Report - lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/

Report Overview

URL

lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/
IP

188.95.252.58

ASN

#197518 Rackmarkt SL
Submitted

2023-01-14T22:24:16Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

2

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com (1)	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340	963	172.64.155.188
frmaximusleads.mycleverpush.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	527	26897	116.203.25.165
static.cleverpush.com (1)	16927	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394	886	104.26.15.31
lepetitveinard.fr (10)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6243	177811	188.95.252.58
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2374	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5844	34.160.144.191
www.google-analytics.com (1)	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374	20730	142.250.74.46
www.gstatic.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445	163955	142.250.74.35
region1.google-analytics.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	788	564	216.239.34.36
stats.g.doubleclick.net (1)	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	611	712	173.194.222.155
fonts.gstatic.com (2)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	976	32794	142.250.74.35
ajax.aspnetcdn.com (4)	693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1643	76403	152.199.19.160
ocsp.pki.goog (10)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3430	6996	142.250.74.131
www.googletagmanager.com (1)	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385	78100	142.250.74.40
cdn.lepetitveinard.fr (19)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11421	261141	188.95.252.58
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3246	60734	34.120.237.76
api.cleverpush.com (2)	16719	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	983	1825	104.26.15.31
ocsp.digicert.com (3)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1023	1825	93.184.220.29
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	35.167.121.239
cdn.ca-owl.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430	6833	188.95.252.55
www.google.com (1)	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	432	1198	142.250.74.132
r3.o.lencr.org (14)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4732	12411	23.33.119.27
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	391	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-14	medium	lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/	Phishing
2023-01-14	medium	lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (85)

URL IP Response Size

lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/

188.95.252.58

301 Moved Permanently

URL HTTP/1.1

lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/ HTTP/1.1
Host: lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

2258cd6b877a3aca8f4c84074e65ac4b

4e46c70941f8e497e8afc8d078644e7f81761a1c

faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20996
Expires: Sun, 15 Jan 2023 04:14:01 GMT
Date: Sat, 14 Jan 2023 22:24:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

3063227f59d1935298b0620fa7919145

478e1d8bef04b1f95381cac01829c03b6779d420

619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5293
Expires: Sat, 14 Jan 2023 23:52:19 GMT
Date: Sat, 14 Jan 2023 22:24:06 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

ff250d3ef3fa45322bf05039a0122a9f

b3e7a2c383bce1bab807dbe1a03c375258b51f1d

d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 21:48:56 GMT
content-type: application/json
age: 2110
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

64765d3d978fd74d7bc47d55d4f097cf

92eb3f0d55ba99be28105c0b28ef7dd456817f1f

761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7616
Expires: Sun, 15 Jan 2023 00:31:02 GMT
Date: Sat, 14 Jan 2023 22:24:06 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

7b922915ebf1fa3639b333f994c74f24

144a3f80b98fd0652d4614f24cf6cbbee40f8938

adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: rrehGN2QYz04L0yVX/hYaKiMqDwry6C72wDIqLQEijXpjEGavylwu+c6RFtQGXoOGN8q1N5FZsU=
x-amz-request-id: RW2DJ6KKA2G9H6QX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 21:55:07 GMT
age: 1739
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 22:24:06 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

96fd19e0a695614f42c352c53c83a5ff

e374c119254726b39a11009b0989e616710143c0

2f1dfbc56acd4242726b02868697d851a58a3590226fe87873e18aa605812470

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F1DFBC56ACD4242726B02868697D851A58A3590226FE87873E18AA605812470"
Last-Modified: Sat, 14 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 15 Jan 2023 04:24:06 GMT
Date: Sat, 14 Jan 2023 22:24:06 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 21:33:45 GMT
age: 3021
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/

188.95.252.58

200 OK

84114

URL HTTP/1.1

lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24554), with CRLF, LF line terminators

Size

84114
Hash

c5a3be265178fe53cd02445c2a5830d6

e31578788aac0221d8f964625f98bc7073bbe458

cebb99c770d360f9f259d15f3d62e5869463169ac4ac7059789a1f86aaba308f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/ HTTP/1.1
Host: lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=288aea7762430c543ab83a632145d331; path=/
PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9; expires=Sat, 14-Jan-2023 23:24:06 GMT; Max-Age=3600; path=/; domain=lepetitveinard.fr; secure; HttpOnly
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

ajax.aspnetcdn.com/ajax/bootstrap/4.4.1/css/bootstrap.min.css

152.199.19.160

200 OK

36257

URL HTTP/2

ajax.aspnetcdn.com/ajax/bootstrap/4.4.1/css/bootstrap.min.css
IP

152.199.19.160:0
ASN

#15133 EDGECAST

Magic

ASCII text, with very long lines (65324)

Size

36257
Hash

09b9cc3ce797586ea2c514ff43b90f4c

e789789d727a67d47324fbdc7675bc98ad26a4ac

6609634fa5e50638d16b2c8253249fdb7efcb06aae6543b79ce52830e563d6af

HTTP Headers

                                        GET /ajax/bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 14574953
cache-control: public,max-age=31536000
content-type: text/css
date: Sat, 14 Jan 2023 22:24:06 GMT
etag: "693a5e1fafabd51:0"
last-modified: Thu, 05 Dec 2019 21:01:11 GMT
server: ECAcc (ska/F6D0)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 36257
X-Firefox-Spdy: h2

lepetitveinard.fr/css/style_enrico.min.css

188.95.252.58

200 OK

40486

URL HTTP/1.1

lepetitveinard.fr/css/style_enrico.min.css
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

Unicode text, UTF-8 text, with very long lines (40484), with no line terminators

Size

40486
Hash

a7a0befd7b3bfd1f0e33b97983ee30d7

f76d292dbf5e6b9203891d2ef052a5ee20fc0b39

99f04e0145f0e07849b2e9b6822e84071b6128213156b2d9a5dfcfd15ceb9f13

HTTP Headers

                                        GET /css/style_enrico.min.css HTTP/1.1
Host: lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/
Cookie: PHPSESSID=288aea7762430c543ab83a632145d331; PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Tue, 25 Oct 2022 10:22:23 GMT
accept-ranges: bytes
content-length: 40486
content-type: text/css

ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js

152.199.19.160

200 OK

30737

URL HTTP/2

ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js
IP

152.199.19.160:0
ASN

#15133 EDGECAST

Magic

ASCII text, with very long lines (65451)

Size

30737
Hash

3195e7e20d5daf86f6c6f6107c7bad9d

f5dc59013bfc44a61d3379e5c2e0356935ccda0e

524f9b76882cacbfa2459d4e6464bd039da02db98a25dc29754c54ea4b2d8867

HTTP Headers

                                        GET /ajax/jQuery/jquery-3.4.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 18549706
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sat, 14 Jan 2023 22:24:06 GMT
etag: "808705b151d51:0"
last-modified: Thu, 02 May 2019 18:32:11 GMT
server: ECAcc (ska/F78D)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30737
X-Firefox-Spdy: h2

ajax.aspnetcdn.com/ajax/jquery.validate/1.16.0/jquery.validate.min.js

152.199.19.160

200 OK

7459

URL HTTP/2

ajax.aspnetcdn.com/ajax/jquery.validate/1.16.0/jquery.validate.min.js
IP

152.199.19.160:0
ASN

#15133 EDGECAST

Magic

Unicode text, UTF-8 text, with very long lines (22932)

Size

7459
Hash

3388cf4f4a0e909558e5914c9830d3e6

57e485d214d98b02bf1e8d372778cd1d51fd2b26

9eb807cb8139453bbb9a165fc0f9c38abd342908c31aa56767923631772e85c5

HTTP Headers

                                        GET /ajax/jquery.validate/1.16.0/jquery.validate.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 19942065
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sat, 14 Jan 2023 22:24:06 GMT
etag: "80398b133382d21:0"
last-modified: Wed, 08 Feb 2017 17:45:03 GMT
server: ECAcc (ska/F690)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 7459
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

e804586be26c88b95d554afe0ef24d5c

6f99b1fe2330c4661608f17819a4490a92ca296c

38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 22:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lepetitveinard.fr/js/localization/methods_global.min.js

188.95.252.58

200 OK

5718

URL HTTP/1.1

lepetitveinard.fr/js/localization/methods_global.min.js
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

ASCII text, with very long lines (5718), with no line terminators

Size

5718
Hash

cd6121010b8f9b0d4a82998ee5aa596b

7421e1dd2a9a6ab3bb44568cac4319c0d0fd6acb

f6ecb44a2a882634f0620f804162aca39522c916cfedda55cfddcffbaa5cfd58

HTTP Headers

                                        GET /js/localization/methods_global.min.js HTTP/1.1
Host: lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/
Cookie: PHPSESSID=288aea7762430c543ab83a632145d331; PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Tue, 25 Oct 2022 10:22:26 GMT
accept-ranges: bytes
content-length: 5718
content-type: application/javascript

www.googletagmanager.com/gtag/js?id=G-43NG2SCRTD

142.250.74.40

200 OK

77383

URL HTTP/2

www.googletagmanager.com/gtag/js?id=G-43NG2SCRTD
IP

142.250.74.40:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (20080)

Size

77383
Hash

651db2b8bee07e41e08deef289287475

b0415f703dc2d6c9c2b761f772748d9f02f58afa

47754e5e551b3c6f6ddc07193f9d645f3c94bd562826cb977a2f812f4c3874d2

HTTP Headers

                                        GET /gtag/js?id=G-43NG2SCRTD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 22:24:06 GMT
expires: Sat, 14 Jan 2023 22:24:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77383
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lepetitveinard.fr/js/localization/messages_fr.min.js

188.95.252.58

200 OK

3511

URL HTTP/1.1

lepetitveinard.fr/js/localization/messages_fr.min.js
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

Unicode text, UTF-8 text, with very long lines (3504), with no line terminators

Size

3511
Hash

8563d0e4ec36309ef46403cf7144353c

5b0b2455f416760a35aa45e965bec4d03c6b71a2

15aa7b471317453da3a90ca98ca657f094f85be603ba72bd8e684bb988c3ee5c

HTTP Headers

                                        GET /js/localization/messages_fr.min.js HTTP/1.1
Host: lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/
Cookie: PHPSESSID=288aea7762430c543ab83a632145d331; PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Tue, 25 Oct 2022 10:22:27 GMT
accept-ranges: bytes
content-length: 3511
content-type: application/javascript

lepetitveinard.fr/fonts/base_1/open-sans-v17-latin-ext_latin-700.woff2

188.95.252.58

200 OK

20108

URL HTTP/1.1

lepetitveinard.fr/fonts/base_1/open-sans-v17-latin-ext_latin-700.woff2
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

Web Open Font Format (Version 2), TrueType, length 20108, version 1.0\012- data

Size

20108
Hash

5717b08cf679657595d0383d291a04c3

e54f8981dfe2c7909646716d7f3da669d5df2d15

59a3166f7bacce6a65bf901ad20f141b619bca39a1318ea5efbdaa587b48a800

HTTP Headers

                                        GET /fonts/base_1/open-sans-v17-latin-ext_latin-700.woff2 HTTP/1.1
Host: lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/
Cookie: PHPSESSID=288aea7762430c543ab83a632145d331; PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Mon, 31 Aug 2020 11:50:09 GMT
accept-ranges: bytes
content-length: 20108
content-type: font/woff2

ocsp.digicert.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

c01ec61f7ca77158f474b3ab519c12fa

fc82ae0fcd73a83a980b75709a08e65239894e4a

f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5983
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 22:24:06 GMT
Last-Modified: Sat, 14 Jan 2023 20:44:23 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

9514817a5dc04c039c4ea038ea5c884d

198ae5df4f1029adcdb8b0c63e444023ca32828f

c2a15a1cf3aa51d05cb413f6b41c58dad5f0b99f16aaf09d483f02bebca404d9

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3036
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 22:24:06 GMT
Last-Modified: Sat, 14 Jan 2023 21:33:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278

lepetitveinard.fr/fonts/base_1/open-sans-v17-latin-ext_latin-regular.woff2

188.95.252.58

200 OK

19396

URL HTTP/1.1

lepetitveinard.fr/fonts/base_1/open-sans-v17-latin-ext_latin-regular.woff2
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

Web Open Font Format (Version 2), TrueType, length 19396, version 1.0\012- data

Size

19396
Hash

be21e759f9abd15b8cef68d92cedc081

84a2292a0ae289e26139f38470c50b9fd9ed421f

537d46273fe124bbced2f098f26222fa3155741e9d76f906c3c39e7fa09bf6a8

HTTP Headers

                                        GET /fonts/base_1/open-sans-v17-latin-ext_latin-regular.woff2 HTTP/1.1
Host: lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/
Cookie: PHPSESSID=288aea7762430c543ab83a632145d331; PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Mon, 31 Aug 2020 11:50:09 GMT
accept-ranges: bytes
content-length: 19396
content-type: font/woff2

lepetitveinard.fr/js/localization/methods_fr.min.js

188.95.252.58

200 OK

1061

URL HTTP/1.1

lepetitveinard.fr/js/localization/methods_fr.min.js
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

Unicode text, UTF-8 text, with very long lines (965), with no line terminators

Size

1061
Hash

b021bce5678baab9dc62d3e0c9ac9aff

1dd30e1074357c4b3957b7ae4bd31582fef5fb40

2538be896f1981630ad1dbeda60b90b75cc6f310a9d6d45cf28a5fe5e9131302

HTTP Headers

                                        GET /js/localization/methods_fr.min.js HTTP/1.1
Host: lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/
Cookie: PHPSESSID=288aea7762430c543ab83a632145d331; PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Tue, 25 Oct 2022 10:22:26 GMT
accept-ranges: bytes
content-length: 1061
content-type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

e804586be26c88b95d554afe0ef24d5c

6f99b1fe2330c4661608f17819a4490a92ca296c

38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 22:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lepetitveinard.fr/js/script_enrico.min.js

188.95.252.58

200 OK

1152

URL HTTP/1.1

lepetitveinard.fr/js/script_enrico.min.js
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

Apache Avro version 101\012- , ASCII text, with very long lines (1152), with no line terminators

Size

1152
Hash

7c52b1e4c6c9735ecfcbba6aede6964d

62faf4c3869893a0f488dfe770f8edb4fe0077d4

e29502b8363e6c5906e909e0906ade00b6ceaeeea1256fd234de35bb742e4b5e

HTTP Headers

                                        GET /js/script_enrico.min.js HTTP/1.1
Host: lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/wingames/FR-fr/chocolat-paquet-03-fr/714/welcome/
Cookie: PHPSESSID=288aea7762430c543ab83a632145d331; PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Tue, 25 Oct 2022 10:22:24 GMT
accept-ranges: bytes
content-length: 1152
content-type: application/javascript

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

14e081188bf83c29469c1fa979f7d1c0

84dd313ee55659a7ddfe351e2ed254e74880195b

25ed7318547f2a3dd88feff3f89880850451d87e05014b38bc882d9a396d9187

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25ED7318547F2A3DD88FEFF3F89880850451D87E05014B38BC882D9A396D9187"
Last-Modified: Sat, 14 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21252
Expires: Sun, 15 Jan 2023 04:18:18 GMT
Date: Sat, 14 Jan 2023 22:24:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

14e081188bf83c29469c1fa979f7d1c0

84dd313ee55659a7ddfe351e2ed254e74880195b

25ed7318547f2a3dd88feff3f89880850451d87e05014b38bc882d9a396d9187

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25ED7318547F2A3DD88FEFF3F89880850451D87E05014B38BC882D9A396D9187"
Last-Modified: Sat, 14 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21299
Expires: Sun, 15 Jan 2023 04:19:05 GMT
Date: Sat, 14 Jan 2023 22:24:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

9514817a5dc04c039c4ea038ea5c884d

198ae5df4f1029adcdb8b0c63e444023ca32828f

c2a15a1cf3aa51d05cb413f6b41c58dad5f0b99f16aaf09d483f02bebca404d9

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2600
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 22:24:06 GMT
Last-Modified: Sat, 14 Jan 2023 21:40:46 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

14e081188bf83c29469c1fa979f7d1c0

84dd313ee55659a7ddfe351e2ed254e74880195b

25ed7318547f2a3dd88feff3f89880850451d87e05014b38bc882d9a396d9187

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25ED7318547F2A3DD88FEFF3F89880850451D87E05014B38BC882D9A396D9187"
Last-Modified: Sat, 14 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Sun, 15 Jan 2023 04:23:24 GMT
Date: Sat, 14 Jan 2023 22:24:06 GMT
Connection: keep-alive

cdn.lepetitveinard.fr/assets/css/flashy-button.css

188.95.252.58

200 OK

3360

URL HTTP/1.1

cdn.lepetitveinard.fr/assets/css/flashy-button.css
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

ASCII text, with CRLF line terminators

Size

3360
Hash

f63cb75919e5d120c12c0d493c5d5c5e

13b9bd4ef52fd2a33172d6a86481df7b95b5087c

003d59a48d892846d25c93874e3062af69a12597d873c77f2a61892990fe4d8e

HTTP Headers

                                        GET /assets/css/flashy-button.css HTTP/1.1
Host: cdn.lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Cookie: PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Mon, 20 Dec 2021 15:41:22 GMT
accept-ranges: bytes
content-length: 3360
content-type: text/css

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

14e081188bf83c29469c1fa979f7d1c0

84dd313ee55659a7ddfe351e2ed254e74880195b

25ed7318547f2a3dd88feff3f89880850451d87e05014b38bc882d9a396d9187

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25ED7318547F2A3DD88FEFF3F89880850451D87E05014B38BC882D9A396D9187"
Last-Modified: Sat, 14 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Sun, 15 Jan 2023 04:23:41 GMT
Date: Sat, 14 Jan 2023 22:24:06 GMT
Connection: keep-alive

cdn.lepetitveinard.fr/img/sponsors/1665669530_temps_privilege.jpg

188.95.252.58

200 OK

14250

URL HTTP/1.1

cdn.lepetitveinard.fr/img/sponsors/1665669530_temps_privilege.jpg
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 405x261, components 3\012- data

Size

14250
Hash

f83fb9d80d38d0888d72cac70b18cf86

a946f16bda01ff66c05f48fc0f3896d722987b4a

411f70511ebcfd36a2dfc5d1eb7e9a4aeb7aa6580b61404f9f9ec8ecf6e667b4

HTTP Headers

                                        GET /img/sponsors/1665669530_temps_privilege.jpg HTTP/1.1
Host: cdn.lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Cookie: PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Thu, 13 Oct 2022 13:58:51 GMT
accept-ranges: bytes
content-length: 14250
content-type: image/jpeg

cdn.lepetitveinard.fr/img/sponsors/1643965721_envies_de_bons_plans_l.png

188.95.252.58

200 OK

10626

URL HTTP/1.1

cdn.lepetitveinard.fr/img/sponsors/1643965721_envies_de_bons_plans_l.png
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

PNG image data, 419 x 206, 8-bit colormap, non-interlaced\012- data

Size

10626
Hash

73f8f500d6d43bf06ea56b68eb760aa3

49e6f9d58e0acdd73a01f4127d625a9ffdd73b90

e4aa532282ddca31b3a019a69a96b5f06ea3a4fed12c5163bc81ac0731ad81e3

HTTP Headers

                                        GET /img/sponsors/1643965721_envies_de_bons_plans_l.png HTTP/1.1
Host: cdn.lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Cookie: PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Fri, 04 Feb 2022 09:08:42 GMT
accept-ranges: bytes
content-length: 10626
content-type: image/png

cdn.lepetitveinard.fr/img/sponsors/1616514057_rheassur.png

188.95.252.58

200 OK

3743

URL HTTP/1.1

cdn.lepetitveinard.fr/img/sponsors/1616514057_rheassur.png
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

PNG image data, 144 x 127, 8-bit colormap, non-interlaced\012- data

Size

3743
Hash

b2e8405f4b9d53f0a7350252bc7c21a7

f358d228969f28205f86210728bd9150facb07cf

1eef2fde544cf4b9775d932abc9818ed29567cb9bae746af8f33b7ffd5d57123

HTTP Headers

                                        GET /img/sponsors/1616514057_rheassur.png HTTP/1.1
Host: cdn.lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Cookie: PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Tue, 23 Mar 2021 15:40:58 GMT
accept-ranges: bytes
content-length: 3743
content-type: image/png

cdn.lepetitveinard.fr/img/sponsors/1665669536_ma_destinee.PNG

188.95.252.58

200 OK

16046

URL HTTP/1.1

cdn.lepetitveinard.fr/img/sponsors/1665669536_ma_destinee.PNG
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

PNG image data, 435 x 110, 8-bit colormap, non-interlaced\012- data

Size

16046
Hash

e8054a230d1953ebea8a8fe4407f03fe

c484fcbc5ec5fd8107d8def522627a1438b95dff

2168f3080d72ea0c49f4d667e340eee2dd9e8cf80035cd105e266453bcb33694

HTTP Headers

                                        GET /img/sponsors/1665669536_ma_destinee.PNG HTTP/1.1
Host: cdn.lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Cookie: PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:06 GMT
server: Apache
last-modified: Thu, 13 Oct 2022 13:58:56 GMT
accept-ranges: bytes
content-length: 16046
content-type: image/png

push.services.mozilla.com/

35.167.121.239

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

35.167.121.239:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8+we07GyH+RJNNdyL3swvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6B12JlSWhJzN8Xu+63DocX5qdCs=

cdn.lepetitveinard.fr/assets/js/countdown-badge.js?_=1673735047097

188.95.252.58

200 OK

2273

URL HTTP/1.1

cdn.lepetitveinard.fr/assets/js/countdown-badge.js?_=1673735047097
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

HTML document, ASCII text, with CRLF line terminators

Size

2273
Hash

33d66d26a261b000dc91ff07aa6ee871

2b6980f42d2c36d9c546730e55125cd57c6cc950

a1783aab93dcdc53c6152fb7be003bdc9aca30edaf2ddf661403d4983b671d5e

HTTP Headers

                                        GET /assets/js/countdown-badge.js?_=1673735047097 HTTP/1.1
Host: cdn.lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Cookie: PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9; _ga_43NG2SCRTD=GS1.1.1673735046.1.0.1673735047.0.0.0; _ga=GA1.1.1250625887.1673735047
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:07 GMT
server: Apache
last-modified: Tue, 25 Jan 2022 10:29:20 GMT
accept-ranges: bytes
content-length: 2273
content-type: application/javascript

cdn.lepetitveinard.fr/img/sponsors/1665669540_l_agenda_des_ventes_privees.png

188.95.252.58

200 OK

3407

URL HTTP/1.1

cdn.lepetitveinard.fr/img/sponsors/1665669540_l_agenda_des_ventes_privees.png
IP

188.95.252.58:0
ASN

#197518 Rackmarkt SL

Magic

PNG image data, 303 x 85, 8-bit colormap, non-interlaced\012- data

Size

3407
Hash

ff00c865b3dcb1d1e73fd12b7ad78515

aaa95a95ad0786ab05281fab400f88c6ef0b980d

3e99a84da26569f4ef7adf95f12ae0e44083755a0eef1c20e537fad6bf4d5f21

HTTP Headers

                                        GET /img/sponsors/1665669540_l_agenda_des_ventes_privees.png HTTP/1.1
Host: cdn.lepetitveinard.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lepetitveinard.fr/
Cookie: PHPSESSID_PIDS=VjBuTkovRTVKRHoyY1lSbnpaWFZNbFlIdUJuTGx1RnJONTdGRW1zeWxQZ2VacVV1ZTBPcjVZSnRhdEtraHF4Zm1GOXJkMngwZ0RDU0MxTm4xYVlCK01YODdsVG9UT2ROTGVzSXFBSlRIcWM9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                        HTTP/1.1 200 OK
date: Sat, 14 Jan 2023 22:24:07 GMT
server: Apache
last-modified: Thu, 13 Oct 2022 13:59:01 GMT
accept-ranges: bytes
content-length: 3407
content-type: image/png

cdn.lepetitveinard.fr/img/wingames/chocolat_paquet_03_fr/reference/large.png

188.95.252.58

200 OK

77502

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (44)

#1 JS:Script (size: 62)

#2 JS:Script (size: 2273)

#3 JS:Script (size: 36779)

#4 JS:Script (size: 5718)

#5 JS:Script (size: 1061)

#6 JS:Script (size: 224853)

#7 JS:Script (size: 132)

#8 JS:Script (size: 82)

#9 JS:Script (size: 106)

#10 JS:Script (size: 2391)

#11 JS:Script (size: 617)

#12 JS:Script (size: 13612)

#13 JS:Script (size: 1029)

#14 JS:Script (size: 612)

#15 JS:Script (size: 172)

#16 JS:Script (size: 1152)

#17 JS:Script (size: 204711)

#18 JS:Script (size: 48244)

#19 JS:Script (size: 1383)

#20 JS:Script (size: 31251)

#21 JS:Script (size: 151)

#22 JS:Script (size: 69)

#23 JS:Script (size: 408615)

#24 JS:Script (size: 70627)

#25 JS:Script (size: 97853)

#26 JS:Script (size: 33995)

#27 JS:Script (size: 50234)

#28 JS:Script (size: 3511)

#29 JS:Script (size: 1037)

#30 JS:Script (size: 5583)

#31 JS:Script (size: 309)

#32 JS:Script (size: 7488)

#33 JS:Script (size: 23070)

#34 JS:Script (size: 1080)

#35 JS:Script (size: 625)

#36 JS:Script (size: 165)

#37 JS:Script (size: 884)

#38 JS:Script (size: 0)

#39 JS:Script (size: 579)

#1 JS:Eval (size: 15588)

#2 JS:Eval (size: 20655)

#3 JS:Eval (size: 22)

#4 JS:Eval (size: 22)

#5 JS:Eval (size: 64)

HTTP Transactions (85)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN