alliance-habitat.com/
46.105.72.39301 Moved Permanently 237 B IP 46.105.72.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0f2827f4c77253c97d686f6a7e6df4f5
eed7e2bcea2de4b72c704bec9df4999d56de2ab5
5d886b7f2df829bd6ee18f8d2b630b79eeaced9fe3c904d89026c993ce508643
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 14:43:29 GMT
Server: Apache
Location: https://alliance-habitat.com/
Cache-Control: max-age=0
Expires: Fri, 18 Nov 2022 14:43:29 GMT
Content-Length: 237
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 30c30d01178fc74ac5266ee64c3ee85b
c0c2af8a864c00aa85a8775d55f85ab107150a3b
c15644f69fbfeb99074c7e9711dfc9452ee164fa78eb981b6bae4fb7e3585f2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5665
Expires: Fri, 18 Nov 2022 16:17:54 GMT
Date: Fri, 18 Nov 2022 14:43:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6311
Expires: Fri, 18 Nov 2022 16:28:40 GMT
Date: Fri, 18 Nov 2022 14:43:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5749
Cache-Control: max-age=163407
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:29 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 12:06:56 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0UapGbt9+UIZHIHGek4txo75P6B2Hl4VaZH337SDf/Mkr2+fVyHM0Rre64y0WxQ3Wk6DbWNXMGI=
x-amz-request-id: 9492T95ZRS5G70E6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 13:52:56 GMT
age: 3033
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 13:44:48 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3521
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 14:43:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0338dedc2868325c98ef2ba650b6eb67
3f5e69ca35a3cdb7136f1183951bf8ca2b3e3bb8
d60d44b0a4e28fdea67b1e247558d205a2ef1c8e7d44cf4c2ba90541dea4a3d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D60D44B0A4E28FDEA67B1E247558D205A2EF1C8E7D44CF4C2BA90541DEA4A3D8"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2573
Expires: Fri, 18 Nov 2022 15:26:22 GMT
Date: Fri, 18 Nov 2022 14:43:29 GMT
Connection: keep-alive
alliance-habitat.com/
46.105.72.39301 Moved Permanently 241 B IP 46.105.72.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 399fbb606c9a24593f6ad2d8521a2dd2
82c783c35c52688fcd56c304826e855a6c1960f0
d0cdb725087128806028979912d324dfc9f4ab01b687689e8b794f4c317063e1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 14:43:29 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Location: https://www.alliance-habitat.com/
Cache-Control: max-age=0
Expires: Fri, 18 Nov 2022 14:43:29 GMT
Content-Length: 241
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 13:44:49 GMT
cache-control: public,max-age=3600
age: 3521
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.alliance-habitat.com/
46.105.72.39200 OK 13 kB URL HTTP/1.1 www.alliance-habitat.com/
IP 46.105.72.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1871), with CRLF, LF line terminators
Hash e4fde049aab4c1c6f2a5c5b1c6e728e3
c6fd737aebc0d6373d966e23c583e4dd658ae6fa
0b2ae767b1b6a30eab39f41d9ae4b1af9e6b132d3961ae1c2d9d7c17fba0a077
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Set-Cookie: sitename_newvisitor=1; expires=Sun, 26-Feb-2023 14:43:30 GMT; Max-Age=8640000; path=/
Link: <https://www.alliance-habitat.com/wp-json/>; rel="https://api.w.org/", <https://www.alliance-habitat.com/>; rel=shortlink
Content-Encoding: gzip
Cache-Control: max-age=0
Expires: Fri, 18 Nov 2022 14:43:30 GMT
Content-Length: 13028
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe40cc6ea871d80382b6082111393fbe
281f75d0a35dc8ef908bb0500e57abd86bd5388e
6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6554
Cache-Control: max-age=159160
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 10:56:10 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.alliance-habitat.com/wp-content/themes/AHCOM2014/style.css?V=201902271154
46.105.72.39200 OK 34 kB URL HTTP/1.1 www.alliance-habitat.com/wp-content/themes/AHCOM2014/style.css?V=201902271154
IP 46.105.72.39:0
File type Unicode text, UTF-8 text, with very long lines (22698)
Hash b35a8d0f7787a62d62310b5bde38e1b6
a0047dc0098478958dc7464b266c31cb825198d3
f3754723b7854f815a5806b9adc2f6907dfc0aa2e5f160b01b7d9b08dd5166eb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/AHCOM2014/style.css?V=201902271154 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Wed, 16 Feb 2022 10:38:16 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 34233
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.alliance-habitat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
46.105.72.39200 OK 4.0 kB URL HTTP/1.1 www.alliance-habitat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 46.105.72.39:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Thu, 30 Jun 2016 07:35:50 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 4014
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
www.alliance-habitat.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.8
46.105.72.39200 OK 677 B URL HTTP/1.1 www.alliance-habitat.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.8
IP 46.105.72.39:0
Hash c1f1a2aca368f9723097af32fd3154bb
15ef2cab00f14ea55fc42dd3856cdb00d12c0ed9
16bfe915f55f4ca3e8fa2427bda53179f77e44b7ed3640c6ce34ad970d25a6e9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.8 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 15 May 2020 11:38:41 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 677
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d3ba0eba720a8e5904bee6e804873c24
df1f9c79e39f777ab12225af0af60b9f26af6485
76500b32cbac4ad40e3f42c7dfd46832f3854ba88c3a6d5a9d2b5633e8e1f27b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eaa6a3200eda9bf5788df6d9eb04d84c
12efbb66692df6d76c1103b152808d751c0e49f1
6d815027ae40ea2603c0ed5adac0821cd5526f11c2eeb0ada5294b6f2ec3492d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.alliance-habitat.com/wp-content/themes/AHCOM2014/single-post.css?ver=1668782610
46.105.72.39200 OK 569 B URL HTTP/1.1 www.alliance-habitat.com/wp-content/themes/AHCOM2014/single-post.css?ver=1668782610
IP 46.105.72.39:0
Hash df6df94c24b8966d46901ac57176354d
2b008e477e801b3c587e72d62c4a785656db3ccb
1b42afa69c247fb0af75d346e1419ae8f2e75526a7c65688c567fbb1d14c26f1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/AHCOM2014/single-post.css?ver=1668782610 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Wed, 13 Oct 2021 08:39:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 569
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9acc65b9d94c3ccd929e673e579dee24
4b94f4bcffcda4eb86a35a7bc5e6309863e874c4
14f549ad9b6c742eaf7eb74de637560d107a8546ed2a8486909e070c85936e45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1753
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Last-Modified: Fri, 18 Nov 2022 14:14:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9acc65b9d94c3ccd929e673e579dee24
4b94f4bcffcda4eb86a35a7bc5e6309863e874c4
14f549ad9b6c742eaf7eb74de637560d107a8546ed2a8486909e070c85936e45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1753
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Last-Modified: Fri, 18 Nov 2022 14:14:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
www.alliance-habitat.com/wp-content/uploads/custom-css-js/17401.js?v=3619
46.105.72.39200 OK 276 B URL HTTP/1.1 www.alliance-habitat.com/wp-content/uploads/custom-css-js/17401.js?v=3619
IP 46.105.72.39:0
File type ASCII text, with CRLF, LF line terminators
Hash 7629869bc893180e88761b01e2316177
a02548890044ff73125431e23c1015e1824da15e
790193a9baee20c15c6a9d9cb0c7bc2c4b2d1a2f7239a40c6953cebd309e20b3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/custom-css-js/17401.js?v=3619 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Wed, 09 Feb 2022 09:18:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 276
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
www.alliance-habitat.com/wp-includes/js/comment-reply.min.js?ver=5.2.3
46.105.72.39200 OK 1.1 kB URL HTTP/1.1 www.alliance-habitat.com/wp-includes/js/comment-reply.min.js?ver=5.2.3
IP 46.105.72.39:0
File type ASCII text, with very long lines (2234), with no line terminators
Hash 7eaaf86a282a83ab094b99c911a037e3
b371d6690d9d23c1dab42a25b89fb3e0725cd19b
549a4fb84c087201833a03d6d2a7fcfff995e7cd3beb0b331d0601932e285394
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/comment-reply.min.js?ver=5.2.3 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Tue, 26 Mar 2019 13:51:53 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 1093
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9acc65b9d94c3ccd929e673e579dee24
4b94f4bcffcda4eb86a35a7bc5e6309863e874c4
14f549ad9b6c742eaf7eb74de637560d107a8546ed2a8486909e070c85936e45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1753
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Last-Modified: Fri, 18 Nov 2022 14:14:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
www.alliance-habitat.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.8
46.105.72.39200 OK 4.0 kB URL HTTP/1.1 www.alliance-habitat.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.8
IP 46.105.72.39:0
Hash 561d6d92f608ab9ae8e9d8adad9e599a
e0055fa0349f01bf19af9668659c767f403e2105
d976e6feea5f4e9795281131179d938082ccc182331670b3eb5a3078adec6339
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.8 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 15 May 2020 11:38:41 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 4039
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
www.alliance-habitat.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.3
46.105.72.39200 OK 4.8 kB URL HTTP/1.1 www.alliance-habitat.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.3
IP 46.105.72.39:0
File type ASCII text, with very long lines (29295), with no line terminators
Hash c98102a34a13aeced6a1f63308940690
d070d292bbc359bf9b3c8754dbc05e8cbbb715ec
82ca143e1a51b275518ef53c4029ff8a3e194e4eb0d2e7dcece0df336071bfa6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.2.3 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Sat, 01 Jun 2019 09:07:52 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 4767
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.alliance-habitat.com/wp-includes/js/wp-embed.min.js?ver=5.2.3
46.105.72.39200 OK 753 B URL HTTP/1.1 www.alliance-habitat.com/wp-includes/js/wp-embed.min.js?ver=5.2.3
IP 46.105.72.39:0
File type ASCII text, with very long lines (1403), with no line terminators
Hash 8151177dccb399a75164172bb63b0491
0a2a5bf7eaa29bb8690a657bbc982360802ab41b
71d58666e959b9ea4a90f83fa5926fced7f92c084a098ee23ec450054b7292a8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=5.2.3 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 28 Dec 2018 17:09:37 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 753
Keep-Alive: timeout=15, max=96
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
www.google.com/recaptcha/api.js
142.250.74.164200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 943813f35a1dbbd894b0d7374f237a45
c0792c161486e285df11f930aab2cea60f0ba0bc
980e6e154794480b95f8c394ef9f38cde239e4bcee366e3b12fb693318f3dd1e
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 18 Nov 2022 14:43:30 GMT
date: Fri, 18 Nov 2022 14:43:30 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.alliance-habitat.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.3
46.105.72.39200 OK 5.7 kB URL HTTP/1.1 www.alliance-habitat.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.3
IP 46.105.72.39:0
File type ASCII text, with very long lines (19781), with no line terminators
Hash 71d4a975deba5e39fd33961e72ca819b
42a59c27b10a93488444d23b36c3907341ff0c52
6740f99dcf4d84c7867b015dd5238c7feeb02ff64dc12619e61f7adeecbc5fb0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.3 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Sat, 09 Dec 2017 09:42:45 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 5712
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 616a0b403a6fec13eb65170c0100913a
0193ea947a750d1e2c3ef9c73bfd5133fc7163f5
358e8696112749ccc96a6e4c868c11aaadc18ac292240adcba3f66a7a57ead6e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.alliance-habitat.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
46.105.72.39200 OK 34 kB URL HTTP/1.1 www.alliance-habitat.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 46.105.72.39:0
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Sat, 01 Jun 2019 09:07:53 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 33776
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
pagead2.googlesyndication.com/pagead/show_ads.js
172.217.21.162200 OK 34 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/show_ads.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (3577)
Hash f828d85adeef4642b419c8514b43905d
a204c1a936195ae970ecde388702959905105228
997e86fd9a373563006170714d6c35e9de016dd37e2a129695b0dbc529dd4df0
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 18 Nov 2022 14:43:30 GMT
expires: Fri, 18 Nov 2022 14:43:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7005633298165931535
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 34254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9acc65b9d94c3ccd929e673e579dee24
4b94f4bcffcda4eb86a35a7bc5e6309863e874c4
14f549ad9b6c742eaf7eb74de637560d107a8546ed2a8486909e070c85936e45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1753
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Last-Modified: Fri, 18 Nov 2022 14:14:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
www.google.fr/coop/cse/brand?form=cse-search-box&lang=fr
216.58.207.195301 Moved Permanently 237 B URL HTTP/2 www.google.fr/coop/cse/brand?form=cse-search-box&lang=fr
IP 216.58.207.195:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bda0dec939809d66ff8388fe5c716412
d768e1edcca0d64e15c1a26978d19c8fdfbd4e4f
334f05a39cdb64bac9f876dd2a2011649d08d578f6d751460c91ca294f3304cd
GET /coop/cse/brand?form=cse-search-box&lang=fr HTTP/1.1
Host: www.google.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.gstatic.com/prose/brandjs.js
x-content-type-options: nosniff
server: sffe
content-length: 237
x-xss-protection: 0
date: Fri, 18 Nov 2022 14:17:31 GMT
expires: Fri, 18 Nov 2022 14:47:31 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LdgZX0UAAAAAPjRJPwRtDfFn3JK5xmQFa-ZX4uZ&ver=3.0
142.250.74.164400 Bad Request 119 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdgZX0UAAAAAPjRJPwRtDfFn3JK5xmQFa-ZX4uZ&ver=3.0
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 96612d2b1b529ecfcf09798c3eb100bf
4f32d5d3ccf4d44ae71309dfa8d6f9d396614a27
7c58bfa17d0c600b7455e6bfb3d8371fbf93da20a7a53ed1efad37d692f1cba0
GET /recaptcha/api.js?render=6LdgZX0UAAAAAPjRJPwRtDfFn3JK5xmQFa-ZX4uZ&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 18 Nov 2022 14:43:30 GMT
expires: Fri, 18 Nov 2022 14:43:30 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 119
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.alliance-habitat.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.3
46.105.72.39200 OK 45 kB URL HTTP/1.1 www.alliance-habitat.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.3
IP 46.105.72.39:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c3a725037e6cec2d60c880fff3474748
5a82ae171ebe3d043714c5f7823872dce9a2db58
0c5b2f5b15c04783a78a198be3c12656e9618dd24d4e7648acba67c8196073b3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.3 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Sat, 09 Dec 2017 09:42:23 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 44903
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.googletagmanager.com/gtm.js?id=GTM-KWNV8WD
142.250.74.168200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KWNV8WD
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash cb2a773871ce1e23781b078865ba61db
8bf9d08d3855c9ec7dc3d140662d0997702b93b9
c40b08ea2e149e5fd48d75449cdc097f200e9f155b6dd9686b097900d1bf0b64
GET /gtm.js?id=GTM-KWNV8WD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 14:43:30 GMT
expires: Fri, 18 Nov 2022 14:43:30 GMT
cache-control: private, max-age=900
last-modified: Fri, 18 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 49897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c15be7bf1c6987951ddd348d6f6b4db1
9faac1fb81abc8fce6d4ae81777c76b8bc11e9b0
7f1d01e3fc0b69e331fd30326ea8fd9b1e3e06a0a93ae4768e7addd03a121025
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZkpyX5GM8qJYjzdDyrQMAg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MFfYExnD2u+8KzEgJemH8XZINH0=
www.alliance-habitat.com/loyermanager/boite-150.png
46.105.72.39200 OK 45 kB URL HTTP/1.1 www.alliance-habitat.com/loyermanager/boite-150.png
IP 46.105.72.39:0
File type PNG image data, 150 x 208, 8-bit/color RGBA, non-interlaced\012- data
Hash 43cdadd7e3e18e7865214cebac2d8871
1c6e918c2c94883c9996f5e3c0fe61864f62c23d
388e527eacdedc6f62f0b3d679d1e2be1f0973150138c74b0e22df3f3d74f470
Analyzer Verdict Alert quad9 Sinkholed
GET /loyermanager/boite-150.png HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding
Last-Modified: Tue, 18 Mar 2014 13:29:18 GMT
Accept-Ranges: bytes
Content-Length: 45369
Cache-Control: max-age=2592000, public
Expires: Sun, 18 Dec 2022 14:43:30 GMT
Keep-Alive: timeout=15, max=95
Connection: Keep-Alive
Content-Type: image/png
www.alliance-habitat.com/wp-content/uploads/2017/03/mobile_nav.png
46.105.72.39200 OK 341 B URL HTTP/1.1 www.alliance-habitat.com/wp-content/uploads/2017/03/mobile_nav.png
IP 46.105.72.39:0
File type PNG image data, 1000 x 1000, 1-bit colormap, non-interlaced\012- data
Hash 016c3220bdfee35002cbe0f647db8a3a
b5986662bda2450c31c595f36384fa9dfc7202e4
ec28d269a54f70a154e872c04aeaa184e00238f58d2d2d1a46a1810cbd99c60f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/03/mobile_nav.png HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding
Last-Modified: Fri, 24 Mar 2017 10:15:43 GMT
Accept-Ranges: bytes
Content-Length: 341
Cache-Control: max-age=2592000, public
Expires: Sun, 18 Dec 2022 14:43:30 GMT
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eaa6a3200eda9bf5788df6d9eb04d84c
12efbb66692df6d76c1103b152808d751c0e49f1
6d815027ae40ea2603c0ed5adac0821cd5526f11c2eeb0ada5294b6f2ec3492d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.alliance-habitat.com/wp-content/uploads/2017/03/mob_search.png
46.105.72.39200 OK 7.1 kB URL HTTP/1.1 www.alliance-habitat.com/wp-content/uploads/2017/03/mob_search.png
IP 46.105.72.39:0
File type PNG image data, 2000 x 2000, 1-bit colormap, non-interlaced\012- data
Hash 2ee72f9c46f36b02c8eb8160e701b05e
362458c7ed0ba40ce683a8caa366954d99750dfa
37110f6f3096234113a0da15e806cfa35d41416f7811317bb4fdcb018e810aee
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/03/mob_search.png HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding
Last-Modified: Fri, 24 Mar 2017 10:15:48 GMT
Accept-Ranges: bytes
Content-Length: 7055
Cache-Control: max-age=2592000, public
Expires: Sun, 18 Dec 2022 14:43:30 GMT
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6393e4597548d670980201807680ac53
4dce559bf071aa00823c8df62ac090d7662b2d2b
90fb63f4c79bcc793c7d30e4555fe9edeae081ec73cab467ab84172efd279030
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1226
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Last-Modified: Fri, 18 Nov 2022 14:23:04 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
www.alliance-habitat.com/a_propos_AH.png
46.105.72.39200 OK 5.8 kB URL HTTP/1.1 www.alliance-habitat.com/a_propos_AH.png
IP 46.105.72.39:0
File type PNG image data, 626 x 626, 8-bit/color RGB, non-interlaced\012- data
Hash 379a4b666459f16f979d85281222dd2a
44dfc0fc19f4cbeb98bfafce39a224fce93edc69
b259fa12b3e2e321d0d0f3e00406ae3515df9696b7b36a63dcb17da4efccb4d4
Analyzer Verdict Alert quad9 Sinkholed
GET /a_propos_AH.png HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding
Last-Modified: Mon, 04 Apr 2016 12:59:19 GMT
Accept-Ranges: bytes
Content-Length: 5836
Cache-Control: max-age=2592000, public
Expires: Sun, 18 Dec 2022 14:43:30 GMT
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 616a0b403a6fec13eb65170c0100913a
0193ea947a750d1e2c3ef9c73bfd5133fc7163f5
358e8696112749ccc96a6e4c868c11aaadc18ac292240adcba3f66a7a57ead6e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/prose/brandjs.js
142.250.74.163200 OK 5.8 kB URL HTTP/2 www.gstatic.com/prose/brandjs.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (1352)
Hash 10aa07ab4f7de5535f4cafe167ca4fa7
6c804574a29f9d8a77ed2823a7879e56dbc42c22
d111484a9bceee10b129b20ebd4ead4639b5d7dd78117522249195fb84db3cf0
GET /prose/brandjs.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.alliance-habitat.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 5807
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 14:15:07 GMT
expires: Sat, 19 Nov 2022 14:15:07 GMT
cache-control: public, max-age=86400
age: 1703
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.alliance-habitat.com/images/sprites/sprite_AH.png
46.105.72.39200 OK 14 kB URL HTTP/1.1 www.alliance-habitat.com/images/sprites/sprite_AH.png
IP 46.105.72.39:0
File type PNG image data, 227 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 1cf106e3c76204f422f865934061035b
7d1ce0ff5b61136e36776d4dbfa1f2eaa371f2a7
9cffb5edd77aba88266fbf52af25ce6b559c28e819bc854225cf6356072872c2
Analyzer Verdict Alert quad9 Sinkholed
GET /images/sprites/sprite_AH.png HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/wp-content/themes/AHCOM2014/style.css?V=201902271154
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding
Last-Modified: Mon, 15 May 2017 08:41:54 GMT
Accept-Ranges: bytes
Content-Length: 14089
Cache-Control: max-age=2592000, public
Expires: Sun, 18 Dec 2022 14:43:30 GMT
Keep-Alive: timeout=15, max=94
Connection: Keep-Alive
Content-Type: image/png
www.alliance-habitat.com/wp-content/themes/fonts/glyphicons-halflings-regular.woff2
46.105.72.39200 OK 18 kB URL HTTP/1.1 www.alliance-habitat.com/wp-content/themes/fonts/glyphicons-halflings-regular.woff2
IP 46.105.72.39:0
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.alliance-habitat.com/wp-content/themes/AHCOM2014/style.css?V=201902271154
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Last-Modified: Thu, 11 Jun 2020 10:30:40 GMT
Accept-Ranges: bytes
Content-Length: 18028
Cache-Control: max-age=2592000
Expires: Sun, 18 Dec 2022 14:43:30 GMT
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.alliance-habitat.com/includes/CTA/diag-300_v2.php
46.105.72.39200 OK 3.2 kB URL HTTP/1.1 www.alliance-habitat.com/includes/CTA/diag-300_v2.php
IP 46.105.72.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash dcdc7edadf8ae197f897b5910ab3d5e1
74397ed7627982ce90323fcecc71380ffef4e8b1
8d9482af182381b897777990076fd2783e39786ffb133cce8a5e58cac4f1c2e9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /includes/CTA/diag-300_v2.php HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=0
Expires: Fri, 18 Nov 2022 14:43:30 GMT
Content-Length: 3209
Keep-Alive: timeout=15, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.alliance-habitat.com/diagnostic_immobilier/style_form3_v2.css
46.105.72.39200 OK 1.1 kB URL HTTP/1.1 www.alliance-habitat.com/diagnostic_immobilier/style_form3_v2.css
IP 46.105.72.39:0
Hash 3710cc2a471b4cd47c7e87b4e8602fc5
e25e58ea4beecae5721491418b44d2d66717aee9
e7b60ca736da425a545d149b0c92c843bda160947d37beba825404ebb17d19e6
Analyzer Verdict Alert quad9 Sinkholed
GET /diagnostic_immobilier/style_form3_v2.css HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/includes/CTA/diag-300_v2.php
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Last-Modified: Fri, 22 Feb 2019 16:26:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 1141
Keep-Alive: timeout=15, max=92
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.alliance-habitat.com/wp-content/uploads/2018/12/ashtray-book-condo-298842.jpg
46.105.72.39200 OK 326 kB URL HTTP/1.1 www.alliance-habitat.com/wp-content/uploads/2018/12/ashtray-book-condo-298842.jpg
IP 46.105.72.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2000x1333, components 3\012- data
Size 326 kB (325902 bytes)
Hash 785f48e4c48f8e9c55ecd389915de9bf
16ce02a389db1cfaf8ca8c77120646dcfb04a223
8021dcc05c64fdc5f01bad750b6ab281d018d3233d6b08d9c52d4ea5935ec1e7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2018/12/ashtray-book-condo-298842.jpg HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/wp-content/themes/AHCOM2014/style.css?V=201902271154
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding
Last-Modified: Sat, 08 Dec 2018 10:49:49 GMT
Accept-Ranges: bytes
Content-Length: 325902
Cache-Control: max-age=2592000, public
Expires: Sun, 18 Dec 2022 14:43:30 GMT
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.alliance-habitat.com/_bins/_FormToWizard/formToWizard-DIAG.js
46.105.72.39200 OK 1.1 kB URL HTTP/1.1 www.alliance-habitat.com/_bins/_FormToWizard/formToWizard-DIAG.js
IP 46.105.72.39:0
File type HTML document, ASCII text
Hash 434d289068dc3b27e00414843f7fdff5
428620d9fac3a5fbbe58a81276cd9d7883ae70d0
1ada1f744b631e282e49f8bdc645ea52b8e8478ae03c8ee44017181acb43e932
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /_bins/_FormToWizard/formToWizard-DIAG.js HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/includes/CTA/diag-300_v2.php
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Sat, 28 Oct 2017 07:47:49 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=31536000, public
Expires: Sat, 18 Nov 2023 14:43:30 GMT
Content-Length: 1081
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 61adc3498d869b6bf5d19f1499109962
77bd05da84d748bd9052aa9816675feac97ec1d8
4630295bbaedfcf523e18c7d85603363ed32cec7393d68176b45f350eca38e33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.alliance-habitat.com/valid.png
46.105.72.39200 OK 3.3 kB URL HTTP/1.1 www.alliance-habitat.com/valid.png
IP 46.105.72.39:0
File type PNG image data, 156 x 145, 8-bit/color RGBA, non-interlaced\012- data
Hash 578bf33cec124f1098b7b9f7da686a46
aca63ddf66f10e8f763fa5ef75eab23841252520
b659eee23427139886008579b521874f3c4d197cea4bd9e3300af71f531b496c
Analyzer Verdict Alert quad9 Sinkholed
GET /valid.png HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/includes/CTA/diag-300_v2.php
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding
Last-Modified: Mon, 04 Apr 2016 12:59:50 GMT
Accept-Ranges: bytes
Content-Length: 3324
Cache-Control: max-age=2592000, public
Expires: Sun, 18 Dec 2022 14:43:30 GMT
Keep-Alive: timeout=15, max=96
Connection: Keep-Alive
Content-Type: image/png
www.alliance-habitat.com/diagnostic_immobilier/diagnostic-immobilier80.png
46.105.72.39200 OK 6.4 kB URL HTTP/1.1 www.alliance-habitat.com/diagnostic_immobilier/diagnostic-immobilier80.png
IP 46.105.72.39:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 86e775d3e024e6b68e3735cb65156495
0ef1bc3308d76602a2d9f8e0103f6cb962b4fd40
b1d0ba8bdd21922397e64c518038b604b4a6b2b0257152a0efd7549ecf7a4363
Analyzer Verdict Alert quad9 Sinkholed
GET /diagnostic_immobilier/diagnostic-immobilier80.png HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/includes/CTA/diag-300_v2.php
Cookie: sitename_newvisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:30 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Last-Modified: Wed, 20 Feb 2013 12:44:47 GMT
Accept-Ranges: bytes
Content-Length: 6427
Cache-Control: max-age=2592000, public
Expires: Sun, 18 Dec 2022 14:43:30 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/png
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.42200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 21:00:17 GMT
expires: Tue, 14 Nov 2023 21:00:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 322993
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 61adc3498d869b6bf5d19f1499109962
77bd05da84d748bd9052aa9816675feac97ec1d8
4630295bbaedfcf523e18c7d85603363ed32cec7393d68176b45f350eca38e33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sibautomation.com/sa.js?key=dv3xlxzds2hi7qe12ix8c
172.64.153.111204 No Content 0 B URL HTTP/2 sibautomation.com/sa.js?key=dv3xlxzds2hi7qe12ix8c
IP 172.64.153.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sa.js?key=dv3xlxzds2hi7qe12ix8c HTTP/1.1
Host: sibautomation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 18 Nov 2022 14:43:30 GMT
x-powered-by: Sails <sailsjs.com>
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
expires: Fri, 18 Nov 2022 14:44:30 GMT
cache-control: public, max-age=60
server-timing: cf-q-config;dur=7.9999954323284e-06
vary: Accept-Encoding
access-control-allow-origin: *
x-sib-server: SENDINBLUE-web2-2
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 76c17a947f4ab521-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash d2eec982a7d39f7f47c96cae7215a3f2
6d8f0f1d6f61126ee119f98c882b93d58fc7b49f
c39110b073bd4e9d22b4b521f0ce95201a33f6b9344648b7d060bc25c84ab059
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155338
Date: Fri, 18 Nov 2022 14:43:30 GMT
Etag: "63774855-1d7"
Expires: Sun, 20 Nov 2022 09:52:28 GMT
Last-Modified: Fri, 18 Nov 2022 08:54:45 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PP0Edfy1j2aJzZGSh6BetQlU-sQZVBX9PA3wPFRpPDTugeCnUU30Pg==
Age: 3463
stats.g.doubleclick.net/dc.js
142.251.1.157200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP 142.251.1.157:0
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Fri, 18 Nov 2022 14:20:06 GMT
expires: Fri, 18 Nov 2022 16:20:06 GMT
cache-control: public, max-age=7200
age: 1405
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.alliance-habitat.com/favicon.ico
46.105.72.39200 OK 763 B URL HTTP/1.1 www.alliance-habitat.com/favicon.ico
IP 46.105.72.39:0
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash 7e996556eacc7478b5f11d78e9b00636
ac140f177fa95374c449066ccb713046d87f8749
e1044715cbdb12abba608fd8cdf97e5a0098b0736d297c660bb055de1e1a73cf
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.alliance-habitat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Cookie: sitename_newvisitor=1; _ga_00DNYH8Y68=GS1.1.1668782609.1.0.1668782609.0.0.0; _ga=GA1.1.1913377530.1668782609; __utma=86021064.1913377530.1668782609.1668782609.1668782609.1; __utmb=86021064.1.10.1668782609; __utmc=86021064; __utmz=86021064.1668782609.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:31 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 04 Apr 2016 12:59:36 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sun, 18 Dec 2022 14:43:31 GMT
Content-Encoding: gzip
Content-Length: 763
Keep-Alive: timeout=15, max=91
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css
104.18.10.207200 OK 5.3 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (19798)
Hash 5ad1855b953710783dc3915c5d60f2d2
094f7c35d341de5203544c7d05661c3928b4dcff
b7137a1297e7f24bb84e0e411e1a61fbae9765b01a426d49a5d660770909b3a3
GET /bootstrap/3.3.4/css/bootstrap-theme.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 14:43:30 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 2021-04-22 14:39:21
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: c49ad72b271e6cc2b1e94c5f76ed40b4
cdn-cache: HIT
cf-cache-status: HIT
age: 16892300
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76c17a938e90b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 18 Nov 2022 14:41:09 GMT
expires: Fri, 18 Nov 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 142
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 5d0b64704b2b70142a7439cd65a5e61b
652721f4a7125f9fd9a8e0674bf4d9be64eb804d
6c5cb995f98a9748327c9d175d089ff49a81863aba57384e715d0ff3cbdc9157
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87943
Date: Fri, 18 Nov 2022 14:43:31 GMT
Etag: "6376471c-1d7"
Expires: Sat, 19 Nov 2022 15:09:14 GMT
Last-Modified: Thu, 17 Nov 2022 14:37:16 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5U-2DTtbE732dFLqpnRtU1jf7Bih0-_Zu1rVbkFkZ0InF4cw2gFCKg==
Age: 1918
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Fri, 18 Nov 2022 06:29:02 GMT
expires: Fri, 02 Dec 2022 06:29:02 GMT
cache-control: public, max-age=1209600
age: 29669
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3aff786b51449bdfd1c167542e42ea75
bb2dd35cc849ab868aab3e31dff6235cfa764633
4e978feb303698a4379a381d021981a6679628f8eac4a8fc1144f81f9aeec21c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1100932-8&cid=1913377530.1668782609&jid=29665410&_v=5.7.2dc&z=1471200205&slf_rd=1&random=2362521144
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1100932-8&cid=1913377530.1668782609&jid=29665410&_v=5.7.2dc&z=1471200205&slf_rd=1&random=2362521144
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1100932-8&cid=1913377530.1668782609&jid=29665410&_v=5.7.2dc&z=1471200205&slf_rd=1&random=2362521144 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.alliance-habitat.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 14:43:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3aff786b51449bdfd1c167542e42ea75
bb2dd35cc849ab868aab3e31dff6235cfa764633
4e978feb303698a4379a381d021981a6679628f8eac4a8fc1144f81f9aeec21c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash fc4e21c9b86a00fc44078efe146c27b4
0b2d18da2f19f879a739943c719303a8aadddbd6
c211b9c8db1f1c163ebe030affc9f6723d51ba3fd72c3a4955fee2a508528b79
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 01:19:56 GMT
Expires: Fri, 25 Nov 2022 01:19:55 GMT
Etag: "0b2d18da2f19f879a739943c719303a8aadddbd6"
Cache-Control: max-age=585889,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76c17a94ee930b06-OSL
egoprod.fr/wp-content/uploads/2018/04/logo_egoprod_Def.png
46.105.72.39200 OK 25 kB URL HTTP/1.1 egoprod.fr/wp-content/uploads/2018/04/logo_egoprod_Def.png
IP 46.105.72.39:0
File type PNG image data, 2230 x 677, 8-bit colormap, non-interlaced\012- data
Hash f0afa8973f5f5fe8b532e18c33381037
a269099affce76da4c36db4a15da508b2441b2c7
7f119e6fce5e1996380dfaed0c559a1a9fe39f874a0053523df35b48fecd2cb2
GET /wp-content/uploads/2018/04/logo_egoprod_Def.png HTTP/1.1
Host: egoprod.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 14:43:31 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Tue, 17 Apr 2018 12:49:33 GMT
Accept-Ranges: bytes
Content-Length: 24715
Cache-Control: max-age=10368000, public
Expires: Sat, 18 Mar 2023 14:43:31 GMT
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/png
client.axept.io/620f5a49ae1f0d280a981240.json?r=0
54.230.111.71200 OK 2.6 kB URL HTTP/2 client.axept.io/620f5a49ae1f0d280a981240.json?r=0
IP 54.230.111.71:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6271), with no line terminators
Hash 567d42e37b1b493ef7bfbb5c830f420d
5148343ca180b31dacab04f9dd60f29128edaa57
b4958d0e5a59289e09b8776c28abda0bac218bbc4e0c7a1744614a0c80ae9c46
GET /620f5a49ae1f0d280a981240.json?r=0 HTTP/1.1
Host: client.axept.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.alliance-habitat.com/
Origin: https://www.alliance-habitat.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Fri, 18 Nov 2022 14:43:32 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: ETag
access-control-max-age: 3000
last-modified: Fri, 18 Feb 2022 08:36:07 GMT
etag: W/"e2290c46a22d7ee7297c3956a1715547"
x-amz-version-id: AoYgyGdQpOOZq17D21gRx9VJPbSfwXZe
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uKcT2xBCZPe-I7yGC-a_adn6_OyVgiOx8HBSpKstpECz_02HfdhUpg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 24e839b9f3c854f1059813baa2c678a5
be2078cbfd0e0ed2de69e22e76c5c83aba9c656e
35b72207dddd79dce8c7f0bc72243dc70d0a9190b15fd344c790224513b8f810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 14:43:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 12:31:58 GMT
expires: Sun, 12 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 526293
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18726
Expires: Fri, 18 Nov 2022 19:55:37 GMT
Date: Fri, 18 Nov 2022 14:43:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18726
Expires: Fri, 18 Nov 2022 19:55:37 GMT
Date: Fri, 18 Nov 2022 14:43:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18726
Expires: Fri, 18 Nov 2022 19:55:37 GMT
Date: Fri, 18 Nov 2022 14:43:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18726
Expires: Fri, 18 Nov 2022 19:55:37 GMT
Date: Fri, 18 Nov 2022 14:43:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18726
Expires: Fri, 18 Nov 2022 19:55:37 GMT
Date: Fri, 18 Nov 2022 14:43:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 07:20:30 GMT
age: 26581
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9d32fa3866dd741de610a61a93ad893
4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e
4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: RQqPegf6sdVW0qmrGnUo6EORLuT7BRikwhtF08LAxWNCpLGwGZnG8Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:34:03 GMT
age: 61768
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d16e5ff718353c095d266b080fe547f
fa7c5c9a1d16355859196271f3d13f3850931888
9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10349
x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7tHGLIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:05:52 GMT
age: 59859
etag: "fa7c5c9a1d16355859196271f3d13f3850931888"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05289172c1455c4134e496c6f4606efd
ce1bb33256b0754f9acc01e7e9f3e5dc85f89244
a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:02:57 GMT
age: 60034
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d0b6106f00f9fd8b89c2d484a559a1a
399ac393209dcdac7d2188d7aa8d95f04570ef7c
5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:08:54 GMT
age: 59677
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35da1192dcadc6e329a9e60c16904301
90a146aef85765630a5e09e46a0a8682e204bec1
816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10281
x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-77EWaIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xbau-BXu_W5Hu8QaCg3tvwfYMb_8L8F_muNp4gVukeNTmiDW4BAXhA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:24:03 GMT
age: 58768
etag: "90a146aef85765630a5e09e46a0a8682e204bec1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
axeptio.imgix.net/2022/01/d35cbf0e-80e7-4b22-b1f0-22a6f9371134.png?bg=ffc823&w=200&mask=https://axeptio.imgix.net/2022/01/64b1005a-e876-41b8-ab0b-5cef6f8a6caf.png
151.101.86.208200 OK 27 kB URL HTTP/2 axeptio.imgix.net/2022/01/d35cbf0e-80e7-4b22-b1f0-22a6f9371134.png?bg=ffc823&w=200&mask=https://axeptio.imgix.net/2022/01/64b1005a-e876-41b8-ab0b-5cef6f8a6caf.png
IP 151.101.86.208:0
File type PNG image data, 200 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 0237f4984db7eee51a96b3daa7b01961
281c965ff92661edcb2dfde5edfaf3b54ec7c97b
5de4c61b92f6ef3480cf77c3a22983b2a855815889b35cef77b5fe0e44617bda
GET /2022/01/d35cbf0e-80e7-4b22-b1f0-22a6f9371134.png?bg=ffc823&w=200&mask=https://axeptio.imgix.net/2022/01/64b1005a-e876-41b8-ab0b-5cef6f8a6caf.png HTTP/1.1
Host: axeptio.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 18 Oct 2022 09:08:26 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: bab88729e4e7f862d2b2369e2f1688030f000546
x-imgix-render-farm: 01.592
date: Fri, 18 Nov 2022 14:43:35 GMT
age: 2698509
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10047-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
content-length: 27407
X-Firefox-Spdy: h2
axeptio.imgix.net/2020/09/persos_site_suite_05.png?auto=format&fit=crop&w=96&h=96&dpr=1
151.101.86.208200 OK 6.6 kB URL HTTP/2 axeptio.imgix.net/2020/09/persos_site_suite_05.png?auto=format&fit=crop&w=96&h=96&dpr=1
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash 6088eab1893611a21ffd2e770dce0582
5bda9be4a17f45d1c87352c52a4f7a3ed48f2c2f
cf34ed6f98074f57fc97c9a52e8cc39271232acd4d3714240cad513f84fd4e75
GET /2020/09/persos_site_suite_05.png?auto=format&fit=crop&w=96&h=96&dpr=1 HTTP/1.1
Host: axeptio.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 18 Oct 2022 07:42:12 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: c4a87171ce6e339ad6d3f1d3f3fb7cfb78386808
x-imgix-render-farm: 01.592
date: Fri, 18 Nov 2022 14:43:35 GMT
age: 2703684
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10083-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 6644
X-Firefox-Spdy: h2
axeptio.imgix.net/2021/02/persos%20site-44.png?auto=format&fit=crop&w=170&h=auto&dpr=1
151.101.86.208200 OK 9.7 kB URL HTTP/2 axeptio.imgix.net/2021/02/persos%20site-44.png?auto=format&fit=crop&w=170&h=auto&dpr=1
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash b23038ad7524cea2806003711f18f2fd
b07b647d353ddab786e9bce65a8309e12ebe7146
ca3806d8d2665ddc7853709e03e2b140e12bb67344a693cb07bf4d597b58c4f6
GET /2021/02/persos%20site-44.png?auto=format&fit=crop&w=170&h=auto&dpr=1 HTTP/1.1
Host: axeptio.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 12 Oct 2022 13:33:58 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 8ea521ffcc9c7040da64d8f820261ea7e505e9df
x-imgix-render-farm: 01.592
date: Fri, 18 Nov 2022 14:43:35 GMT
age: 3200978
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10077-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 9740
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4998f097d23ee5f19cae27d5b938e5fc
4369c8ebe61b9944e639bb2731feb51c5a758fe7
5691c66766c9578e9c4aa71240608653821162c668abc63ee40e553ede2450e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6339
x-amzn-requestid: 0be5dee5-272d-4577-ba55-5cdb7935ea60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MCExBoAMFz6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa4c-15fd613336aa6fcb165d0b26;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NYs-Nf0PzWqhXP5nkvanTjhJ6vfwRIU--YD06RFIGPEuwDCu6fvEPg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:01:30 GMT
age: 60128
etag: "4369c8ebe61b9944e639bb2731feb51c5a758fe7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.axept.io/sdk.js
54.230.111.46200 OK 0 B IP 54.230.111.46:0
GET /sdk.js HTTP/1.1
Host: static.axept.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Wed, 16 Nov 2022 09:40:00 GMT
server: AmazonS3
content-encoding: br
date: Fri, 18 Nov 2022 09:40:27 GMT
etag: W/"a7a2135d71f1b0ee001ad271e0d781fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OIErMA-qAPpZPDHNXbbIBqi5KNGiVfn1up7CxfgaGCyu6WPPl-o72w==
age: 18193
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/3.3.4/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 14:43:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 2021-06-08 21:21:50
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: f1a63d5f30f27f962c892e22b614a26b
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 14226799
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76c17a938e91b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/3.3.4/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alliance-habitat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 14:43:30 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 2021-06-08 14:01:04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 33fc7f6c64f18e27ebb95ab9e21d92ab
cdn-cache: HIT
cf-cache-status: HIT
age: 14224130
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76c17a938e8fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2