r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3396075e8f2d9ceae3bd11f94111fed8
98ba4ccf6b0e38a91c69b76ac1dc07313773ed1d
e533d6bd6a8080facdff772bcbf359373dab2d5a6fe5eabe64f95e68a8cd23aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E533D6BD6A8080FACDFF772BCBF359373DAB2D5A6FE5EABE64F95E68A8CD23AA"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6427
Expires: Sun, 19 Mar 2023 23:06:09 GMT
Date: Sun, 19 Mar 2023 21:19:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6692
Expires: Sun, 19 Mar 2023 23:10:34 GMT
Date: Sun, 19 Mar 2023 21:19:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Mar 2023 20:27:07 GMT
content-type: application/json
age: 3115
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13942
Expires: Mon, 20 Mar 2023 01:11:24 GMT
Date: Sun, 19 Mar 2023 21:19:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TjkUUNve4VEDUkzjGuPSLUHP/isfnMAL20nNNinfETW7nmXcV1oL+Ln6B+uyqN/vY/jI8Z85cl0=
x-amz-request-id: JM1C2QBYBT19DVMR
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 19 Mar 2023 20:58:26 GMT
age: 1236
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/
185.98.131.142200 OK 6.7 kB IP 185.98.131.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4570)
Hash 0b1d4193fb581a94e60bdae4cb10490d
daa5d40ba925173460c307fb2fcc87a465849ecb
03b198a4c41a81824956cd4d4b18078ccd44665d512c551a93af47674946af97
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/html; charset=UTF-8
content-length: 6651
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
www.notaire-gay-friendly.fr/assets/css/font-awesome.css
185.98.131.142200 OK 4.0 kB URL HTTP/2 www.notaire-gay-friendly.fr/assets/css/font-awesome.css
IP 185.98.131.142:0
File type troff or preprocessor input, ASCII text, with very long lines (301)
Hash 17be149e45dea3ac4384c3879ab6052c
f7c968f7ba8aede331796d9a87c1a7c67eaabc90
22e6b609799ec3f9c56c35ddd56356ff570407a35cb15f42d10faf8588465a33
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/font-awesome.css HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/css
content-length: 4011
last-modified: Tue, 11 Feb 2014 16:43:20 GMT
etag: "5495-4f224275d1a00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
www.notaire-gay-friendly.fr/assets/css/bootstrap.css
185.98.131.142200 OK 17 kB URL HTTP/2 www.notaire-gay-friendly.fr/assets/css/bootstrap.css
IP 185.98.131.142:0
File type assembler source, ASCII text, with very long lines (318)
Hash 01e9f57eb508da06985306fe5c1fd2a1
74c30b1fbf7ce91d025bad9c367da39013ee7ad4
475bbb39062ee8926c5b3e957661c00b75cb9ce24aec1b2d6023866f1a4997bf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/bootstrap.css HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/css
content-length: 16819
last-modified: Tue, 11 Feb 2014 16:43:20 GMT
etag: "1e276-4f224275d1a00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
www.notaire-gay-friendly.fr/assets/css/bootstrap-theme.css
185.98.131.142200 OK 1.6 kB URL HTTP/2 www.notaire-gay-friendly.fr/assets/css/bootstrap-theme.css
IP 185.98.131.142:0
Hash eed1ca6468e5e420ee1a728f3478ef7d
850857b315ccd1a5917f711251e71be4f2ab610f
6cc22a479bb52651d4918a13a08f38bfa7b66893837cdee072bddc41eeb85474
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/bootstrap-theme.css HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/css
content-length: 1571
last-modified: Wed, 22 May 2019 11:04:47 GMT
etag: "382c-58977ef00a2a7-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
www.notaire-gay-friendly.fr/assets/css/custom.css
185.98.131.142200 OK 212 B URL HTTP/2 www.notaire-gay-friendly.fr/assets/css/custom.css
IP 185.98.131.142:0
File type assembler source, ASCII text
Hash cc487aa42a0a1c19ba84f51194ec4396
9cfbebb56b681b6a769c8172932870a4b07187c2
92d0675e0454a7c470e16e4ff053911d064cfc195c3eddfcedf0a268ba9a7836
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/custom.css HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/css
content-length: 212
last-modified: Tue, 11 Feb 2014 16:43:20 GMT
etag: "169-4f224275d1a00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/font-awesome-4.7.0/css/font-awesome.min.css
185.98.131.142200 OK 6.7 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/font-awesome-4.7.0/css/font-awesome.min.css
IP 185.98.131.142:0
File type ASCII text, with very long lines (30837)
Hash 843322e1688eb6c0b6da6b33aaa4f67a
fda56fb1ded6a09f0a17caa5cdae58a7881e5e24
aeeaa537e68bea354ab60a2a55144ca3cbbadbafa6f541615929c71aa233268b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/css
content-length: 6663
last-modified: Wed, 22 May 2019 10:34:31 GMT
etag: "7918-5897782c19327-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/css/datepicker.css
185.98.131.142200 OK 1.0 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/css/datepicker.css
IP 185.98.131.142:0
Hash 939e300018aade9ed7fc625588cf0c8a
500d5c7c85601cf69ffd13da915ca8c36fb36649
077674f8d52a6cd74cdef5d8eebd6d9854f7d09da732e9a9701d44461387741c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/css/datepicker.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/css
content-length: 1049
last-modified: Wed, 22 May 2019 10:34:19 GMT
etag: "11e7-58977820ba106-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/slick/slick.css
185.98.131.142200 OK 484 B URL HTTP/2 notaire-gay-friendly.fr/newtheme/slick/slick.css
IP 185.98.131.142:0
Hash fca854f4dd8cd79b9bd2fe5dfa7f7367
7912fec10241b769ec80b69e6228d795eb18a4ea
f82dcaed05811f1fd838e74077af17187d51cc950b95917bf1020c387261b3ce
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/slick/slick.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/css
content-length: 484
last-modified: Wed, 22 May 2019 10:34:28 GMT
etag: "6f0-58977829af086-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/slick/slick-theme.css
185.98.131.142200 OK 767 B URL HTTP/2 notaire-gay-friendly.fr/newtheme/slick/slick-theme.css
IP 185.98.131.142:0
Hash 592547303a717df4b98c9f65edc7bc7f
eb18cf0db70bc66b2a2939ca37d91a5ee0a10928
85e419f66565768365c9dd5ab30132dea5834091d5328d56161e69a51aab619a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/slick/slick-theme.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/css
content-length: 767
last-modified: Wed, 22 May 2019 10:34:28 GMT
etag: "c49-589778293fb46-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/css/tooplate-style.css
185.98.131.142200 OK 4.3 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/css/tooplate-style.css
IP 185.98.131.142:0
File type ASCII text, with very long lines (1338)
Hash a2180ff3ad62bec385eb6686b9395cc7
6fc7db5ca42390ded853b97cfb97e041ed044b7b
fb9a587a230fecfd9b6420bdc5f43addea3447afd058faf0820a622accabdc2e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/css/tooplate-style.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/css
content-length: 4315
last-modified: Mon, 27 May 2019 10:38:17 GMT
etag: "3784-589dc256d3b91-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/css/bootstrap.min.css
185.98.131.142200 OK 18 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/css/bootstrap.min.css
IP 185.98.131.142:0
File type ASCII text, with very long lines (24311)
Hash 3e639c2e107af10362d6a1c6517406d3
c3e66f1f0b5d3f364efe4ce48fc516c04149a532
eb10273967b498e8314343e372ff89fc713d8fa7ad34b31461d96a7a3f90399d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/css/bootstrap.min.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: text/css
content-length: 17661
last-modified: Sun, 24 Oct 2021 13:01:36 GMT
etag: "1f024-5cf18d82789f1-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e8fc65c8ed6ea66df6d6f044d7636fe2
da5b32e7c3fb8dddbd1466e4733cab6e35a66f8c
733e51b02cac5aca153e462118e12f623b0be034bb5488eb021c09a4b41744dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.avocat-gay-friendly.fr/wp-content/uploads/scroll.png
91.216.107.79200 OK 1.3 kB URL HTTP/2 www.avocat-gay-friendly.fr/wp-content/uploads/scroll.png
IP 91.216.107.79:0
File type PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced\012- data
Hash d9367e36bfaf7cc77e8f98225dfeed5d
72c0c92b96d26f56852fa94a85a112a819871531
97655a8426d9803f7c5915adc26571d562bd4acc1ed8bc752341915830633d36
GET /wp-content/uploads/scroll.png HTTP/1.1
Host: www.avocat-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: image/png
content-length: 1331
last-modified: Fri, 21 Jun 2019 15:25:22 GMT
etag: "533-58bd712247686"
accept-ranges: bytes
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/js/jquery.singlePageNav.min.js
185.98.131.142200 OK 1.0 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/js/jquery.singlePageNav.min.js
IP 185.98.131.142:0
File type ASCII text, with very long lines (2444)
Hash 74308e58271b1da909f70125d5ab72d2
86e9c115686bd2d049e5c9f30c7a446fa5bfa660
12c5a5e905a7c71a4fb451344902480a669537474e8637fd38a6040c10c0324f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/js/jquery.singlePageNav.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: application/javascript
content-length: 1019
last-modified: Wed, 22 May 2019 10:34:26 GMT
etag: "a33-58977827b6266-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
www.notaire-gay-friendly.fr/assets/images/Notaires-Gay-friendly-LGBT-logo.svg
185.98.131.142200 OK 6.1 kB URL HTTP/2 www.notaire-gay-friendly.fr/assets/images/Notaires-Gay-friendly-LGBT-logo.svg
IP 185.98.131.142:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (6058), with no line terminators
Hash cbedd94a1aad51f8f91d060eeed2fda0
300df7b9dde86ce8e2518f1ae4d7928e9c5baaaa
3b702050b12f3114a932f69bc0edc8a43f5bd4f76e6a58af4f83c12457df0b58
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/Notaires-Gay-friendly-LGBT-logo.svg HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: image/svg+xml
content-length: 6058
last-modified: Wed, 22 May 2019 11:27:15 GMT
etag: "17aa-589783f5fa5f6"
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
142.250.74.42200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32072)
Hash d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 17:33:24 GMT
expires: Thu, 14 Mar 2024 17:33:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 359139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
142.250.74.164200 OK 554 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 7a61332e081c1df94aee6da79ccab5cf
9a1b52aef388542cfa62d685399669420b8998ee
3edecdbe2c8dbe6ff85c45d382f9f608ed30a6618fa62b18282e03d866dc6dd7
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 19 Mar 2023 21:19:03 GMT
date: Sun, 19 Mar 2023 21:19:03 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.avocat-gay-friendly.fr/wp-content/uploads/CONSEILLER-EN-GESTION-DE-PATRIMOINE.jpg
91.216.107.79200 OK 30 kB URL HTTP/2 www.avocat-gay-friendly.fr/wp-content/uploads/CONSEILLER-EN-GESTION-DE-PATRIMOINE.jpg
IP 91.216.107.79:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=300, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=276], progressive, precision 8, 276x238, components 3\012- data
Hash d05076005eb75fd3cf9d2f27cf30671c
cc77bfcd0595c7b25b1164da023acbfc3bddc2d7
a9acf1bc5c9e0a31c53cb4501e7e0f61fedd14f497ec3607759a4d9491182425
GET /wp-content/uploads/CONSEILLER-EN-GESTION-DE-PATRIMOINE.jpg HTTP/1.1
Host: www.avocat-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: image/jpeg
content-length: 30436
last-modified: Thu, 30 May 2019 13:27:12 GMT
etag: "76e4-58a1adb0c438d"
accept-ranges: bytes
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/js/datepicker.min.js
185.98.131.142200 OK 3.1 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/js/datepicker.min.js
IP 185.98.131.142:0
File type ASCII text, with very long lines (8468), with no line terminators
Hash 402fbfe9aca36b45f7d6277f114bfbb1
12a6b79f93ea3dda2aaeb7d3759baab104c8e35b
177c58f658b58bcbe1bda23f96c07fe3212c41225cc0df85ed424246388b9b06
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/js/datepicker.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: application/javascript
content-length: 3130
last-modified: Wed, 22 May 2019 10:34:26 GMT
etag: "2114-58977827353e6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
www.notaire-gay-friendly.fr/assets/js/custom.js
185.98.131.142200 OK 759 B URL HTTP/2 www.notaire-gay-friendly.fr/assets/js/custom.js
IP 185.98.131.142:0
Hash e34aa9c8abdbccfa20385d74f244e5fc
26aa78a7173e6a7ea4b7b80536b67b72efb49574
edbf69a1e3b5eae5cd9e7a22d4c8354d14d5ab6463a75b292ea8ac766ff1765b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/custom.js HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: application/javascript
content-length: 759
last-modified: Tue, 11 Feb 2014 16:43:30 GMT
etag: "725-4f22427f5b080-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/js/popper.min.js
185.98.131.142200 OK 6.6 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/js/popper.min.js
IP 185.98.131.142:0
File type ASCII text, with very long lines (18860)
Hash 578bc7783158d8fd4b1babe766c60d66
5c740edd017f5997b52628016c853922e5feb025
3b4963e4e46c8551a3db6ad61a37acde6b614bb7e3f810f2a1e8a90bbf66d615
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/js/popper.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: application/javascript
content-length: 6588
last-modified: Wed, 22 May 2019 10:34:27 GMT
etag: "4a58-5897782815da6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/slick/slick.min.js
185.98.131.142200 OK 10 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/slick/slick.min.js
IP 185.98.131.142:0
File type ASCII text, with very long lines (42862)
Hash f5c8ef1d8e856fabc1e3af956448d67b
db3cb2e948f0cb79b200ce8076a2c49071da6a12
9b4160f32e3e54321d6ded0d1a9f98adde28f285e039debaf5e2b374760d6d60
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/slick/slick.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: application/javascript
content-length: 10108
last-modified: Wed, 22 May 2019 10:34:29 GMT
etag: "a76f-5897782a9c566-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/js/bootstrap.min.js
185.98.131.142200 OK 13 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/js/bootstrap.min.js
IP 185.98.131.142:0
File type ASCII text, with very long lines (50277)
Hash 91cd1eafc089242a5026e18793e09f68
02ab8f16fa893e7410d3c86a4abe63a15af43488
b89641fa05da5318b6697b3bae738a524161379526f001508ae2067006edf02a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/js/bootstrap.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: application/javascript
content-length: 12578
last-modified: Wed, 22 May 2019 10:34:26 GMT
etag: "c584-589778274ea26-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
www.notaire-gay-friendly.fr/assets/js/bootstrap.js
185.98.131.142200 OK 10 kB URL HTTP/2 www.notaire-gay-friendly.fr/assets/js/bootstrap.js
IP 185.98.131.142:0
Hash 0b19c0893a56a1aff659084f606a5ee7
72ec7314bde4205e7fb24eea2c7fae7b65d529d3
46a4e51b232cd31818bf469676df2077ccbe9fbbd78ef6aacdcdcf41cf56064a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/bootstrap.js HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: application/javascript
content-length: 10387
last-modified: Tue, 11 Feb 2014 16:43:29 GMT
etag: "e4a5-4f22427e66e40-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/js/jquery-1.11.3.min.js
185.98.131.142200 OK 32 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/js/jquery-1.11.3.min.js
IP 185.98.131.142:0
File type ASCII text, with very long lines (32038)
Hash 8039ed4be9d9955b91a16bfd1d3077f8
6c04829fd4e1ca52c25c87b932d52a057e4aa23d
1ef08891d194dd9be68c7522dde45558c461ccd6fcf3eb9037bb473e0edae3fb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/js/jquery-1.11.3.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: application/javascript
content-length: 32426
last-modified: Wed, 22 May 2019 10:34:26 GMT
etag: "176f8-58977827c1de6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/img/Medecin-Sante-gay-friendly-LGBT.png
185.98.131.142200 OK 205 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/img/Medecin-Sante-gay-friendly-LGBT.png
IP 185.98.131.142:0
File type PNG image data, 550 x 420, 8-bit/color RGB, non-interlaced\012- data
Size 205 kB (204949 bytes)
Hash 10f713730539d27de360ff3da568ea8c
08aeac4ff9acb53e55e8e86170d4c72c395eec5a
c2231b16188d1f95b00ff5750a6b805cd0e8604262a5945b2f003e200fc1eaa0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/img/Medecin-Sante-gay-friendly-LGBT.png HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: image/png
content-length: 204949
last-modified: Wed, 22 May 2019 10:34:23 GMT
etag: "32095-58977824c6326"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
notaire-gay-friendly.fr/newtheme/img/Notaires-Gay-friendly-LBTG.png
185.98.131.142200 OK 471 B URL HTTP/2 notaire-gay-friendly.fr/newtheme/img/Notaires-Gay-friendly-LBTG.png
IP 185.98.131.142:0
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/img/Notaires-Gay-friendly-LBTG.png HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: image/png
content-length: 232072
last-modified: Wed, 22 May 2019 10:34:24 GMT
etag: "38a88-58977825607e6"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d2b91b87a3060a36d0002f6338924521
b216a0ae0e118f942207ae6c51a5309393fe79f4
835446923abce8bde27c74317de5388462f43f7cbf93293a15891a2a2554e406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 19 Mar 2023 21:14:32 GMT
age: 271
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/newtheme/img/Notaire-gay-friendly-LGBT.jpg
185.98.131.142200 OK 471 B URL HTTP/2 notaire-gay-friendly.fr/newtheme/img/Notaire-gay-friendly-LGBT.jpg
IP 185.98.131.142:0
Hash 55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/img/Notaire-gay-friendly-LGBT.jpg HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/newtheme/css/tooplate-style.css
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: image/jpeg
content-length: 240204
last-modified: Wed, 22 May 2019 10:52:21 GMT
etag: "3aa4c-58977c28c438c"
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://notaire-gay-friendly.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Mar 2023 02:06:11 GMT
expires: Sat, 16 Mar 2024 02:06:11 GMT
cache-control: public, max-age=31536000
age: 241972
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6509
Expires: Sun, 19 Mar 2023 23:07:32 GMT
Date: Sun, 19 Mar 2023 21:19:03 GMT
Connection: keep-alive
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (576)
Size 165 kB (164678 bytes)
Hash f22f07ee02fbeed3958345c90b52b818
2aa44ea19d580589c06c2170103b4d0505e18cdb
dc1eadf37f70bef92766d0c316d1da7af283b84e5c309a4732d8ed35d7bbfb84
GET /recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://notaire-gay-friendly.fr
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164678
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 11:44:52 GMT
expires: Thu, 14 Mar 2024 11:44:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 380051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.notaire-gay-friendly.fr/assets/img/favicon.png
185.98.131.142200 OK 2.7 kB URL HTTP/2 www.notaire-gay-friendly.fr/assets/img/favicon.png
IP 185.98.131.142:0
File type PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Hash ac8ecda82f19bd439ec77ed0a86faa45
89f0121d02daab97dfcc8f6c4be2dafe01e0237a
b65dfafb8651ce6a6f3c3b2aeb2e74a65b24cfa13f8fa2286f06d57ee462b581
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/favicon.png HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: image/png
content-length: 2746
last-modified: Tue, 11 Feb 2014 16:43:28 GMT
etag: "aba-4f22427d72c00"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e64fc6f9ae4228dd2fc48d61e1d8841
ae781abd01bae215d2ccc65fe308aaa4e3df6706
f8f424b8de4cb7cea5608432bbad1786f02cbc7e3c111f5d395288065f134fa0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash d2f260fb0ba00b3698356095b00d68fc
f3445f67687111fb7c16ccd1ba8112a35b8339e0
edc0b07275f6982c49fc65e38c10a89a02b36969f2997fd5587bacf66386c468
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6018
Cache-Control: max-age=162297
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:03 GMT
Etag: "64173bbe-1d7"
Expires: Tue, 21 Mar 2023 18:24:00 GMT
Last-Modified: Sun, 19 Mar 2023 16:43:42 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
notaire-gay-friendly.fr/newtheme/img/Avocat-Gay-friendly-LGBT.png
185.98.131.142200 OK 28 kB URL HTTP/2 notaire-gay-friendly.fr/newtheme/img/Avocat-Gay-friendly-LGBT.png
IP 185.98.131.142:0
File type gzip compressed data, from Unix\012- data
Hash e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /newtheme/img/Avocat-Gay-friendly-LGBT.png HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 21:19:03 GMT
content-type: image/png
content-length: 206631
last-modified: Wed, 22 May 2019 10:34:21 GMT
etag: "32727-589778226aae6"
accept-ranges: bytes
X-Firefox-Spdy: h2
stats.g.doubleclick.net/dc.js
108.177.14.154200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP 108.177.14.154:0
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Sun, 19 Mar 2023 20:15:40 GMT
expires: Sun, 19 Mar 2023 22:15:40 GMT
cache-control: public, max-age=7200
age: 3803
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash d2f260fb0ba00b3698356095b00d68fc
f3445f67687111fb7c16ccd1ba8112a35b8339e0
edc0b07275f6982c49fc65e38c10a89a02b36969f2997fd5587bacf66386c468
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6019
Cache-Control: max-age=162297
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:04 GMT
Etag: "64173bbe-1d7"
Expires: Tue, 21 Mar 2023 18:24:01 GMT
Last-Modified: Sun, 19 Mar 2023 16:43:42 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1011457330&utmhn=notaire-gay-friendly.fr&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x2874&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NOTAIRES%20LGBT-FRIENDLY&utmhid=397354790&utmr=-&utmp=%2F&utmht=1679260744007&utmac=UA-33512826-6&utmcc=__utma%3D85782918.2114667400.1679260744.1679260744.1679260744.1%3B%2B__utmz%3D85782918.1679260744.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1193556601&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
108.177.14.154200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1011457330&utmhn=notaire-gay-friendly.fr&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x2874&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NOTAIRES%20LGBT-FRIENDLY&utmhid=397354790&utmr=-&utmp=%2F&utmht=1679260744007&utmac=UA-33512826-6&utmcc=__utma%3D85782918.2114667400.1679260744.1679260744.1679260744.1%3B%2B__utmz%3D85782918.1679260744.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1193556601&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 108.177.14.154:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1011457330&utmhn=notaire-gay-friendly.fr&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x2874&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NOTAIRES%20LGBT-FRIENDLY&utmhid=397354790&utmr=-&utmp=%2F&utmht=1679260744007&utmac=UA-33512826-6&utmcc=__utma%3D85782918.2114667400.1679260744.1679260744.1679260744.1%3B%2B__utmz%3D85782918.1679260744.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1193556601&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 19 Mar 2023 21:19:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e64fc6f9ae4228dd2fc48d61e1d8841
ae781abd01bae215d2ccc65fe308aaa4e3df6706
f8f424b8de4cb7cea5608432bbad1786f02cbc7e3c111f5d395288065f134fa0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 21:19:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.25.69.156101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.25.69.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xhUbheqA4ffg0FUYjMlkdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ox6PnfUiQujQOqCBmrJF9rCnwoY=
www.facebook.com/tr/?id=155603324990316&ev=PageView&dl=https%3A%2F%2Fnotaire-gay-friendly.fr%2F&rl=&if=false&ts=1679260744194&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=62&cs_est=true&fbp=fb.1.1679260744192.2089301229&it=1679260744027&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=155603324990316&ev=PageView&dl=https%3A%2F%2Fnotaire-gay-friendly.fr%2F&rl=&if=false&ts=1679260744194&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=62&cs_est=true&fbp=fb.1.1679260744192.2089301229&it=1679260744027&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=155603324990316&ev=PageView&dl=https%3A%2F%2Fnotaire-gay-friendly.fr%2F&rl=&if=false&ts=1679260744194&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=62&cs_est=true&fbp=fb.1.1679260744192.2089301229&it=1679260744027&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 19 Mar 2023 21:19:04 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Mon, 20 Mar 2023 01:05:20 GMT
Date: Sun, 19 Mar 2023 21:19:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Mon, 20 Mar 2023 01:05:20 GMT
Date: Sun, 19 Mar 2023 21:19:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Mon, 20 Mar 2023 01:05:20 GMT
Date: Sun, 19 Mar 2023 21:19:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Mon, 20 Mar 2023 01:05:20 GMT
Date: Sun, 19 Mar 2023 21:19:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Mon, 20 Mar 2023 01:05:20 GMT
Date: Sun, 19 Mar 2023 21:19:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6645ef8b7e2b10326cc1cb7c76f82769
cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced
1076fa495f0b7cc23922f64cc6a6f596de9a6f08ea7549eef785d804db0be7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8189
x-amzn-requestid: 3815c61d-6d05-4794-bd9a-d417d1270527
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wqgGsdIAMFi6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e42-6af86b2a21b89d38559ca754;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: n-Dbnb07Rsh0y_T4UW0VQSyRcV96MehdMiFlhdUtcrCiqZVL5ZVJxg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:14:54 GMT
age: 83051
etag: "cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f030924-26fe-4a36-bf48-11d8ccfe470b.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f030924-26fe-4a36-bf48-11d8ccfe470b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 772-769, spot sensor temperature 0.000000, unit celsius, color scheme 0, minimum point enabled, calibration: offset 0.000000, slope 1115717714480204991250653249536.000000\012- data
Hash 7c6233f649c3f84fcba3d244b3e5c35d
2820939892ab0d9b7c995043dc0f38642ac1e415
1ff87957f29a41db7bcbfcbc644cd434705b046b32e8d01467ec6b8c9f75c77b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f030924-26fe-4a36-bf48-11d8ccfe470b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12699
x-amzn-requestid: ebcd4e4c-f214-463e-a2c9-1392f278d6d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eSgGFOIAMFt8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dda9-5ec892ee018fe3d118df30d6;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:45 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: V7-65gE7I1yLibHGcEwS9iFpcxqCi_stbPmNcx98jG9HMfPvsk2mSw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:50:54 GMT
age: 80891
etag: "2820939892ab0d9b7c995043dc0f38642ac1e415"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ca215f-c7b1-4e8a-adb9-666f63347dca.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ca215f-c7b1-4e8a-adb9-666f63347dca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53761c38e423f6990a84c2b59ed352eb
974780a01c5fe24e092b4d8bd08a3a13a17485e1
527145dd60d8944f77d0187e2286fa1ddd12646efbc8e080eefa04825e212c54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ca215f-c7b1-4e8a-adb9-666f63347dca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 9d2de887-7fa9-4a32-88f7-95d73447537c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wZMGd1IAMFqoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162dd4-1a4e78b86a7075e632de4bf5;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: ofXGNAvEmGsCA3lg3SeqkQvsgERe8Shqnsx1pGLs_e3w7uTHO0JcMw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:15:50 GMT
age: 82995
etag: "974780a01c5fe24e092b4d8bd08a3a13a17485e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: K19FG80YIBs-7NnPFJQEodETe4DpifB_BA2FpyYtB0W-sXXjNlLKxw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 07:04:47 GMT
age: 51258
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f53bb1fb90c97461035e7f9f7f7837e
961b5fcbca5b49ca9136e74931253bb300aa1985
dad960991444a4cbd8841e5c673b0e4337bdeb8c18672b5cfadb93d4ac70e8d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11673
x-amzn-requestid: 3675d2d9-47ab-4712-9511-0ad7570dd3cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eNfFXSIAMFbhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd89-53c9817044fda17b212f0237;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:13 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 3NRQ90kGnSsxxMeQA9UqBNxrT5CpJWJgKKPWHwcj2XBkSIjiwE55sw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 23:40:53 GMT
age: 77892
etag: "961b5fcbca5b49ca9136e74931253bb300aa1985"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948af7b9-8b3e-4159-bdaa-f68fedcc3497.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948af7b9-8b3e-4159-bdaa-f68fedcc3497.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 790ee76f4db86cd0cc555f6d7beada2c
fea1a6b2a38be6a09e086def71f521cc88509a0f
f7641b9e414006ee96daa82fd9d6aa1463d47c0388a9f3b289c563af76a3d2ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948af7b9-8b3e-4159-bdaa-f68fedcc3497.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7930
x-amzn-requestid: 276e0768-3943-40ba-9d6c-4f13ab08da51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wqXFwvoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e42-6f9e6903248d187d5d4a8544;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ZMNiK-tkkiBb_emHsrzLhJleK98OCtNZNGO-9DMMAbHyqfPB-2kAMg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:48:16 GMT
age: 84649
etag: "fea1a6b2a38be6a09e086def71f521cc88509a0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
notaire-gay-friendly.fr/scarica/
185.98.131.142302 Found 0 B URL HTTP/2 notaire-gay-friendly.fr/scarica/
IP 185.98.131.142:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /scarica/ HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 19 Mar 2023 21:19:02 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
set-cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2295737b0d37d0f657e3fad031e15d6faf%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679260742%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D17a8004761d56c0b51ec70f9c32b50a6; expires=Sun, 19-Mar-2023 23:19:02 GMT; Max-Age=7200; path=/
location: /
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat
IP 142.250.74.138:0
GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 19 Mar 2023 21:19:03 GMT
date: Sun, 19 Mar 2023 21:19:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
IP 142.250.74.138:0
GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 19 Mar 2023 21:19:03 GMT
date: Sun, 19 Mar 2023 21:19:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2