r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7035
Expires: Fri, 02 Dec 2022 08:26:10 GMT
Date: Fri, 02 Dec 2022 06:28:55 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2220
Cache-Control: max-age=103157
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:28:55 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:08:12 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 06:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 645
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5021
Expires: Fri, 02 Dec 2022 07:52:37 GMT
Date: Fri, 02 Dec 2022 06:28:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JxExJYMQWrf62XGa2eMuyUUwCpn630EP4RlyQMgPsd7cpAY6iCr3lMvDnwj0Jjl/5L3cDOT8khg=
x-amz-request-id: 0WKY4PNK1V0TVQ5H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 05:45:59 GMT
age: 2577
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:28:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 06:11:15 GMT
cache-control: public,max-age=3600
age: 1061
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2264
Cache-Control: max-age=98137
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:28:56 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:44:33 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
extension-maison.org/
200 OK 19 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9455), with CRLF, LF line terminators
Hash 56e96afb12d619e50c99ef78c0e11367
0e34577ebe144dbc7cb321f9d2686552fee7e3ba
2da6580ecaf71a0519caa870caa7ef2cb3a4a98773132e504fe65ab223f104af
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33
X-LiteSpeed-Tag: e55_HTTP.200
Link: <https://extension-maison.org/wp-json/>; rel="https://api.w.org/"
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
fonts.googleapis.com/css?family=Oswald%3A400&display=swap&ver=6.1.1
200 OK 508 B URL HTTP/1.1 fonts.googleapis.com/css?family=Oswald%3A400&display=swap&ver=6.1.1
IP
Hash 0fad5706604122b2d564f96aa8737e34
e5b3356ff94569474daef87acc92e71fe26daa88
4b8b0ecf50c67a23d4b1e60b2c9c2e94599fa254cd9fe87269ed12c5eada451b
GET /css?family=Oswald%3A400&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 02 Dec 2022 06:28:56 GMT
Date: Fri, 02 Dec 2022 06:28:56 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CFrancois+One%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMerriweather%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CDM+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0
200 OK 1.9 kB URL HTTP/1.1 fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CFrancois+One%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMerriweather%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CDM+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0
IP
Hash d7f03b067b6e2beb059102c51d403970
0aa7788c9a26c807daf7d59deed21bbac2cfa184
81d5203066afded4f113e4c9f153d9ac90f4d974fa2e96907637b46df699dbea
GET /css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CFrancois+One%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMerriweather%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CDM+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 02 Dec 2022 06:28:56 GMT
Date: Fri, 02 Dec 2022 06:28:56 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
extension-maison.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
200 OK 14 kB URL HTTP/1.1 extension-maison.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
File type ASCII text, with very long lines (47826)
Hash d4fd76f7a3e80860cd420b038eeb0f19
18fb0ab8f8b6c0a6022cc2edcb3b114095d132ad
060cbdf1e30dc1b930bb2e28c04861ee8ae1758a644e915159b2da479e442e71
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 16 Nov 2022 00:31:18 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-includes/css/classic-themes.min.css?ver=1
200 OK 217 B URL HTTP/1.1 extension-maison.org/wp-includes/css/classic-themes.min.css?ver=1
IP
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: text/css
Content-Length: 217
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:24:21 GMT
Server: o2switch-PowerBoost-v3
Accept-Ranges: bytes
extension-maison.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
200 OK 989 B URL HTTP/1.1 extension-maison.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
Hash 62e66cf83de45e52582b827770d69532
d8e5cc2da4c04ce0fdda5494fad6798717187a54
adf25c11740d3f123b001b7912012564622dac769d1a45322d140b455995b292
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 08:36:47 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zifGHcjzb0Pszm0BygYdog==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5vklR1XTBqCO7y+sFd/muMOfuE8=
extension-maison.org/wp-content/themes/soledad-child/style.css?ver=7.4.0
200 OK 379 B URL HTTP/1.1 extension-maison.org/wp-content/themes/soledad-child/style.css?ver=7.4.0
IP
File type ASCII text, with CRLF line terminators
Hash 733cb4103e731cc307bc784686fe7b2c
fde2cb47bc0dbdeb8d71f04ba4f60f3b9238f955
818aa434a7e8606435b30097d370ff0cc68342d585c379061528dabca2be9441
GET /wp-content/themes/soledad-child/style.css?ver=7.4.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: text/css
Content-Length: 379
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2022 08:35:54 GMT
Server: o2switch-PowerBoost-v3
Accept-Ranges: bytes
extension-maison.org/wp-content/themes/soledad/css/font-awesome.4.7.0.min.css?ver=4.7.0
200 OK 7.3 kB URL HTTP/1.1 extension-maison.org/wp-content/themes/soledad/css/font-awesome.4.7.0.min.css?ver=4.7.0
IP
File type ASCII text, with very long lines (30834), with CRLF line terminators
Hash 20b207cb031b00a52522f96f8612f1fe
6965f6b175cc902ecb275f2e9180ef6a49605872
c947341f0c418a91bf66ec80717ebefdcc08db7f8d282dceb930a897929285d3
GET /wp-content/themes/soledad/css/font-awesome.4.7.0.min.css?ver=4.7.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 08:03:52 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/themes/soledad/css/iconmoon.css?ver=1.0
200 OK 585 B URL HTTP/1.1 extension-maison.org/wp-content/themes/soledad/css/iconmoon.css?ver=1.0
IP
File type ASCII text, with very long lines (2043), with CRLF line terminators
Hash 9b1856101641179f9dd7baafb03b4525
d9f7f2bbeed997b093a5553d609059dd995c16e8
5d7df0de166f755e0cff5d4f23aaf74ef3eb0c77202130e75e6905bcaf751304
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/css/iconmoon.css?ver=1.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 08:03:52 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/themes/soledad/css/weather-icon.css?ver=2.0
200 OK 470 B URL HTTP/1.1 extension-maison.org/wp-content/themes/soledad/css/weather-icon.css?ver=2.0
IP
File type ASCII text, with very long lines (1200), with CRLF line terminators
Hash 2e5d9f80866d2c48a5dee8e9cc8873b2
d653f60ee6ff97ff29eccead23079de45260f6a8
1d036459ad267192750052745a0d4a4cefd274aeae17499feb1a4b4c1307ebce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/css/weather-icon.css?ver=2.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 08:03:52 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/plugins/penci-recipe/css/recipe.css?ver=3.3
200 OK 4.3 kB URL HTTP/1.1 extension-maison.org/wp-content/plugins/penci-recipe/css/recipe.css?ver=3.3
IP
File type ASCII text, with CRLF line terminators
Hash 8647338d580722e06cd0d2830eb47b24
b3a5f9453073ec3102b903ef34c9f57765b841c4
366c3e0837efb6fe1c329e1b9265784d074c34f942d5f3afa7901905ab3e6eba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/penci-recipe/css/recipe.css?ver=3.3 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 07:26:30 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/themes/soledad/style.css?ver=6.1.1
200 OK 108 kB URL HTTP/1.1 extension-maison.org/wp-content/themes/soledad/style.css?ver=6.1.1
IP
File type ASCII text, with very long lines (53496), with CRLF line terminators
Size 108 kB (107939 bytes)
Hash c1ca13b29d93e02884c7beefb58d1358
e8ef01bd9130fe58928fdb36d5516514eee7b68a
a55c32057874ee0bb4ad812a605ad5fd172b369b1a908f6b36c0ad84efeffe7b
GET /wp-content/themes/soledad/style.css?ver=6.1.1 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 08:03:52 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.2 kB URL HTTP/1.1 extension-maison.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
File type ASCII text, with very long lines (11126)
Hash 3d5022a4ea480f2aa809dc9f11c26621
ba8ea36ea2c38ee4df4a4b3f37309ba5e665c432
53bbeb50cf07c9bd0f6fc50cfd7dcfbc58b3f1fecd4d65991b6088392e12db08
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
200 OK 32 kB URL HTTP/1.1 extension-maison.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
File type ASCII text, with very long lines (65447)
Hash a0d49e3144724ffbe53af4f4f3abc397
c83d98d4b781dcf5c0d6e66f9cdb4df81c964846
0d7348a778327ffe284d28b9ab95b1762e924af47578b178a3bcd9148e08bc69
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 02 Nov 2022 12:24:14 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
200 OK 5.3 kB URL HTTP/1.1 extension-maison.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (15660)
Hash 3c9197b3dd4fb22149a944511281d2bc
4f910196aff39731d2a5e226e2e99342f0cd253a
85919ffb4558f59d98bbffc59446e9069b79808427b4730c3ca178f0eab05c30
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 12 Apr 2022 04:56:22 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
200 OK 3.0 kB URL HTTP/1.1 extension-maison.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
File type ASCII text, with very long lines (9937), with no line terminators
Hash 675b8cd34ae696be464104da082e58d3
a8c5f6019dfd11d4a4ebb24be5e2eabec541a656
f1d2c1a5b39159a7aa317e33023470a5a11f838044e259c550848daa1e9b5d80
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 08:36:47 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
200 OK 4.1 kB URL HTTP/1.1 extension-maison.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash fb600e18c6da1af408685764e26fed89
6c1a71d1e1b1fc0c1ca946efdca05e0f3e0ed2b3
309147a64332db60e5f8cc74d35de542ebc550751621589234cd121861d2dae0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 08:36:47 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/plugins/penci-review/js/jquery.easypiechart.min.js?ver=1.0
200 OK 1.7 kB URL HTTP/1.1 extension-maison.org/wp-content/plugins/penci-review/js/jquery.easypiechart.min.js?ver=1.0
IP
File type ASCII text, with very long lines (3765)
Hash 16469a559ec9213073f225c59fe9bddb
97f636b2f4fae7d1e32df30c533857039c3bc06f
23ea827cdae6c44e649636583cef586586eba82397d9e6a00a5b189c86975733
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/penci-review/js/jquery.easypiechart.min.js?ver=1.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 07:26:31 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/plugins/penci-review/js/review.js?ver=1.0
200 OK 789 B URL HTTP/1.1 extension-maison.org/wp-content/plugins/penci-review/js/review.js?ver=1.0
IP
Hash 138f50212db62f22d59f42caa411b85e
e5ca597bcd93b10f897334fd9bd33e69d2c7a574
26b5a9446c18da1563178cd30d379a3b569420d1ab17f8f8282430de8b8482b6
GET /wp-content/plugins/penci-review/js/review.js?ver=1.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Content-Length: 789
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2022 07:26:31 GMT
Server: o2switch-PowerBoost-v3
Accept-Ranges: bytes
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
200 OK 20 kB URL HTTP/1.1 fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20028, version 1.0\012- data
Hash 2bfde17b9a1384ce64af78db1b87a82f
8effd23e482511e249c3f8e91cdc503729b93598
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://extension-maison.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 20028
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 16:44:15 GMT
Expires: Wed, 29 Nov 2023 16:44:15 GMT
Cache-Control: public, max-age=31536000
Age: 222282
Last-Modified: Tue, 26 Apr 2022 16:41:08 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/francoisone/v20/_Xmr-H4zszafZw3A-KPSZut9wQiR.woff2
200 OK 17 kB URL HTTP/1.1 fonts.gstatic.com/s/francoisone/v20/_Xmr-H4zszafZw3A-KPSZut9wQiR.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16912, version 1.0\012- data
Hash 97cf8e8b4b21a5e4e4c70e2833690787
a441973e62e21af338d2a24e89d16d4939ae9611
b0bd96d397412285e6de03d4b9a8168c61b6f6968776382dc0e7c83d269b88dd
GET /s/francoisone/v20/_Xmr-H4zszafZw3A-KPSZut9wQiR.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://extension-maison.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16912
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 14:28:38 GMT
Expires: Wed, 29 Nov 2023 14:28:38 GMT
Cache-Control: public, max-age=31536000
Age: 230419
Last-Modified: Thu, 21 Apr 2022 17:07:35 GMT
Content-Type: font/woff2
extension-maison.org/wp-content/plugins/penci-shortcodes/assets/play.js?ver=5.3
200 OK 415 B URL HTTP/1.1 extension-maison.org/wp-content/plugins/penci-shortcodes/assets/play.js?ver=5.3
IP
Hash 6fc0fceef2d317be0162313814d4bc39
9e9563e1a73e0cee9b7b3d141fc64a1277e680d9
1f85dab3cd1a342bf26134fd9c422cd3bee58230c8c3fbad9b035d2ac02c8175
GET /wp-content/plugins/penci-shortcodes/assets/play.js?ver=5.3 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Content-Length: 415
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2022 07:26:23 GMT
Server: o2switch-PowerBoost-v3
Accept-Ranges: bytes
fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
200 OK 18 kB URL HTTP/1.1 fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18212, version 1.0\012- data
Hash ca72fb4e277e59be50b8850190822581
159b97b22006fe2a483da0a13d33cfb3cc5aa031
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
GET /s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://extension-maison.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 18212
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 21:08:23 GMT
Expires: Wed, 29 Nov 2023 21:08:23 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 21 Apr 2022 16:54:14 GMT
Content-Type: font/woff2
Age: 206434
fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
200 OK 20 kB URL HTTP/1.1 fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19780, version 1.0\012- data
Hash 03717344e4dbb2de44988b281bb7430b
0cd3f7724bd0a5bf2460e1a85e35ccfbd5e85c05
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
GET /s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://extension-maison.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19780
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 14:33:36 GMT
Expires: Wed, 29 Nov 2023 14:33:36 GMT
Cache-Control: public, max-age=31536000
Age: 230121
Last-Modified: Tue, 26 Apr 2022 15:48:58 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
200 OK 20 kB URL HTTP/1.1 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Hash 101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://extension-maison.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 22:22:28 GMT
Expires: Wed, 29 Nov 2023 22:22:28 GMT
Cache-Control: public, max-age=31536000
Age: 201989
Last-Modified: Tue, 26 Apr 2022 15:48:38 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
200 OK 33 kB URL HTTP/1.1 fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data
Hash fda3323314d895ae39de612559f6fad9
644dbb14f599920fdc8f8260b6e67bd1f8770e89
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://extension-maison.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 32900
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 16:45:57 GMT
Expires: Wed, 29 Nov 2023 16:45:57 GMT
Cache-Control: public, max-age=31536000
Age: 222180
Last-Modified: Wed, 27 Apr 2022 15:44:11 GMT
Content-Type: font/woff2
extension-maison.org/wp-content/themes/soledad/js/main.js?ver=7.4.0
200 OK 9.9 kB URL HTTP/1.1 extension-maison.org/wp-content/themes/soledad/js/main.js?ver=7.4.0
IP
File type ASCII text, with CRLF line terminators
Hash 2cc17cd3619576af5fa44195e136dddf
d41cf14de576c3b6b2258c4ed5780677fe9f6216
a1908fe5f27a6a4c3542414215ddfc37b185a397acdb2171a44bc0a3c5691258
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/js/main.js?ver=7.4.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 08:03:52 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/themes/soledad/js/post-like.js?ver=7.4.0
200 OK 465 B URL HTTP/1.1 extension-maison.org/wp-content/themes/soledad/js/post-like.js?ver=7.4.0
IP
File type ASCII text, with CRLF line terminators
Hash 1e222db92b7147cb3f14b4408cabe143
d63567ec5cfeb0862e96471dc4f3b404a0c3057a
c444d9c14ed912766fcaf0325028e2bd6e8d91bd6ffab4de8c3b74bf47822f4d
GET /wp-content/themes/soledad/js/post-like.js?ver=7.4.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 08:03:52 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/themes/soledad/js/libs-script.min.js?ver=7.4.0
200 OK 55 kB URL HTTP/1.1 extension-maison.org/wp-content/themes/soledad/js/libs-script.min.js?ver=7.4.0
IP
File type ASCII text, with very long lines (30277), with CRLF line terminators
Hash 2733b02684905e2a3b8d615f4457cff6
a3ec02cb2966b3decadec51211af9b33bffb9473
537513744772bdb9b652b9e2364604b4f51bfbf9ffe379566a800ba3399dedb0
GET /wp-content/themes/soledad/js/libs-script.min.js?ver=7.4.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 08:03:52 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/plugins/penci-recipe/js/jquery.rateyo.min.js?ver=3.3
200 OK 4.3 kB URL HTTP/1.1 extension-maison.org/wp-content/plugins/penci-recipe/js/jquery.rateyo.min.js?ver=3.3
IP
File type ASCII text, with very long lines (9050)
Hash 308fceab4dd7de4dcd91c77c475338e4
b17a4582fa7f1030dbc8d9755567f5dcc2fdaeb3
c0fc1c82044ae78e1630e48d40445ca7f7b6cdeefa85eb1d92c4f3b506a8c3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/penci-recipe/js/jquery.rateyo.min.js?ver=3.3 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 07:26:30 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/plugins/penci-recipe/js/rating_recipe.js?ver=3.3
200 OK 526 B URL HTTP/1.1 extension-maison.org/wp-content/plugins/penci-recipe/js/rating_recipe.js?ver=3.3
IP
File type ASCII text, with CRLF line terminators
Hash 7a9a129749c12fe9e57be00010150753
374bc717a0c7c0adda67fcccc095eaa2b0690c24
e1997a0f95967dd99dc4454796855c8b72ee9f6070e41032733c76eecf3248d2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/penci-recipe/js/rating_recipe.js?ver=3.3 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 07:26:30 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/plugins/penci-portfolio/js/penci-portfolio.js?ver=1.0
200 OK 442 B URL HTTP/1.1 extension-maison.org/wp-content/plugins/penci-portfolio/js/penci-portfolio.js?ver=1.0
IP
Hash 921347d0ac56398960533c6c44c42b78
a0eb534966242b15acf9e75b9b2af89a0ec29592
8215c310c441f32089404c4b92d8049257c7cf77ae57aac0fc71d2025235d2bd
GET /wp-content/plugins/penci-portfolio/js/penci-portfolio.js?ver=1.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Oct 2022 07:26:29 GMT
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip
extension-maison.org/wp-content/themes/soledad/images/penci-holder.png
200 OK 125 B URL HTTP/1.1 extension-maison.org/wp-content/themes/soledad/images/penci-holder.png
IP
File type PNG image data, 6 x 4, 8-bit colormap, non-interlaced\012- data
Hash 39e5ebeccbad32a5f86755ab32bcb536
28010c803b52aec8f3b68bf5ffef0961996fccac
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
GET /wp-content/themes/soledad/images/penci-holder.png HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: image/png
Content-Length: 125
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2022 08:03:52 GMT
Server: o2switch-PowerBoost-v3
Accept-Ranges: bytes
extension-maison.org/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 extension-maison.org/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://extension-maison.org/wp-content/themes/soledad/css/font-awesome.4.7.0.min.css?ver=4.7.0
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:56 GMT
Content-Type: font/woff2
Content-Length: 77160
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2022 08:03:52 GMT
Server: o2switch-PowerBoost-v3
Accept-Ranges: bytes
extension-maison.org/wp-content/uploads/2022/10/Extension-logo.png
200 OK 24 kB URL HTTP/2 extension-maison.org/wp-content/uploads/2022/10/Extension-logo.png
IP
File type PNG image data, 400 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash 013c298b0bf40a34415fcbb00acfd0fe
d34d0a666a176c68dcfa555278dae3937aab8590
165fe1c7a5c14b682c254f4b071f66c93549809628ddb42f6ccf785368c7a96d
GET /wp-content/uploads/2022/10/Extension-logo.png HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://extension-maison.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:28:56 GMT
content-type: image/png
content-length: 24411
last-modified: Fri, 28 Oct 2022 08:53:53 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
X-Firefox-Spdy: h2
extension-maison.org/wp-content/uploads/2022/11/bache-de-terrasse-585x390.jpg
200 OK 40 kB URL HTTP/2 extension-maison.org/wp-content/uploads/2022/11/bache-de-terrasse-585x390.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 585x390, components 3\012- data
Hash 60aa4cae393f6fd2461b419653cd90d8
53509a32d38c93be53492045e01f4f30a98af30f
b9fe229a80d4dafc92dd10ea16be8663c60e1f49624be1e0ba3506acc7c27ae9
GET /wp-content/uploads/2022/11/bache-de-terrasse-585x390.jpg HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://extension-maison.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:28:56 GMT
content-type: image/jpeg
content-length: 39540
last-modified: Fri, 25 Nov 2022 10:32:46 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
X-Firefox-Spdy: h2
extension-maison.org/wp-content/uploads/2022/11/quels-sont-gestes-a-adopter-canalisations-saines-585x390.jpg
200 OK 42 kB URL HTTP/2 extension-maison.org/wp-content/uploads/2022/11/quels-sont-gestes-a-adopter-canalisations-saines-585x390.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Macintosh), datetime=2022:11:22 12:55:57], baseline, precision 8, 585x390, components 3\012- data
Hash 2dfd4e9ce1fcaa024be55b5c209557d7
bccb892fb48bce514756c101fd7ca397bd8620ea
de1a419fcbf312a7133a455087ac542a75dd6f228824a1a223bca733035559a8
GET /wp-content/uploads/2022/11/quels-sont-gestes-a-adopter-canalisations-saines-585x390.jpg HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://extension-maison.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:28:56 GMT
content-type: image/jpeg
content-length: 41706
last-modified: Wed, 23 Nov 2022 00:24:42 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
X-Firefox-Spdy: h2
extension-maison.org/wp-content/uploads/2022/11/Image1.jpg
200 OK 63 kB URL HTTP/2 extension-maison.org/wp-content/uploads/2022/11/Image1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 451x301, components 3\012- data
Hash 4a627fc3ebbdea8141dc85f4b457acc3
1fb17577a0c2f226b07109f3d4949bbe9db9b822
0a5274b946b35ce4ec7c4d72b9a701b49be0536825a346b6d19c056c6a216352
GET /wp-content/uploads/2022/11/Image1.jpg HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://extension-maison.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:28:56 GMT
content-type: image/jpeg
content-length: 62717
last-modified: Sat, 12 Nov 2022 13:27:09 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
X-Firefox-Spdy: h2
extension-maison.org/wp-content/uploads/2022/10/revetement-du-sol-585x390.jpg
200 OK 33 kB URL HTTP/2 extension-maison.org/wp-content/uploads/2022/10/revetement-du-sol-585x390.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", baseline, precision 8, 585x390, components 3\012- data
Hash 1d33912a2b545ccd6cfa06e124aaa39b
00ebefa9a4caad1857f6df657d4d0ac5de1954fc
f90686707392a438c218f8252ea70197b8b59cdd90328594f4350560a1c27ea7
GET /wp-content/uploads/2022/10/revetement-du-sol-585x390.jpg HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://extension-maison.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:28:56 GMT
content-type: image/jpeg
content-length: 32816
last-modified: Fri, 28 Oct 2022 08:59:31 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
X-Firefox-Spdy: h2
extension-maison.org/wp-content/uploads/2022/11/quels-sont-gestes-a-adopter-canalisations-saines-780x516.jpg
200 OK 60 kB URL HTTP/2 extension-maison.org/wp-content/uploads/2022/11/quels-sont-gestes-a-adopter-canalisations-saines-780x516.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Macintosh), datetime=2022:11:22 12:55:57], baseline, precision 8, 780x516, components 3\012- data
Hash 1c88331d99a5257722a1fea193216594
bedb8a9ac5eac63eb7dbfffcf0e56ee45adc0a79
6a8461fb51f1676f8fb5778ffa4b12a851cb336973d11b7caa09c48084b7263d
GET /wp-content/uploads/2022/11/quels-sont-gestes-a-adopter-canalisations-saines-780x516.jpg HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://extension-maison.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:28:57 GMT
content-type: image/jpeg
content-length: 59627
last-modified: Wed, 23 Nov 2022 00:24:42 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
X-Firefox-Spdy: h2
extension-maison.org/favicon.ico
302 Found 0 B URL HTTP/1.1 extension-maison.org/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://extension-maison.org/
HTTP/1.1 302 Found
Date: Fri, 02 Dec 2022 06:28:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/7.4.33
Link: <https://extension-maison.org/wp-json/>; rel="https://api.w.org/"
X-LiteSpeed-Tag: e55_HTTP.200,e55_HTTP.302
X-Redirect-By: WordPress
Location: http://extension-maison.org/wp-includes/images/w-logo-blue-white-bg.png
Server: o2switch-PowerBoost-v3
extension-maison.org/wp-includes/images/w-logo-blue-white-bg.png
200 OK 4.1 kB URL HTTP/1.1 extension-maison.org/wp-includes/images/w-logo-blue-white-bg.png
IP
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: extension-maison.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://extension-maison.org/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:28:57 GMT
Content-Type: image/png
Content-Length: 4119
Connection: keep-alive
Last-Modified: Tue, 16 Nov 2021 00:04:00 GMT
Server: o2switch-PowerBoost-v3
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9366
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9366
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9366
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9366
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9366
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:28:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 31262
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bBj-TXtavCuORZ9qBoZeVj-GXeRljAeW-98HY7lTk5_VRSKF4_07VQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 04:22:38 GMT
age: 7580
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:19:21 GMT
age: 83377
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 31207
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 83596
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 32051
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0fc684e61682c4078a82ee3d901ae52
ea65ad98933ec58afa3fa5c7642491d77db7e6c2
5e953012dba2b85cfda5befe2448ab87fbc2432a071e11a33b44be4f5148a4a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6752
x-amzn-requestid: f398ce98-353e-4783-aa42-dbf1ad036ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepE6roAMF4zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0753d209291e197e7c6422a6;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JZAFwGz7kAWplsA1qeraQTjirrZb29JTnUPii5BcPg5tzxcBLtt0WA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:24:25 GMT
etag: "ea65ad98933ec58afa3fa5c7642491d77db7e6c2"
content-type: image/jpeg
age: 29079
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
109.234.160.82
34.102.187.140
93.184.220.29
23.36.77.32