tlemcen.residanat-dz.com/auth
51.254.44.204301 Moved Permanently 162 B URL HTTP/1.1 tlemcen.residanat-dz.com/auth
IP 51.254.44.204:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery malware Malware - Botnet panel
GET /auth HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Dec 2022 10:19:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://tlemcen.residanat-dz.com/auth
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10113
Expires: Wed, 07 Dec 2022 13:07:46 GMT
Date: Wed, 07 Dec 2022 10:19:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5832
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:13 GMT
Last-Modified: Wed, 07 Dec 2022 08:42:01 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3992
Expires: Wed, 07 Dec 2022 11:25:45 GMT
Date: Wed, 07 Dec 2022 10:19:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 09:20:28 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3525
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CzY89jznUH+sHNdmXDZA8DwQFznuYLw+59ElfUEp2nXzoQCNlN7VEXz6kYa4GURuzLddEQcU7aU=
x-amz-request-id: Q0DV4QHJT380670F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 09:47:27 GMT
age: 1906
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/auth
51.254.44.204200 OK 5.5 kB URL HTTP/2 tlemcen.residanat-dz.com/auth
IP 51.254.44.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2155)
Hash 8cdbb74fcccc9bcc63dd37bced148112
381a0073915270919701c7b6ac1552c0415301e8
939c9eb61cad6342e3538f8dbcdc6379f01f13637e594c7d2877ebca31bb780a
GET /auth HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: text/html; charset=UTF-8
content-length: 5471
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; expires=Wed, 07-Dec-2022 10:49:13 GMT; Max-Age=1800; path=/; domain=.residanat-dz.com
gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D; expires=Wed, 07-Dec-2022 10:49:13 GMT; Max-Age=1800; path=/; domain=.residanat-dz.com; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-select/bootstrap-select.min.css
51.254.44.204200 OK 1.6 kB URL HTTP/2 tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-select/bootstrap-select.min.css
IP 51.254.44.204:0
File type ASCII text, with very long lines (6433)
Hash 7042a9e4c8eac38322944f7abd45a43c
0b4db5f876f176caa9b7c75f087ce2880228f11e
78037f124f719a87d900ea8d4973616cbac7ce3b0ac6fe76c794b2199841976c
GET /plugins/bower_components/bootstrap-select/bootstrap-select.min.css HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: text/css
content-length: 1583
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "19fa-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-extension/css/bootstrap-extension.css
51.254.44.204200 OK 12 kB URL HTTP/2 tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-extension/css/bootstrap-extension.css
IP 51.254.44.204:0
File type ASCII text, with very long lines (65511)
Hash 22a59352a39a33d0537a708704fc1ab7
9ee53e958d48cfdcd58723445d81b90d8708938c
5e02c9318a4a2bffabb9109642ed5fe641ea5d302a9af65e2fb16e744ef730fb
Analyzer Verdict Alert urlquery malware Malware - Botnet panel
GET /plugins/bower_components/bootstrap-extension/css/bootstrap-extension.css HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: text/css
content-length: 12522
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "1302f-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/plugins/bower_components/sweetalert/sweetalert.min.css
51.254.44.204200 OK 3.2 kB URL HTTP/2 tlemcen.residanat-dz.com/plugins/bower_components/sweetalert/sweetalert.min.css
IP 51.254.44.204:0
File type ASCII text, with very long lines (13129)
Hash f3ea630fdc258ae7a7a3c9bf8b5f806b
2dff82c1ddaf481831d500d64ba9152c6c9835f1
e340e46faf1f6ac5ae80a620b9aa96ab6ddd3efd3bf072a8cf3497c715c9bb7a
GET /plugins/bower_components/sweetalert/sweetalert.min.css HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: text/css
content-length: 3150
last-modified: Thu, 09 Dec 2021 11:04:46 GMT
etag: "3dc5-5d2b49303cf80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/css/colors/blue.css
51.254.44.204200 OK 1.0 kB URL HTTP/2 tlemcen.residanat-dz.com/css/colors/blue.css
IP 51.254.44.204:0
File type ASCII text, with very long lines (2590), with no line terminators
Hash fae718a47427e1a66ee7dbd99ec282c1
2006a219ec8e0899a71f367e797c5fbee3b8756f
b71fdc9902717a9e8b2ac762987761a0362d966b17b621b75ba9f9e61fb508b1
GET /css/colors/blue.css HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: text/css
content-length: 1003
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "a1e-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/css/animate.css
51.254.44.204200 OK 4.0 kB URL HTTP/2 tlemcen.residanat-dz.com/css/animate.css
IP 51.254.44.204:0
File type ASCII text, with very long lines (56259)
Hash 6ae92e6eb5c9a4f1e645853bc055542d
f5c1ba9ac3a079f46dfb9e0ee59505eb09b378ad
0d0d42380c6b1577939ce2bfff12f8af8e7f54f2e121e9f6b54e332aa3b377e3
GET /css/animate.css HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: text/css
content-length: 3996
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "dc81-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3025b4c51fa49b1cfb04323171de5be1
2e90e313500f8c8614913c7adb2451f11a2e097e
4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5542
Cache-Control: max-age=166477
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:13 GMT
Etag: "63903a48-117"
Expires: Fri, 09 Dec 2022 08:33:50 GMT
Last-Modified: Wed, 07 Dec 2022 07:01:28 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
tlemcen.residanat-dz.com/css/style.min.css
51.254.44.204200 OK 47 kB URL HTTP/2 tlemcen.residanat-dz.com/css/style.min.css
IP 51.254.44.204:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9db66439c671b4a0c2381d20f12169d7
68f8339dc442bf52cb18791caa4af1ab60ade057
76d735b43939df3767bedd16489d22589a6cc2ba33c1b71c57501da46d2b0ef9
GET /css/style.min.css HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: text/css
content-length: 47113
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "41311-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-extension/js/bootstrap-extension.min.js
51.254.44.204200 OK 7.2 kB URL HTTP/2 tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-extension/js/bootstrap-extension.min.js
IP 51.254.44.204:0
File type ASCII text, with very long lines (26402)
Hash 7ae93d1eb18564db04ae88d46ecda474
0f1f21bd7da4962d0a831bc5901b1a36044ad90c
4f97625777a1c08cbb7d484012726ea93947276ebc4325a3574e6e565be2255a
Analyzer Verdict Alert urlquery malware Malware - Botnet panel
GET /plugins/bower_components/bootstrap-extension/js/bootstrap-extension.min.js HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 7219
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "68a7-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-select/bootstrap-select.min.js
51.254.44.204200 OK 9.9 kB URL HTTP/2 tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-select/bootstrap-select.min.js
IP 51.254.44.204:0
File type ASCII text, with very long lines (32020)
Hash 23076a2bc071060db53a637910981afe
8028555a666437254057647cc9ac47c52f41bd49
f6b8c877f71d2864d51126a17ee08332e04ea307e2579138d735f45bf83ad37a
GET /plugins/bower_components/bootstrap-select/bootstrap-select.min.js HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 9928
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "84ab-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/plugins/bower_components/sidebar-nav/dist/sidebar-nav.min.js
51.254.44.204200 OK 808 B URL HTTP/2 tlemcen.residanat-dz.com/plugins/bower_components/sidebar-nav/dist/sidebar-nav.min.js
IP 51.254.44.204:0
File type exported SGML document, ASCII text, with very long lines (1705)
Hash adff3ff56193dff93eb27e52fd88dd9a
4dd8389c1aa3fbc80a886e01e01a54892d438fa5
5e95d1e066d62b01aacc5d5bc24e8f64b1b8f0fb9c173c5c5e3d3b53c3448401
GET /plugins/bower_components/sidebar-nav/dist/sidebar-nav.min.js HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 808
last-modified: Thu, 09 Dec 2021 11:04:46 GMT
etag: "757-5d2b49303cf80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/js/jquery.slimscroll.js
51.254.44.204200 OK 1.8 kB URL HTTP/2 tlemcen.residanat-dz.com/js/jquery.slimscroll.js
IP 51.254.44.204:0
File type ASCII text, with very long lines (4475), with no line terminators
Hash 74747d75514b407e798f0fac09b4433b
90aacbeed757cddbc9b644544340449b694849ce
cd4e26e3dd122f6e35c931dcf0cac7dc8584b3467f026c6ae41f74ab2a818551
GET /js/jquery.slimscroll.js HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 1762
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "117b-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/js/waves.js
51.254.44.204200 OK 1.5 kB URL HTTP/2 tlemcen.residanat-dz.com/js/waves.js
IP 51.254.44.204:0
File type ASCII text, with very long lines (4237), with no line terminators
Hash 1edc603f6b0cf4b3ced2b9b2b441ac4e
16ae2d5a71fa701d4ef5c5427acab041aa6ec464
c38b93a74611352b8c54ecdccea9e15a95cfd599a647e0b940b59e347fc131f8
GET /js/waves.js HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 1519
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "108d-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/js/custom.min.js
51.254.44.204200 OK 1.3 kB URL HTTP/2 tlemcen.residanat-dz.com/js/custom.min.js
IP 51.254.44.204:0
File type ASCII text, with very long lines (3910), with no line terminators
Hash 7906c9cf06d5440ad18c324854c9d056
6599b3585d645d49cf9d30f9f74ad0edca2f4308
1a954ba7a1a30aad3edff032212ede40484c53afe217503cb5ce55c9c876e121
GET /js/custom.min.js HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 1259
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "f46-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3025b4c51fa49b1cfb04323171de5be1
2e90e313500f8c8614913c7adb2451f11a2e097e
4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5542
Cache-Control: max-age=166477
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:13 GMT
Etag: "63903a48-117"
Expires: Fri, 09 Dec 2022 08:33:50 GMT
Last-Modified: Wed, 07 Dec 2022 07:01:28 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
tlemcen.residanat-dz.com/plugins/bower_components/sweetalert/sweetalert.min.js
51.254.44.204200 OK 5.4 kB URL HTTP/2 tlemcen.residanat-dz.com/plugins/bower_components/sweetalert/sweetalert.min.js
IP 51.254.44.204:0
File type ASCII text, with very long lines (16994), with no line terminators
Hash 08b4fc8d8cdcdd5cfb1df8390d97180e
15fe527f5709dda4cee7bf7ec5633d639769f646
87a0f304e031809e528d16be619c1b926202a046c719356c9f95d3d1097e24a6
Analyzer Verdict Alert urlquery malware Malware - Botnet panel
GET /plugins/bower_components/sweetalert/sweetalert.min.js HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 5416
last-modified: Thu, 09 Dec 2021 11:04:46 GMT
etag: "4262-5d2b49303cf80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/logo/new/login/13.png
51.254.44.204200 OK 18 kB URL HTTP/2 tlemcen.residanat-dz.com/logo/new/login/13.png
IP 51.254.44.204:0
File type PNG image data, 259 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash 4133aff8b4c4269c644a7b57d8c69708
5eb63ec71fc8fca47ec22fbc77d2119937d84bba
720c6e08bbaed3fd4db2a416aabbf4edd9ecaf545f54388b890f49d483ea7976
GET /logo/new/login/13.png HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: image/png
content-length: 17803
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "458b-5d2b492f48d40"
accept-ranges: bytes
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.17.24.14200 OK 6.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (19015)
Hash 7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tlemcen.residanat-dz.com
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2220896
expires: Mon, 27 Nov 2023 10:19:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms0TO4EQJ%2B9ZhI41xtvu5kCkN2g%2FA6d4hBuHBpWOG0wBvA5CS9blgVYsCG2HXOcWJ5ZtX%2BJT2Fjd%2Fcu6TBax%2F6G9z%2BPvhhv2%2FKdJmk%2FmtiTnOltB7HHN7JuND%2F5eDztSp1unHQEc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775c8592bd43b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32025)
Hash 38a76bd9db7bcd61655d35a37046ad1d
b8aef4bba84d71000810736dd76f643a872ee15c
d4e1d1ccb31338384004beeef249ac102cbd298136b26dfe158ecb7bf4f62937
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 26646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1499c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2293956
expires: Mon, 27 Nov 2023 10:19:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DekeIOssqQXbbItzebTGZI%2FcY03GH%2BwidMASi9A9VvnV1%2FIJP%2FN8CgP%2F%2FeYVsDxOhSUdMyUUtfkF87I9XeInS%2FyKO7LF5wcnzTP2goOE%2F7zl2q2MdGt29ta2FZrTHRFAtpcV9Ty5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775c8592b935b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/css/spinners.css
51.254.44.204200 OK 314 B URL HTTP/2 tlemcen.residanat-dz.com/css/spinners.css
IP 51.254.44.204:0
Hash 9230fe02393815358f5e7522aecd3ea3
7611edc9d5a96416d6c408dbf08cbcbfb19d2e37
5fcd572a42ea3aaa9a41302700168c8e61ae6d1b59e840cd44f211884129ef65
GET /css/spinners.css HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/css/style.min.css
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: text/css
content-length: 314
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "423-5d2b492f48d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3025b4c51fa49b1cfb04323171de5be1
2e90e313500f8c8614913c7adb2451f11a2e097e
4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5542
Cache-Control: max-age=166477
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:13 GMT
Etag: "63903a48-117"
Expires: Fri, 09 Dec 2022 08:33:50 GMT
Last-Modified: Wed, 07 Dec 2022 07:01:28 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2
104.17.24.14200 OK 67 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tlemcen.residanat-dz.com
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:19:14 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 66624
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-10440"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15694968
expires: Mon, 27 Nov 2023 10:19:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXfPNbjouY0G%2FuVCke3ej5t7MRFWQRBGMPIRsjnAofbsjR5CVCZHr3Ve4yuQ%2BcDb%2BtKTdIh1VQ4hwvfy1CcYkjX5Wj5Yd4cRmKtrCpCmKpT9wAEnqtsoTDYkZtVDm2f4NnHjvMSE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775c8594e83fb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-extension/fonts/glyphicons-halflings-regular.woff2
51.254.44.204200 OK 18 kB URL HTTP/2 tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-extension/fonts/glyphicons-halflings-regular.woff2
IP 51.254.44.204:0
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
GET /plugins/bower_components/bootstrap-extension/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/plugins/bower_components/bootstrap-extension/css/bootstrap-extension.css
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:14 GMT
content-type: font/woff2
content-length: 18028
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "466c-5d2b492f48d40"
accept-ranges: bytes
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.10.207200 OK 14 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP 104.18.10.207:0
File type ASCII text, with very long lines (48664)
Hash 0d2d7262a098f401208e3ddc2b7e9763
59478f4e3bd12a94d163b6af89c1abeef03e40c0
a95daa48ae2c19f19c800187f7f166cd2ee9d3cb31a4246db4ae78a812ff1879
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tlemcen.residanat-dz.com
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e4d581e100e6a838837d74fc92be726f
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775c85933967b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.35200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tlemcen.residanat-dz.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 571824
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tlemcen.residanat-dz.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 20:09:28 GMT
expires: Thu, 30 Nov 2023 20:09:28 GMT
cache-control: public, max-age=31536000
age: 569386
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v1/yQWaOD4iNU5NTY0apN-qj_k_vArhqVIZ0nv9q090hN8.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v1/yQWaOD4iNU5NTY0apN-qj_k_vArhqVIZ0nv9q090hN8.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13988, version 2.0\012- data
Hash 14e5dbab8e2e8259e8f68a6d46d2a4d2
458963b110b03c63b9497a6aeb810b7468b757ca
e3cc6223f76dac1abe95f64280756f04739beb1c4fd36c7e53169b4f2c7959eb
GET /s/poppins/v1/yQWaOD4iNU5NTY0apN-qj_k_vArhqVIZ0nv9q090hN8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tlemcen.residanat-dz.com
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:03:02 GMT
expires: Wed, 06 Dec 2023 15:03:02 GMT
cache-control: public, max-age=31536000
age: 69372
last-modified: Wed, 03 Jun 2015 22:54:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tlemcen.residanat-dz.com/favicon.ico
51.254.44.204200 OK 0 B URL HTTP/2 tlemcen.residanat-dz.com/favicon.ico
IP 51.254.44.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery malware Malware - Botnet panel
GET /favicon.ico HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:14 GMT
content-type: image/vnd.microsoft.icon
content-length: 0
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "0-5d2b492f48d40"
accept-ranges: bytes
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5817
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:19:14 GMT
Last-Modified: Wed, 07 Dec 2022 08:42:17 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
maps.gstatic.com/mapfiles/openhand_8_8.cur
216.58.207.227200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 216.58.207.227:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Wed, 07 Dec 2022 10:19:14 GMT
expires: Wed, 07 Dec 2022 10:19:14 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.69.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.69.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e/rxNEa6Ghp3JdqQSkIOKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UYJ5QEEZo/DadjUqciRy18A1wU4=
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash 2c5e576c986fa3babe2c32f4a7ca3f3c
2f9f0aaf63ec000b07fc073c26fddfb6ab4e4466
f560931ec3844307c32fb2b1503925261fc99f30ecd22d27664b104e13e5567c
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tlemcen.residanat-dz.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 571521
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tlemcen.residanat-dz.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 571500
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6809
Expires: Wed, 07 Dec 2022 12:12:44 GMT
Date: Wed, 07 Dec 2022 10:19:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6809
Expires: Wed, 07 Dec 2022 12:12:44 GMT
Date: Wed, 07 Dec 2022 10:19:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6809
Expires: Wed, 07 Dec 2022 12:12:44 GMT
Date: Wed, 07 Dec 2022 10:19:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6809
Expires: Wed, 07 Dec 2022 12:12:44 GMT
Date: Wed, 07 Dec 2022 10:19:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6809
Expires: Wed, 07 Dec 2022 12:12:44 GMT
Date: Wed, 07 Dec 2022 10:19:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98d2cf29c710d25bd2f03ff216fdd369
b8eb2e11f9655f19334befc036f21489a6473827
614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
content-type: image/jpeg
age: 44516
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f38ce0fb35ef0fc66b61cafd2b09eeb6
aded2fe97a129dc820ba9d6d7605aeadfe17c15c
39bcb5e0c3a9cd39c0fcefbffd9e6f949bb9d85f0bee2b0b7c5cb999b508b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 24355473-a83a-42b6-bdf3-ae2c39f7f3eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ccq48GfKoAMFjmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63882505-2f58dd012665cb131ceff8f2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 03:52:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VySWUb7U2HlkyL8T1PCOzSDXNSDJDRIIF1PAnwaK2DHiGJFGGzRCOQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:30:30 GMT
age: 42525
etag: "aded2fe97a129dc820ba9d6d7605aeadfe17c15c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/img/icon-marker.png
51.254.44.204500 Internal Server Error 11 kB URL HTTP/2 tlemcen.residanat-dz.com/img/icon-marker.png
IP 51.254.44.204:0
Hash 4b4ae5b7c409c5668b93e3f94f95db7b
11e5ab332f9095ce9769508c90b1f3aeb0705efc
ad796a56eb9ea7f30f6a60a35c3074a642e81cd771908f35200a781fb9627509
GET /img/icon-marker.png HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
server: nginx
date: Wed, 07 Dec 2022 10:19:15 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 44242
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2ae931d0f14a81013f782d43b8c7b85
9ec84996b63362ad370ff67b0fd8136a343c1bbf
9b4a2b3e5e2d2b4fac094135fed10a3040598f1208f6b2ec52d95d10aca66ed5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9891
x-amzn-requestid: f15dc6ba-901b-4ef6-8589-d8918fe84173
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csU8lF3MoAMF47g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6850-496d269b228065a365a67eea;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:53:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PeQWrtcQx_ZzQ4WNPzeiPoHXbxVcdLo9ulplJSlL1GmEpuC0qGkElw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 13:33:28 GMT
age: 74747
etag: "9ec84996b63362ad370ff67b0fd8136a343c1bbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2409529ecac5140de749d864da85af0d
99f431b4ca446996dbacb969440e2ecfb11fd9e0
81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6422
x-amzn-requestid: 6d0cc220-31bc-4815-ade5-7e3e5403f39f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cniYTGgRoAMF5lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c7dce-64fbea8330a62e4f741c0c4e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 11:00:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IWfRJ5GaowWTJhSqFpvEhGKVi9DTp-h6tmrMXRtUlmXCMmolLPpaIA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:59:34 GMT
age: 8381
etag: "99f431b4ca446996dbacb969440e2ecfb11fd9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/img/login-back-min-compressed_petit.jpg
51.254.44.204200 OK 0 B URL HTTP/2 tlemcen.residanat-dz.com/img/login-back-min-compressed_petit.jpg
IP 51.254.44.204:0
GET /img/login-back-min-compressed_petit.jpg HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: image/jpeg
content-length: 104980
last-modified: Thu, 09 Dec 2021 11:04:45 GMT
etag: "19a14-5d2b492f48d40"
accept-ranges: bytes
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
tlemcen.residanat-dz.com/img/icon-marker.png
51.254.44.204500 Internal Server Error 0 B URL HTTP/2 tlemcen.residanat-dz.com/img/icon-marker.png
IP 51.254.44.204:0
GET /img/icon-marker.png HTTP/1.1
Host: tlemcen.residanat-dz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/auth
Cookie: XSRF-TOKEN=eyJpdiI6ImplUEcyMVVLTHVVM2xOdmg2ZG15dEE9PSIsInZhbHVlIjoiZ1Fwa2tJb0hIK1dNbGR1dzRhT3dPeEZaalRXVmhTUjBUd0F1NEJcL3V1QmxYbm1OVDI4ZVUrb0txXC92TTVYNDRWIiwibWFjIjoiMDA0MjI4YjY0OGQ4M2JlOTJiODIyOGY3ZjFhMTM2N2IxY2RjMWFmMjNiNTk1OGQ0MWMzZTIwZGViN2E2ZmFhZCJ9; gic_session=eyJpdiI6IklwTWxUUlpyRmVcL3c3aU55alFubE1RPT0iLCJ2YWx1ZSI6Ik93eXFXb0RMZ1l6WWN5V1Z1dDUzR1RuM0lDMmswZ1dHRVNWOWxibnl1NjVabjZXbFJ3bGtScEhCMXdSbFJlZW5sTVk4aE03bWt3Q2JhRldnYkJuY1hlTTIyQTU4Yk5jUmhPRlhnWGNMczc3R250dUZoeGo2dDluXC90M2E0U1RkUCIsIm1hYyI6IjQ5MWY0MTM0NzAyZTNjYjQ4NTI2M2E3ZGZmMjIzZjRmNjFkNDU5OWFmOGVlZDczZTY1NzY3MjNhZjAzNGZkNTcifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
server: nginx
date: Wed, 07 Dec 2022 10:19:16 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:400,500,300,600,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:400,500,300,600,700
IP 142.250.74.106:0
GET /css?family=Poppins:400,500,300,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 10:19:13 GMT
date: Wed, 07 Dec 2022 10:19:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tlemcen.residanat-dz.com
Connection: keep-alive
Referer: https://tlemcen.residanat-dz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:19:13 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ecae45ba15af930c875a770323a61a6b
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775c8593598eb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2