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 01 Dec 2022 19:42:14 GMT
Accept-Ranges: bytes
Content-Length: 8574
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
arthomson.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.2
209.89.114.187200 OK 274 kB URL HTTP/1.1 arthomson.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.2
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (65467)
Size 274 kB (274281 bytes)
Hash 8115ebe3b0544b7c5f218658b1a5ebd3
50b3f04903e15b688c9a8cb691812175a8db6b61
425c17cc0de74e7e5ce91bbb6ceb6405518d61a38d298938099ad3289ab5c1d3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.19.2 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 01 Dec 2022 19:42:14 GMT
Accept-Ranges: bytes
Content-Length: 274281
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
arthomson.com/wp-content/et-cache/1508/et-core-unified-deferred-1508.min.css?ver=1670017268
209.89.114.187200 OK 44 kB URL HTTP/1.1 arthomson.com/wp-content/et-cache/1508/et-core-unified-deferred-1508.min.css?ver=1670017268
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (44546), with no line terminators
Hash 88532eb56e6ae34b5032e2918e8f3171
87ec3e713fc6bcf33f06c0816cdf83950b3cfad9
e46fa8e2d4479e92c74c0f72e6eead1ed63ea9c48a849c2a5622ebbcbb7b7f4d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/et-cache/1508/et-core-unified-deferred-1508.min.css?ver=1670017268 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 21:41:08 GMT
Accept-Ranges: bytes
Content-Length: 44546
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:02 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
arthomson.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/markerclustererplus/markerclustererplus.js?ver=2.3.4
209.89.114.187200 OK 53 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/markerclustererplus/markerclustererplus.js?ver=2.3.4
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type HTML document, ASCII text
Hash dc249aedab5f82a314cb9a901fb3b2d4
259fc5053f1c86b11fadf1098e4aa12e741456d4
804f2c7a54a6201b571cf94b7d160ffc83a08a6f18c7448f9e09cfa3cd24589a
GET /wp-content/plugins/wp-google-map-plugin/assets/js/vendor/markerclustererplus/markerclustererplus.js?ver=2.3.4 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 16:41:53 GMT
Accept-Ranges: bytes
Content-Length: 53315
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
arthomson.com/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
209.89.114.187200 OK 9.0 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (8983), with no line terminators
Hash ed3b4417df0895e4cf8465d32b69adc6
a63d0bad2dcb235c62a843eb3e8506e8931cede0
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
GET /wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 00:31:49 GMT
Accept-Ranges: bytes
Content-Length: 8983
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
arthomson.com/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=8767d0da914b289bd862
209.89.114.187200 OK 2.4 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=8767d0da914b289bd862
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (2366), with no line terminators
Hash 9855fb5d7dee948d776d7e36ede8a2c9
ea9ce09ab4c7e55da5ffbf05c8542e61b9ad6ae2
c99ffa666406b233d0791d6f9c7b4675c37ae1e537813b213bc3968a95321355
GET /wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=8767d0da914b289bd862 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 00:31:00 GMT
Accept-Ranges: bytes
Content-Length: 2366
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
arthomson.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.8
209.89.114.187200 OK 4.6 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.8
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (4610)
Hash a39e45502bab7e9e26723e6ab243e8f8
ac62aacd5ee3e7b64ce6a92b5d8e3fb523e34d16
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.8 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 00:31:33 GMT
Accept-Ranges: bytes
Content-Length: 4639
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
192.0.77.37200 OK 23 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash e0dcbfaa2e2a99af3dec5da4f27d2a2d
c19e544f30edad55623a96742b88bd8701b23169
241065c733083e6c10b6d4789d4ffe3b2f5473290411fe012fe8e318f5fcab2d
GET /c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
arthomson.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.2
209.89.114.187200 OK 1.3 kB URL HTTP/1.1 arthomson.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.2
IP 209.89.114.187:0
ASN #852 TELUS Communications
Hash d71b75b2327258b1d01d50590c1f67ca
b7820e4ffb6becc133c48f66d9f683545530b959
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.2 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 01 Dec 2022 19:42:14 GMT
Accept-Ranges: bytes
Content-Length: 1343
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 62 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (11126)
Hash bbda0f494299afa929949376833d88d4
564737968f9d56a3e51ecc8d94cdc64cfeed5afd
3d5d15bcf35dc82e229ad9a11b4a673645c4dd54ab81ec4a55f595c4da7471c2
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
arthomson.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.0
209.89.114.187200 OK 30 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.0
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (315)
Hash 0917c0e91b5f98ba8a8f2bebc21ebd0a
37cbe8f856453a8d8fc88e7da81bbae6734a2961
d205d2093a3411531f600e78e152f0c86aca40ba64edf7d7d1c995215c23fab8
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.0 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 00:31:12 GMT
Accept-Ranges: bytes
Content-Length: 30529
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
arthomson.com/wp-content/plugins/megamenu-pro/assets/public.js?ver=2.2
209.89.114.187200 OK 24 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/megamenu-pro/assets/public.js?ver=2.2
IP 209.89.114.187:0
ASN #852 TELUS Communications
Hash 486aa06259cf498a133ebadb676e36a7
566237e8b31ccc914bb5178c7e5f846fc731b1cd
5ba2f4f7c279a57c71311cc8aa022cad8656ee7d87492a6010d1c9f2e3c6ca99
GET /wp-content/plugins/megamenu-pro/assets/public.js?ver=2.2 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 00:31:12 GMT
Accept-Ranges: bytes
Content-Length: 23477
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
arthomson.com/wp-content/plugins/bloom/js/jquery.uniform.min.js?ver=1.3.12
209.89.114.187200 OK 8.3 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/bloom/js/jquery.uniform.min.js?ver=1.3.12
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (8308), with no line terminators
Hash 2842654782a75cbbc8cd66c60b72631d
ef3a49fe1bcf31cca95cdee5563928a850a1b154
8a41d60f7762f2db0792fd909c3c09725f93d8fe1e94efcb2ca04293921e277a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bloom/js/jquery.uniform.min.js?ver=1.3.12 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 00:31:38 GMT
Accept-Ranges: bytes
Content-Length: 8308
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
arthomson.com/wp-content/plugins/bloom/js/custom.js?ver=1.3.12
209.89.114.187200 OK 29 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/bloom/js/custom.js?ver=1.3.12
IP 209.89.114.187:0
ASN #852 TELUS Communications
Hash 7051c071eff3b0075c38aaded01dc4b1
d49c5ebbbaf8e474d2b611685f14e34d55610c3a
279f6b481748c18d498dd5ad4cb01aee8aaab9fe2845094491f2632d4b99b686
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bloom/js/custom.js?ver=1.3.12 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 00:31:59 GMT
Accept-Ranges: bytes
Content-Length: 29063
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
c0.wp.com/p/woocommerce/7.1.0/assets/js/frontend/add-to-cart.min.js
192.0.77.37200 OK 3.5 kB URL HTTP/2 c0.wp.com/p/woocommerce/7.1.0/assets/js/frontend/add-to-cart.min.js
IP 192.0.77.37:0
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash b5203f2c94ca5a38641a1a64056e2aae
34a156fc8730c5dfa8b938a5eed5a71b2e11b2d8
87c14d3b38f9c928ebc212dd9e3c4833d33644721f03fb2acdd42e5a879e4b03
GET /p/woocommerce/7.1.0/assets/js/frontend/add-to-cart.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Oct 2022 20:34:37 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
arthomson.com/wp-content/uploads/2022/11/chrome-product-overview.webp
209.89.114.187200 OK 35 kB URL HTTP/1.1 arthomson.com/wp-content/uploads/2022/11/chrome-product-overview.webp
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1400x609, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 103f05b7c5daaf8f07ffb76620dddb46
b72a816a796daa8cc9718e3f37f3c1794fdb3213
26377609104894064d508a6f86084618983babbea3cb304bb2b7c4d95880b301
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/11/chrome-product-overview.webp HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/wp-content/et-cache/1508/et-core-unified-deferred-1508.min.css?ver=1670017268
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.1.604517507.1670262962
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Wed, 23 Nov 2022 19:43:46 GMT
Accept-Ranges: bytes
Content-Length: 34590
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/webp
arthomson.com/wp-content/uploads/2022/11/AR-Thomson-Logo-2022.webp
209.89.114.187200 OK 9.6 kB URL HTTP/1.1 arthomson.com/wp-content/uploads/2022/11/AR-Thomson-Logo-2022.webp
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 704x140, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7ff2fb9d6cf331f7af2d02b9d5a8be8d
37d8e1104b30299dac1c02ec0e683b0746215d36
11ea5eef775cd8b2a74418216a368f40bfe464b635f041a6fa10b51f7b45d6f4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/11/AR-Thomson-Logo-2022.webp HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 25 Nov 2022 18:18:16 GMT
Accept-Ranges: bytes
Content-Length: 9598
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp
region1.google-analytics.com/g/collect?v=2&tid=G-8H2RLY6G04>m=2oebu0&_p=427708489&cid=604517507.1670262962&ul=en-us&sr=1280x1024&_s=1&sid=1670262961&sct=1&seg=0&dl=https%3A%2F%2Farthomson.com%2F&dt=AR%20Thomson%20%7C%20The%20Fluid%20Containment%20%26%20Control%20Specialists&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-8H2RLY6G04>m=2oebu0&_p=427708489&cid=604517507.1670262962&ul=en-us&sr=1280x1024&_s=1&sid=1670262961&sct=1&seg=0&dl=https%3A%2F%2Farthomson.com%2F&dt=AR%20Thomson%20%7C%20The%20Fluid%20Containment%20%26%20Control%20Specialists&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8H2RLY6G04>m=2oebu0&_p=427708489&cid=604517507.1670262962&ul=en-us&sr=1280x1024&_s=1&sid=1670262961&sct=1&seg=0&dl=https%3A%2F%2Farthomson.com%2F&dt=AR%20Thomson%20%7C%20The%20Fluid%20Containment%20%26%20Control%20Specialists&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Origin: https://arthomson.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://arthomson.com
date: Mon, 05 Dec 2022 17:56:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arthomson.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
209.89.114.187200 OK 92 kB URL HTTP/1.1 arthomson.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Hash de27b3e66b2f8017e000aa9d8d24d60e
e6d716de8f35ba6daf55d57e7fe0ed8d8e50f1f7
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 01 Dec 2022 19:42:14 GMT
Accept-Ranges: bytes
Content-Length: 92400
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/ttf
www.arthomson.com/wp-content/uploads/2021/01/1749-252.jpg
209.89.114.187200 OK 205 kB URL HTTP/1.1 www.arthomson.com/wp-content/uploads/2021/01/1749-252.jpg
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=NIKON CORPORATION, model=NIKON D3S, xresolution=138, yresolution=146, resolutionunit=2, software=Ver.1.00, datetime=2010:10:29 13:42:52], baseline, precision 8, 1200x798, components 3\012- data
Size 205 kB (205212 bytes)
Hash 156ea975c96a7337337a099ba8f691c9
239cc9477ac2e5b12375697865f8907d66c93882
3a438ff30a2cfca842bd7ce13b9476b37b2e49aef84d8488c7a54da122c83cf9
GET /wp-content/uploads/2021/01/1749-252.jpg HTTP/1.1
Host: www.arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.1.604517507.1670262962
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Wed, 02 Nov 2022 03:05:36 GMT
Accept-Ranges: bytes
Content-Length: 205212
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:03 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
arthomson.com/wp-content/et-cache/1508/et-divi-dynamic-1508-late.css
209.89.114.187200 OK 17 kB URL HTTP/1.1 arthomson.com/wp-content/et-cache/1508/et-divi-dynamic-1508-late.css
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (5325)
Hash c3e9a2de9d058113fd659197f59727f4
5ef6b2435df935ee5528c40f8aa8fbfa47f159e6
eee85cc23d8cf035fd4904a2d005899640c151fc54bfaa516846fe8a7cf66248
GET /wp-content/et-cache/1508/et-divi-dynamic-1508-late.css HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.1.604517507.1670262962
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 21:41:08 GMT
Accept-Ranges: bytes
Content-Length: 17419
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:04 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
pixel.wp.com/g.gif?v=ext&blog=212730984&post=1508&tz=-7&srv=arthomson.com&j=1%3A11.5.1&host=arthomson.com&ref=&fcp=3732&rand=0.2861245896887924
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=212730984&post=1508&tz=-7&srv=arthomson.com&j=1%3A11.5.1&host=arthomson.com&ref=&fcp=3732&rand=0.2861245896887924
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=212730984&post=1508&tz=-7&srv=arthomson.com&j=1%3A11.5.1&host=arthomson.com&ref=&fcp=3732&rand=0.2861245896887924 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:06 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelement-and-player.min.js
192.0.77.37200 OK 199 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelement-and-player.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (65266)
Size 199 kB (198931 bytes)
Hash 683cebae5efbe7c439e22e04483d25a9
cd3d36e4493b2d09ff3df41e74284ceecab9d364
eed97d24d802083ff252354249c0f9841be53f0a2a902f1cb21cb1d21ece2cb1
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelement-and-player.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 29 Sep 2022 14:21:11 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/hoverIntent.min.js
192.0.77.37200 OK 21 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/hoverIntent.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (1464)
Hash b470425808ab1a9695f7563a581fdb9d
92bfc117f4eb6ec5d3c273e2a9839fcee6996893
e45fd5b42215aa965a158178108854ac20bd928c17818b7bc8ff7c324b6c6ac9
GET /c/6.1.1/wp-includes/js/hoverIntent.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
arthomson.com/wp-content/themes/Divi/js/converter3-engine/converter3.js
209.89.114.187404 Not Found 32 kB URL HTTP/1.1 arthomson.com/wp-content/themes/Divi/js/converter3-engine/converter3.js
IP 209.89.114.187:0
ASN #852 TELUS Communications
Hash 15e2095caf303ab59c96dcb78ce43566
055f2b244f4856f7e74addc286d3c15f315a4288
7ec0f51c2c0b9497dc70d57db70bb90c3396e1ce082b590164cd73412713907f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/js/converter3-engine/converter3.js HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 05 Dec 2022 17:56:02 GMT
Server: Apache
Pragma: no-cache
X-LiteSpeed-Tag: 4ef_HTTP.404
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-XSS-Protection: 1; mode=block
Expect-CT: max-age=7776000, enforce
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: default-src 'self'; img-src *; media-src * data:;
X-Content-Type-Options: nosniff
Content-Security-Policy: report-uri https://arthomson.com
Referrer-Policy: strict-origin-when-cross-origin
Cross-Origin-Embedder-Policy-Report-Only: unsafe-none; report-to="default"
Cross-Origin-Embedder-Policy: unsafe-none; report-to="default"
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="default"
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="default"
Cross-Origin-Resource-Policy: cross-origin
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), document-domain=(), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=(), window-placement=()
Feature-Policy: display-capture 'self'
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Link: <https://arthomson.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7396538920066096
142.250.74.66200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7396538920066096
IP 142.250.74.66:0
File type ASCII text, with very long lines (4885)
Hash 2ff978d0e7cf74b99fe124ee74278095
a7a309dbed4437ce623876503ffd9dcea1a4a191
d777e3566517ed598aa8b8a3e49e1835019bb417fc6a53cdbb9c726bce575baa
GET /pagead/js/adsbygoogle.js?client=ca-pub-7396538920066096 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Origin: https://arthomson.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 05 Dec 2022 17:56:06 GMT
expires: Mon, 05 Dec 2022 17:56:06 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3300322880595554661
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48947
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.42200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.42:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Origin: https://arthomson.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Dec 2022 17:56:06 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://arthomson.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arthomson.com/wp-content/uploads/2020/07/cropped-ARTG-web-icon-light-192x192.png
209.89.114.187200 OK 2.9 kB URL HTTP/1.1 arthomson.com/wp-content/uploads/2020/07/cropped-ARTG-web-icon-light-192x192.png
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced\012- data
Hash 880997c102702c0bd0dde6d1cd03f79e
d577d4446f13983b559693592ec74ac3b96dad8e
138f7af183d4fb712af6d3ee6bf2a26ba94e45974cf055882284ce4c44335573
GET /wp-content/uploads/2020/07/cropped-ARTG-web-icon-light-192x192.png HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.1.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Wed, 02 Nov 2022 03:05:26 GMT
Accept-Ranges: bytes
Content-Length: 2864
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:04 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
arthomson.com/wp-content/uploads/2020/07/cropped-ARTG-web-icon-light-32x32.png
209.89.114.187200 OK 466 B URL HTTP/1.1 arthomson.com/wp-content/uploads/2020/07/cropped-ARTG-web-icon-light-32x32.png
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash ae0e57171ce0b80fd28b06f0d80328e1
1c6687f3e189aa2a4271ebcc4735b643ff4665f8
3aca188ecfb3f997c970e15c8cbb4a05d1c864216e135ad742c132b6e804102b
GET /wp-content/uploads/2020/07/cropped-ARTG-web-icon-light-32x32.png HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.1.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Wed, 02 Nov 2022 03:05:26 GMT
Accept-Ranges: bytes
Content-Length: 466
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:04 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/p/woocommerce/7.1.0/assets/js/frontend/cart-fragments.min.js
192.0.77.37200 OK 21 kB URL HTTP/2 c0.wp.com/p/woocommerce/7.1.0/assets/js/frontend/cart-fragments.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 29b900cea7bb6b79832fd3505b7865d7
c89723bb5e87e05cffab27757672a6aa6923c133
64f01e25095114695a5079c8beeda962fdbdcbe2d05cd140a94f0abfd7eb313c
GET /p/woocommerce/7.1.0/assets/js/frontend/cart-fragments.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 22:30:13 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
arthomson.com/wp-content/themes/Your-Generated-Divi-child-theme-template-by-DiviCake/style.css?ver=4.19.2
209.89.114.187200 OK 4.8 kB URL HTTP/1.1 arthomson.com/wp-content/themes/Your-Generated-Divi-child-theme-template-by-DiviCake/style.css?ver=4.19.2
IP 209.89.114.187:0
ASN #852 TELUS Communications
Hash 0f6ef2ebdfbb6a08578371c4e40e30e1
d3399cc9533cd0cee06fbf03f5063dbcaf47a32c
d4ea28d314d9e2e5770af820c42c87127c05ded5a3536d3de1fbb3a8abd88964
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Your-Generated-Divi-child-theme-template-by-DiviCake/style.css?ver=4.19.2 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Wed, 02 Nov 2022 03:05:07 GMT
Accept-Ranges: bytes
Content-Length: 4793
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:04 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
arthomson.com/wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=81582bdb254a94e4464424087c6479a8
209.89.114.187200 OK 4.2 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=81582bdb254a94e4464424087c6479a8
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with CRLF line terminators
Hash bad8534a65980c82285b650f02403bd0
19327faa38b54034e825287e621af06a007413ed
297ebb311b8eeff8d8d1fa4bfe26a420ffdd7694b83119aef5ce799189fedc7d
GET /wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 16:41:53 GMT
Accept-Ranges: bytes
Content-Length: 4181
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:04 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
arthomson.com/wp-content/uploads/2022/11/about-us-BG-2.jpg
209.89.114.187200 OK 81 kB URL HTTP/1.1 arthomson.com/wp-content/uploads/2022/11/about-us-BG-2.jpg
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x233, components 3\012- data
Hash e03f8f77ac6b7e5b6c95bcb4069ae28d
72c4c484166074374d86cb5cc676493f3398c993
f57fc9f4bb407cde64a6b50536ca381679b7cc68a0d36fc12791a0b59e6e641b
GET /wp-content/uploads/2022/11/about-us-BG-2.jpg HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.1.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 25 Nov 2022 00:19:12 GMT
Accept-Ranges: bytes
Content-Length: 80873
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:04 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
arthomson.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.8
209.89.114.187200 OK 8.2 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.8
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (8213), with no line terminators
Hash f4495f922aad36929d9902bde594be1b
45da4c9d1c3b29f84a1c2b3208f25c3c42021383
00248c12820088fc97a123ac8bf5140334781d5af8addbd3a6f8fa4ae909efb4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.8 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 10 Nov 2022 22:56:39 GMT
Accept-Ranges: bytes
Content-Length: 8213
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:04 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
arthomson.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.8
209.89.114.187200 OK 29 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.8
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (29294), with no line terminators
Hash eb050164b3a4c731e4eaa8d4b78bc583
7de9a889af7aaec49b5b02565463062246614994
e6c948a73ea3f054f417a3a60d18db48711bb86a0e12cea24fc5f858d2a42c4e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.8 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 10 Nov 2022 22:56:39 GMT
Accept-Ranges: bytes
Content-Length: 29294
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:04 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
arthomson.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.8
209.89.114.187200 OK 3.9 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.8
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (3860), with no line terminators
Hash 8e96ac33d13cfe932ea3c539e438b105
b4981821e2e6045b3011fe1c5a7991bbc2a7c4fc
678dcb871057c9c23fbf3657ffa7ce50368492e621034fa0a8d701e7d78ee9e6
GET /wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.8 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 10 Nov 2022 22:56:39 GMT
Accept-Ranges: bytes
Content-Length: 3860
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:05 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
arthomson.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.8
209.89.114.187200 OK 78 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.8
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8e9e40ffc1641631c22aa784bc3182ac
62304ad6b0abdacf975657c935d52558b19aaae9
bc0333073d074b2063613a5956610a44dee9bb6f78fb06ad7182954c486ebf06
GET /wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.8 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 10 Nov 2022 22:56:39 GMT
Accept-Ranges: bytes
Content-Length: 77797
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:04 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
arthomson.com/wp-content/plugins/bloom/css/style.css?ver=1.3.12
209.89.114.187200 OK 96 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/bloom/css/style.css?ver=1.3.12
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type ASCII text, with very long lines (847)
Hash edc56fc35ef9730a59ae79b7ee2d1e45
a1c2a1a42b940fc09465f2eed2ce3d6d151dd1d9
846190311422b8501d25e7fa82a6f03640979882b59b875da0c038877bd15151
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bloom/css/style.css?ver=1.3.12 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Wed, 02 Nov 2022 03:05:03 GMT
Accept-Ranges: bytes
Content-Length: 95599
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:04 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
arthomson.com/wp-content/uploads/2022/11/Gaskets-Sealing-1.jpg
209.89.114.187200 OK 23 kB URL HTTP/1.1 arthomson.com/wp-content/uploads/2022/11/Gaskets-Sealing-1.jpg
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash a0086052d46e752b96e70dde7d6ca4ed
d3a039b9365f62faa44eb5a36e7a11bea2f31cdf
8508ec645017a864f81d91edd38780a531b27bc333aaac0a5622fc05c58fcf01
GET /wp-content/uploads/2022/11/Gaskets-Sealing-1.jpg HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 11 Nov 2022 00:04:43 GMT
Accept-Ranges: bytes
Content-Length: 22863
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:05 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
arthomson.com/wp-content/uploads/2022/11/Steam-Traps-Systems-Category.webp
209.89.114.187200 OK 9.8 kB URL HTTP/1.1 arthomson.com/wp-content/uploads/2022/11/Steam-Traps-Systems-Category.webp
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9f936ea49259d6a4ec8c19e1090cce9f
d7a129baff17d2a833d5a106aff84188c8be7c92
343e5053bf66466af5d312920fa41241704a6e98b6b9cb5e05b9130f5e0f5c0f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/11/Steam-Traps-Systems-Category.webp HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 25 Nov 2022 17:27:00 GMT
Accept-Ranges: bytes
Content-Length: 9826
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:05 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/webp
arthomson.com/wp-content/uploads/2022/11/Valves-Fittings-Category.webp
209.89.114.187200 OK 9.5 kB URL HTTP/1.1 arthomson.com/wp-content/uploads/2022/11/Valves-Fittings-Category.webp
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f00d7c662e147d3f627e1b77bef13c33
ccd24e70d52921a5039b915b03250f494394a66d
526533035b9ce878f2a33b23d6bbd35e2c4e96f5c4777c14c64cbe1e6267632c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/11/Valves-Fittings-Category.webp HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 25 Nov 2022 17:27:31 GMT
Accept-Ranges: bytes
Content-Length: 9548
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:05 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/webp
arthomson.com/wp-content/uploads/2022/11/Oilfield-Specialty-Products-Category.webp
209.89.114.187200 OK 5.4 kB URL HTTP/1.1 arthomson.com/wp-content/uploads/2022/11/Oilfield-Specialty-Products-Category.webp
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash abd1e06a167e2925166b71bc48e9ff8b
ad680b820b5b85c71f65897312cbb9ce799a65bf
598566a258461a8ecf1ac088c789d97201c203e625f88c6f1712275019ff9f8a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/11/Oilfield-Specialty-Products-Category.webp HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 25 Nov 2022 17:28:15 GMT
Accept-Ranges: bytes
Content-Length: 5358
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:05 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp
www.arthomson.com/wp-content/uploads/2022/11/Mechanical-Seals-Pump-Packing.jpg
209.89.114.187200 OK 86 kB URL HTTP/1.1 www.arthomson.com/wp-content/uploads/2022/11/Mechanical-Seals-Pump-Packing.jpg
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=480, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=480], baseline, precision 8, 480x480, components 3\012- data
Hash 9d954b8121a22f4f2e15a17471a8010c
705b4909767d182008efe288271e4d93c4e845f3
6a83c9ffc2ff8ef5d13aa9a9b5d173e815a464186ce97cd28c681ce2cc9d0ada
GET /wp-content/uploads/2022/11/Mechanical-Seals-Pump-Packing.jpg HTTP/1.1
Host: www.arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 04 Nov 2022 14:31:02 GMT
Accept-Ranges: bytes
Content-Length: 85853
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:05 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
arthomson.com/wp-content/plugins/bloom/css/fonts/ET-Bloom.woff?gd6mr8
209.89.114.187200 OK 5.9 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/bloom/css/fonts/ET-Bloom.woff?gd6mr8
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type Web Open Font Format, TrueType, length 5932, version 2.3\012- data
Hash 10e1b312c330e1e751215a4849f90d2e
06114f354c1af4c42977700e36ee375572ae64df
89b6fc20e99da6c304c84e47abe126d4f7eb31e5366e97b451a9aca07181ddb3
GET /wp-content/plugins/bloom/css/fonts/ET-Bloom.woff?gd6mr8 HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://arthomson.com/wp-content/plugins/bloom/css/style.css?ver=1.3.12
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Wed, 02 Nov 2022 03:05:03 GMT
Accept-Ranges: bytes
Content-Length: 5932
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:05 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff
arthomson.com/wp-content/plugins/wp-google-map-plugin/assets/images/icons/marker_default_icon.png
209.89.114.187200 OK 1.3 kB URL HTTP/1.1 arthomson.com/wp-content/plugins/wp-google-map-plugin/assets/images/icons/marker_default_icon.png
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 94a9153db495781ee4c317420202a2be
4775b35b71725c224041cfe5a87d18e376f36a6c
01f7ff9106205f8d2051c326cbd6e039f30d7c3a2b657bbf6d5c24d12084c5bb
GET /wp-content/plugins/wp-google-map-plugin/assets/images/icons/marker_default_icon.png HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Fri, 02 Dec 2022 16:41:53 GMT
Accept-Ranges: bytes
Content-Length: 1337
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:05 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.arthomson.com/wp-content/uploads/2022/11/Industrial-Hoses-Expansion-Joints.jpg
209.89.114.187200 OK 84 kB URL HTTP/1.1 www.arthomson.com/wp-content/uploads/2022/11/Industrial-Hoses-Expansion-Joints.jpg
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=480, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=480], baseline, precision 8, 480x480, components 3\012- data
Hash b4cc21048e4a29895e31ec9110ef2204
d99c96ad31998fdbeb4a98555388ab66b0116226
08e4065612c630073fa949d50728664de740cf9d10de92e08510bbb337fe3275
GET /wp-content/uploads/2022/11/Industrial-Hoses-Expansion-Joints.jpg HTTP/1.1
Host: www.arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=7776000, enforce
Content-Security-Policy: report-uri https://arthomson.com
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
Last-Modified: Thu, 03 Nov 2022 22:51:52 GMT
Accept-Ranges: bytes
Content-Length: 84108
Cache-Control: max-age=31557600
Expires: Tue, 05 Dec 2023 23:56:05 GMT
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.3200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.3:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Mon, 05 Dec 2022 17:56:07 GMT
expires: Mon, 05 Dec 2022 17:56:07 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.wp.com/s-202249.js
192.0.76.3200 OK 27 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (9364), with no line terminators
Hash 2febcb279cba3b3646a9599b6bf735f5
6927ca9109b761e820d783074fcf7bc3baf0687d
b75115df0464c0274d21db9cf615de21a8c5129e4c86aa36dd8535ea4e53a75a
GET /s-202249.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-2494"
content-encoding: br
expires: Mon, 04 Dec 2023 22:18:39 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=arthomson.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=arthomson.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=arthomson.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 17:56:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=arthomson.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=arthomson.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=arthomson.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 17:56:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
arthomson.com/?wc-ajax=get_refreshed_fragments
209.89.114.187200 OK 392 B URL HTTP/1.1 arthomson.com/?wc-ajax=get_refreshed_fragments
IP 209.89.114.187:0
ASN #852 TELUS Communications
File type JSON data\012- , ASCII text, with very long lines (392), with no line terminators
Hash b63d7e5d63ca0be2217d6a79d6589e13
e3e4aabc71550d94e967f04aeea46dbc233ccb3a
549d5ec888871162093425bee5e006d1e2f28a1eead232d3a8d10122c7a4a4d2
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: arthomson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://arthomson.com
Connection: keep-alive
Cookie: _ga_8H2RLY6G04=GS1.1.1670262961.1.0.1670262961.0.0.0; _ga=GA1.2.604517507.1670262962; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _gid=GA1.2.1282266473.1670262964; _gat_gtag_UA_57880926_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 17:56:05 GMT
Server: Apache
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Expect-CT: max-age=7776000, enforce
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
X-Content-Security-Policy: default-src 'self'; img-src *; media-src * data:;
Content-Security-Policy: report-uri https://arthomson.com
Referrer-Policy: strict-origin-when-cross-origin
Cross-Origin-Embedder-Policy-Report-Only: unsafe-none; report-to="default"
Cross-Origin-Embedder-Policy: unsafe-none; report-to="default"
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="default"
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="default"
Cross-Origin-Resource-Policy: cross-origin
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), document-domain=(), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=(), window-placement=()
Feature-Policy: display-capture 'self'
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Access-Control-Allow-Origin: https://arthomson.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-LiteSpeed-Tag: 4ef_HTTP.200,4ef_HTTP.200
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-57880926-1&cid=604517507.1670262962&jid=412477332&gjid=160902766&_gid=1282266473.1670262964&_u=YADAAUAAAAAAACAAI~&z=925413178
108.177.14.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-57880926-1&cid=604517507.1670262962&jid=412477332&gjid=160902766&_gid=1282266473.1670262964&_u=YADAAUAAAAAAACAAI~&z=925413178
IP 108.177.14.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-57880926-1&cid=604517507.1670262962&jid=412477332&gjid=160902766&_gid=1282266473.1670262964&_u=YADAAUAAAAAAACAAI~&z=925413178 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://arthomson.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://arthomson.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 17:56:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 181b661534dc3f6bbe887293452f685b
bf4e024b51870992b7b41ee50e570bebf4705bfb
4d7472e9a604e69e65040a318534883d14275d6ef7e19c6eb42a8a25099d8eeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 181b661534dc3f6bbe887293452f685b
bf4e024b51870992b7b41ee50e570bebf4705bfb
4d7472e9a604e69e65040a318534883d14275d6ef7e19c6eb42a8a25099d8eeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-57880926-1&cid=604517507.1670262962&jid=412477332&_u=YADAAUAAAAAAACAAI~&z=1682238633
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-57880926-1&cid=604517507.1670262962&jid=412477332&_u=YADAAUAAAAAAACAAI~&z=1682238633
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-57880926-1&cid=604517507.1670262962&jid=412477332&_u=YADAAUAAAAAAACAAI~&z=1682238633 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 17:56:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7889b2bc6f932635fcaa5092a121abfd
cc1ed134e94daf140a77f71b8da33fefd495595e
c948939c415ef40a400e2be440171a10f55c821003fc4f5b67a2de73e00b5688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.211.1200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 05 Dec 2022 17:56:08 GMT
expires: Mon, 05 Dec 2022 17:56:08 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.0/assets/css/woocommerce-smallscreen.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.1.0/assets/css/woocommerce-smallscreen.css
IP 192.0.77.37:0
GET /p/woocommerce/7.1.0/assets/css/woocommerce-smallscreen.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 16 Feb 2021 23:11:32 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:03 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.0/assets/js/js-cookie/js.cookie.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.1.0/assets/js/js-cookie/js.cookie.min.js
IP 192.0.77.37:0
GET /p/woocommerce/7.1.0/assets/js/js-cookie/js.cookie.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jan 2021 23:55:30 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:06 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelement-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelement-migrate.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelement-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/i18n.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/i18n.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:03 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.0/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.1.0/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
IP 192.0.77.37:0
GET /p/woocommerce/7.1.0/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 24 Aug 2022 20:12:33 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:03 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.0/assets/js/frontend/woocommerce.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.1.0/assets/js/frontend/woocommerce.min.js
IP 192.0.77.37:0
GET /p/woocommerce/7.1.0/assets/js/frontend/woocommerce.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 May 2021 17:00:20 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/a11y.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/a11y.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/dist/a11y.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arthomson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:56:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Tue, 05 Dec 2023 17:56:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2