Overview

URL henvillegroup.com/wp-admin/download/Microsoft.document
IP74.208.236.239
ASNIONOS SE
Location United States
Report completed2022-09-26 13:41:46 UTC
StatusLoading report..
urlquery Alerts Phishing - Microsoft Services
Phishing - Adobe


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-26 2 henvillegroup.com/wp-admin/download/Microsoft.document Phishing
2022-09-26 2 henvillegroup.com/wp-admin/download/Microsoft.document/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-26 08:18:12 UTC 143.204.55.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-26 04:26:56 UTC 143.204.55.110
mnemonic passive DNS code.jquery.com (2) 634 2012-05-21 17:28:02 UTC 2022-09-26 04:31:10 UTC 69.16.175.10
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-26 05:45:55 UTC 54.148.190.4
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-26 04:28:07 UTC 34.117.237.239
mnemonic passive DNS ka-f.fontawesome.com (2) 3598 2019-12-17 06:36:13 UTC 2022-09-26 05:55:06 UTC 172.64.202.28
mnemonic passive DNS kit.fontawesome.com (1) 1868 2019-03-29 02:12:52 UTC 2022-09-26 05:07:50 UTC 104.18.22.52
mnemonic passive DNS henvillegroup.com (12) 0 2019-08-01 06:52:21 UTC 2022-09-26 12:22:39 UTC 74.208.236.239 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-26 04:35:11 UTC 23.36.76.226
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-26 10:05:36 UTC 93.184.220.29
mnemonic passive DNS maxcdn.bootstrapcdn.com (2) 724 2014-06-18 00:37:31 UTC 2022-09-26 06:42:01 UTC 104.18.10.207
mnemonic passive DNS ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-09-26 04:27:13 UTC 142.250.74.3
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-26 06:09:43 UTC 104.17.24.14
mnemonic passive DNS ajax.googleapis.com (1) 12905 2014-10-18 20:16:48 UTC 2022-09-26 12:01:34 UTC 142.250.74.138
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-26 10:36:51 UTC 142.250.74.10
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-26 04:43:33 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 74.208.236.239

Date UQ / IDS / BL URL IP
2022-10-08 07:35:07 +0000
0 - 0 - 1 henvillegroup.com/ 74.208.236.239
2022-09-26 20:30:18 +0000
4 - 0 - 2 henvillegroup.com/wp-admin/download/Microsoft (...) 74.208.236.239
2022-09-26 13:41:46 +0000
4 - 0 - 2 henvillegroup.com/wp-admin/download/Microsoft (...) 74.208.236.239

Last 5 reports on ASN: IONOS SE

Date UQ / IDS / BL URL IP
2022-12-02 10:16:16 +0000
0 - 0 - 2 beta.medi-buy.de/mailster/1876/c7908e33b89d68 (...) 217.160.0.82
2022-12-02 10:16:14 +0000
0 - 0 - 2 beta.medi-buy.de/mailster/1809/c7908e33b89d68 (...) 217.160.0.82
2022-12-02 09:14:48 +0000
0 - 0 - 9 davidanton.eu/ 82.165.101.27
2022-12-02 09:13:11 +0000
0 - 0 - 11 alg-pal.org/ 74.208.19.250
2022-12-02 09:03:45 +0000
0 - 0 - 1 utahmanymaids.com/ 74.208.236.110

Last 4 reports on domain: henvillegroup.com

Date UQ / IDS / BL URL IP
2022-10-08 07:35:07 +0000
0 - 0 - 1 henvillegroup.com/ 74.208.236.239
2022-09-26 20:30:18 +0000
4 - 0 - 2 henvillegroup.com/wp-admin/download/Microsoft (...) 74.208.236.239
2022-09-26 13:41:46 +0000
4 - 0 - 2 henvillegroup.com/wp-admin/download/Microsoft (...) 74.208.236.239
2022-09-14 07:35:10 +0000
0 - 0 - 25 henvillegroup.com/ 74.208.236.55

Last 4 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-08 03:00:43 +0000
4 - 0 - 4 www.nellcopilowdesigns.com/.pki/nssdb/SharePo (...) 104.238.70.184
2022-11-04 01:22:39 +0000
4 - 0 - 1 ms3nd.com/wp-admin/maint/sharedocu.file/ 74.208.236.185
2022-11-03 21:56:06 +0000
4 - 0 - 0 ms3nd.com/wp-admin/maint/sharedocu.file 74.208.236.185
2022-09-26 20:30:18 +0000
4 - 0 - 2 henvillegroup.com/wp-admin/download/Microsoft (...) 74.208.236.239


JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (46)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 13:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HoeMxnl-LGY4Zy5OwKmi76sYNiHV0g9--REwVh3tL57Q6R5gt-uqMw==
Age: 1577


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /wp-admin/download/Microsoft.document HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         74.208.236.239
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Content-Length: 270
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:35 GMT
Server: Apache
Location: http://henvillegroup.com/wp-admin/download/Microsoft.document/
Cache-Control: max-age=3600
Expires: Mon, 26 Sep 2022 14:41:35 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   270
Md5:    f689504d0bd3d54d2b483a0189cc4156
Sha1:   56edfb4506a28a966b975b7ff03d7373df355408
Sha256: 4bc7417a5baed28a5e9c081c63bfc6efab610b3c4957cdc5a0ae0a37d78748d1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4350
Expires: Mon, 26 Sep 2022 14:54:05 GMT
Date: Mon, 26 Sep 2022 13:41:35 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fbuXFtPnTvcEZ5Xf5QWvOFXtYu9Qm3UJHzK6e6sWMZS-ygs5dyqkKg==
age: 32780
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 26 Sep 2022 13:41:35 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /wp-admin/download/Microsoft.document/ HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   3396
Md5:    17e3690d11bf45bf81845938b96eb9c1
Sha1:   6add6d0172f287bab2c12dfc42994f64a2cfe060
Sha256: b401a23bdca1310dda35593aea7c211a0f26f268ca66b5b147e28e828b2ad3f9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jquery-3.1.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://henvillegroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 13:41:36 GMT
content-encoding: gzip
content-length: 30070
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664199696.dop026.sk1.t,1664199696.cds223.sk1.hn,1664199696.cds010.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32030)
Size:   30070
Md5:    f7a4a283c6a5130b43ce8de3b7842078
Sha1:   ef243edbb67f9e50f8589885e4541f6c919ea8d7
Sha256: aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1355
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 13:41:36 GMT
Last-Modified: Mon, 26 Sep 2022 13:19:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3963
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 13:41:36 GMT
Last-Modified: Mon, 26 Sep 2022 12:35:33 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 412
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 13:41:36 GMT
Last-Modified: Mon, 26 Sep 2022 13:34:44 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 13:41:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 13:41:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://henvillegroup.com
Connection: keep-alive
Referer: http://henvillegroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 13:41:36 GMT
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2144121
expires: Sat, 16 Sep 2023 13:41:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bd3YjyMXWktsOoESbYzjn1cIZP%2FcDGpR4gqyYrG6b86oA5jCQY86lGPhpn7Q15%2FjmNtLkYEP5f7QIBDF8dDC0cdSVym1noJBEuKdVAtjPebzrA3SfMeuDaIrjzz5gwVGlM2rA5ON"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750c6b05f9deb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19015)
Size:   6157
Md5:    7b4114faa411d059a9a5ac4b5b4d9dee
Sha1:   277da4486916fa3a4ab3375f47bc98f58dbf90f6
Sha256: 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
                                        
                                            GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://henvillegroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.138
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 05:22:45 GMT
expires: Mon, 25 Sep 2023 05:22:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 116331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   30028
Md5:    6d973c8b7e2439d958e09c0a1ab9fe50
Sha1:   05ae0830200c20b9a2dfd5a825adc400481a60fb
Sha256: f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
                                        
                                            GET /wp-admin/download/Microsoft.document/css/hover.css HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://henvillegroup.com/wp-admin/download/Microsoft.document/

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 11324
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:36 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 11:52:53 GMT
ETag: "1c009-5e8de1e57af40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2419200
Expires: Mon, 24 Oct 2022 13:41:36 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  ASCII text
Size:   11324
Md5:    a8be0250f56b9386972d9e4da9125199
Sha1:   7271727511bdc5c35ae1f86ee5c8a68ebc838462
Sha256: 5e44ecd8b22b7070288341b73ea756d6b9703682da5a6c58d51877fc01f61620
                                        
                                            GET /css?family=Yellowtail&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://henvillegroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 13:41:36 GMT
date: Mon, 26 Sep 2022 13:41:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 13:41:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4010
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 13:41:36 GMT
Last-Modified: Mon, 26 Sep 2022 12:34:46 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 13:10:46 GMT
Expires: Mon, 26 Sep 2022 13:29:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1Rt_FnZuXxMKpdu-XcOTW89cX_cCR37Z5vYvKLcdp86MREltu8Jglw==
Age: 1850


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /wp-admin/download/Microsoft.document/images/office3651.png HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://henvillegroup.com/wp-admin/download/Microsoft.document/

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 18025
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:36 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 11:52:54 GMT
ETag: "4669-5e8de1e66f180"
Accept-Ranges: bytes
Cache-Control: max-age=2419200
Expires: Mon, 24 Oct 2022 13:41:36 GMT
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced\012- data
Size:   18025
Md5:    fe22440d79ffa34950f512ef4a718b2a
Sha1:   0e147e59544ee6580d3095353d4420849fa5eb8a
Sha256: a2f26b68a6c8810c1aeb4048c938f835a86ba83756a7a440f989b967e78f3ba8
                                        
                                            GET /wp-admin/download/Microsoft.document/images/outlook1.png HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://henvillegroup.com/wp-admin/download/Microsoft.document/

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 771
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:36 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 11:52:53 GMT
ETag: "303-5e8de1e57af40"
Accept-Ranges: bytes
Cache-Control: max-age=2419200
Expires: Mon, 24 Oct 2022 13:41:36 GMT
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   771
Md5:    c3fc46c5799c76f9107504028f39190f
Sha1:   519096ad3f03410cf9ce3c9b9fcca6b439d97b23
Sha256: 57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
                                        
                                            GET /wp-admin/download/Microsoft.document/images/aol1.png HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://henvillegroup.com/wp-admin/download/Microsoft.document/

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 26456
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:36 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 11:52:54 GMT
ETag: "6758-5e8de1e66f180"
Accept-Ranges: bytes
Cache-Control: max-age=2419200
Expires: Mon, 24 Oct 2022 13:41:36 GMT
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  PNG image data, 253 x 218, 8-bit/color RGBA, non-interlaced\012- data
Size:   26456
Md5:    ec9cbc1048239b3927ad0276fc983019
Sha1:   17c27c038644bdb141381b606c7c94a177c07326
Sha256: f8a8cf4f1928938c796e2f35f8c21b0d510d4e3f16e016ee83d1f206f8ebde14
                                        
                                            GET /jquery-3.2.1.slim.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://henvillegroup.com
Connection: keep-alive
Referer: http://henvillegroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 13:41:36 GMT
content-encoding: gzip
content-length: 23856
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664199696.dop206.sk1.t,1664199696.cds066.sk1.hn,1664199696.cds235.sk1.c
X-Firefox-Spdy: h2

                                        
                                            GET /wp-admin/download/Microsoft.document/images/other1.png HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://henvillegroup.com/wp-admin/download/Microsoft.document/

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 21882
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:36 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 11:52:54 GMT
ETag: "557a-5e8de1e66f180"
Accept-Ranges: bytes
Cache-Control: max-age=2419200
Expires: Mon, 24 Oct 2022 13:41:36 GMT
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced\012- data
Size:   21882
Md5:    6843a244e12fab158aa189680b5e7049
Sha1:   0e1c691f87cc4fa35c88344974f2829c40176b70
Sha256: 3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f
                                        
                                            GET /wp-admin/download/Microsoft.document/images/aol.png HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://henvillegroup.com/wp-admin/download/Microsoft.document/

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 27299
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:36 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 11:52:54 GMT
ETag: "6aa3-5e8de1e66f180"
Accept-Ranges: bytes
Cache-Control: max-age=2419200
Expires: Mon, 24 Oct 2022 13:41:36 GMT
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   27299
Md5:    adc4933c81e5e398bc262cee345169c9
Sha1:   82096d2e7c8d5576b09ff66ec0e6cf0b062e6458
Sha256: 525b19625af58b743105bb83febc6272b92856a06f39dcbf85bd027ac95afb9d

Alerts:
  urlquery:
    - Phishing - Microsoft Services
                                        
                                            GET /wp-admin/download/Microsoft.document/images/yahoo1.png HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://henvillegroup.com/wp-admin/download/Microsoft.document/

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 17931
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:36 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 11:52:53 GMT
ETag: "460b-5e8de1e57af40"
Accept-Ranges: bytes
Cache-Control: max-age=2419200
Expires: Mon, 24 Oct 2022 13:41:36 GMT
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  PNG image data, 151 x 151, 8-bit/color RGBA, non-interlaced\012- data
Size:   17931
Md5:    4458cd0a6df7deabdff0b99bd5905ec9
Sha1:   45a8b436d07d7ed7973b87a1c393d6973afe6fb5
Sha256: aad24ed5f36320964c515b9889cb2943bbf830b40703999ad3976fce8176e554
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z/mgqCU/lUrr7aM/5HZF1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.190.4
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dS5D+0I3/aBDancFNI4kaSnCJwk=

                                        
                                            GET /wp-admin/download/Microsoft.document/images/8.jpg HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://henvillegroup.com/wp-admin/download/Microsoft.document/

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 161118
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:36 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 11:52:54 GMT
ETag: "2755e-5e8de1e66f180"
Accept-Ranges: bytes
Cache-Control: max-age=2419200
Expires: Mon, 24 Oct 2022 13:41:36 GMT
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=709, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], baseline, precision 8, 1200x646, components 3\012- data
Size:   161118
Md5:    f17b5b1163efb6d2d47de6bae6d3a9cd
Sha1:   6d6964b34bc44c6d2b106ade1ae675985b96d012
Sha256: 7829f065e0e10c8466f3d57766e0719421b7b652f6a1082f21b98702f1b28a30

Alerts:
  urlquery:
    - Phishing - Adobe
                                        
                                            GET /wp-admin/download/Microsoft.document/images/wordd.png HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://henvillegroup.com/wp-admin/download/Microsoft.document/

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 202606
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:36 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 11:52:53 GMT
ETag: "3176e-5e8de1e57af40"
Accept-Ranges: bytes
Cache-Control: max-age=2419200
Expires: Mon, 24 Oct 2022 13:41:36 GMT
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  PNG image data, 1000 x 434, 8-bit/color RGBA, non-interlaced\012- data
Size:   202606
Md5:    69def532576b9cdf2a11e5e18cd2f8ed
Sha1:   fd184e6a67bb1c62369bac3e6678bf5fa6170dd7
Sha256: ccb9150935f1b76dfb7cf13a089ee993f9aa8cd56b565d56c6fbd5b0634a643f
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: henvillegroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://henvillegroup.com/wp-admin/download/Microsoft.document/

                                         
                                         74.208.236.239
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Content-Length: 8895
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Sep 2022 13:41:37 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 15:20:06 GMT
ETag: "7d26-5e8b8c7c84c50-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 48x48, 32 bits/pixel\012- data
Size:   8895
Md5:    8b64c45494ed98ed5b9e006872474d98
Sha1:   09bb8a649b59759e573d349fc497c7219dffb6a3
Sha256: 764d2c42c2daa9493bf2a07c95128e2b6a7c125f10dcbe01ca46fe107cfea953
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16098
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 13:41:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16098
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 13:41:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16098
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 13:41:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16098
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 13:41:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16098
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 13:41:38 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 57843
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 55258
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8637
Md5:    d02ede0c964f3346fd53ae2950bf2a62
Sha1:   e49306a3713cb724be024a4ddb5e90645718a718
Sha256: c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
age: 53502
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11728
Md5:    968b9c138702fb5994d1d9eab1a697fa
Sha1:   9660bb2d38079182efbd11d7a687bfc7f9d30751
Sha256: 5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8851
x-amzn-requestid: dbe6ba4c-3d38-48e8-9d08-088d8e26e7a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUDAE23oAMF_yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd46-4f3b85952fa3109d2921d0e1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wbbfzE5nQkhK_nsXX8XGJbOl3Yf6NDA1r_AC-0dOzqJDkLQ2BLxK9A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 23:15:06 GMT
age: 51992
etag: "4b32113aaf50132b38c8034017a6eb5a32d7040b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8851
Md5:    431ff1171a3d7c60a31cc1c3f62164ee
Sha1:   4b32113aaf50132b38c8034017a6eb5a32d7040b
Sha256: 65d598db252fb3979d3df3cb8d052861bb31d6187552f9c694ec27a322b308c9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 55882
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5157
Md5:    2fe8c4f0c70fb6c1f4259eabedc7015e
Sha1:   85e378d0fff856832a8dd01743516b9476fed8c6
Sha256: 508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bfaf0f-e716-4cf7-9785-ffcd146aed68.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7648
x-amzn-requestid: 359116cc-4e08-4c57-8aba-0aa7bd232c98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKWG2BIAMFlHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca42-2130239f2dab781c0f49f0e4;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sGZMSLXPUq8Ssxe_SFGePrvvnUGePGb7ZQn3RYH20EKwN2vzpA1RjQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 57166
etag: "042d4b6927f80c5a44bb7baf77b763577c19ed36"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7648
Md5:    75a459d4f554d38a1701e727185c7e91
Sha1:   042d4b6927f80c5a44bb7baf77b763577c19ed36
Sha256: c01b0d3a28ed31ec9432d879310cffa313260f97044f1ed473aa0331bdba5607
                                        
                                            GET /releases/v5.15.4/css/free.min.css?token=585b051251 HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://henvillegroup.com/
Origin: http://henvillegroup.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.202.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 26 Sep 2022 13:41:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d61815344be6df2eace7e0cbeebe716.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: SG4e_pIHlJGhJYKyszTw8DbJSjjuDoOUqo13SlHdfmVjC67zlZ5MUA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipW7P5xX3u1504lT2qQAdcdTEWBCfhgtxngFU%2FGbjcoywcxwmq90ZDrWyuypQj8cz%2B8vcWxnzOTJQdDXwQoB5gy1%2FFI9cXmeZ17K4irWh05Ahmp428%2BAJI95QKRlMdYZFP2OApoNDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750c6b071df17535-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://henvillegroup.com
Connection: keep-alive
Referer: http://henvillegroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Mon, 26 Sep 2022 13:41:36 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:36:43
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 67ff4b0a14c90674dcb22fd6abecb7a0
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750c6b05e9981c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://henvillegroup.com/
Origin: http://henvillegroup.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.202.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 26 Sep 2022 13:41:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 884d101a3faeefd4fb32a5d2a8a076b6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: BPVVCCO4pe5kLYoArBqVUI5MbSR8hsyTjEVUpBbmN7sSAthwIVf0xg==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99nN6nV4GBvNj2H16AMCoNQdXnAhS89mQzIiGP9kmxTk1xDKu6NctQG2F4JdhrKTHSe6e3ussYxkp4LI%2FKJdJnUaVxdkaxIpaM7IGJlwWdrHTox0jvsf4KzzdmAcCSinkWJdzw9NpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750c6b071dcb7535-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /585b051251.js HTTP/1.1 
Host: kit.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://henvillegroup.com
Connection: keep-alive
Referer: http://henvillegroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.22.52
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Mon, 26 Sep 2022 13:41:36 GMT
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fxhsznddwn9nWrGJKIBB
cf-cache-status: MISS
server: cloudflare
cf-ray: 750c6b05efc40afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://henvillegroup.com
Connection: keep-alive
Referer: http://henvillegroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 13:41:36 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:32:25
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d85a6e02ef2c3038cd8e318890caf7f3
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750c6b05e9941c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---