Report - autoecoledufrene.com/

Report Overview

Submitted URL
autoecoledufrene.com/
IP
178.20.66.207
ASN
#29608 Absolight SARL
Submitted
2022-12-23 03:27:27
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
autoecoledufrene.com	unknown	2017-01-23T13:16:57Z	2022-12-21T19:20:28Z	18 kB	532 kB	178.20.66.207
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.4 kB	4.9 kB	142.250.74.131
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	408 B	44 kB	142.250.74.168
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	998 B	54 kB	142.250.74.35
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	473 B	1.9 kB	142.250.74.106
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	1.1 kB	21 kB	142.250.74.110
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	35.164.186.39
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	54 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-23	medium	autoecoledufrene.com/	Malware
2022-12-23	medium	autoecoledufrene.com/	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2	Malware
2022-12-23	medium	autoecoledufrene.com/wp-includes/css/dist/block-library/style.min.css?ver=82d4ce3717f2cf1a315f04638cd4089d	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.1.4	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.1.4	Malware
2022-12-23	medium	autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/uploads/sites/550/bb-theme/skin-637da169510f7.css?ver=1.7.12.1	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/css/gdpr-cookie-consent-public.min.css?ver=2.2.3	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/uploads/sites/550/bb-plugin/cache/605-layout.js?ver=69cfe5e6d8dc7bc7c5df9c4715664781	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.1.4	Malware
2022-12-23	medium	autoecoledufrene.com/wp-includes/css/dashicons.min.css?ver=82d4ce3717f2cf1a315f04638cd4089d	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/js/gdpr-cookie-consent-public.min.js?ver=2.2.3	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/bootstrap.bundle.js?ver=2.2.3	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2	Malware
2022-12-23	medium	autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-regular-400.woff2	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-17
Pretty URL autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-17 22:14:13 Times Seen68463 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1	23 kB	2023-03-08	2024-03-14
Pretty URL autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:45:37 Last Seen2024-03-14 01:03:01 Times Seen153 Hash ec14a8177f61419afb5077e7b5c28ee0 f0e1b858cb4df4e947fcc2468808aa72fb0aaa05 f2ea6f7fef85c34966443f26f211f936fdb27746401ee96156888d52c56493ad Loading...

	www.googletagmanager.com/gtag/js?id=UA-88128226-1&l=beehiveDataLayer	112 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-88128226-1&l=beehiveDataLayer IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:14:38 Last Seen2023-03-10 05:14:38 Times Seen1 Hash 24b2aa8ddabb202b084e565f6d1e8446 a9003f8927a5f6ece74d46daf25249afa4471282 a8b396c11d7183ee5e31d52531f5a42e2ed6e59b3b84210a2239e6f2702c2d69 Loading...

	autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.1.4	20 kB	2023-03-07	2024-03-18
Pretty URL autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.1.4 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:04 Last Seen2024-03-18 15:32:57 Times Seen628 Hash e93d7fa3e0f8cecb5f3636517d0573dc 59a88a7f3402b855c15caa0e304ef2b238a8f17c 8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a Loading...

	autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.1.4	731 B	2023-03-07	2024-04-17
Pretty URL autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.1.4 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-17 11:52:34 Times Seen2316 Hash 97669983f6540f2badeef6ab07e5b637 b6f0084f6747da64cf24334b2c0027e57cbf7f23 fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7 Loading...

	autoecoledufrene.com/	72 B	2023-03-07	2024-03-14
Pretty URL autoecoledufrene.com/ IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:04 Last Seen2024-03-14 01:03:01 Times Seen189 Hash 46dc272707f808a010d65270e350be87 ff0b024e575cd5217454cff3866870a8e3c6d061 029f3cf62854c4139b5392266d61b3e9ceec43cc74c113861e7e782cf5dfc2c4 Loading...

	autoecoledufrene.com/	7.0 kB	2023-03-10	2023-03-10
Pretty URL autoecoledufrene.com/ IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:14:38 Last Seen2023-03-10 05:14:38 Times Seen1 Hash 9af40d84b5df522aa42580b333e32381 daed5d717fbbd03ded7398234b440d1c58ba2dd0 f46cb2b87040ce5f5a9c45b5fc17d73a7f4b57d2f40c21433d6444203a2d48c2 Loading...

	autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/js/gdpr-cookie-consent-public.min.js?ver=2.2.3	36 kB	2023-03-07	2023-11-23
Pretty URL autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/js/gdpr-cookie-consent-public.min.js?ver=2.2.3 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:43 Last Seen2023-11-23 14:35:19 Times Seen50 Hash 7e0f8de64f43e112b043624949402c79 75b90438e797aeae8e5032113550e48072d59fb1 badb7071cf5de1f45a6ccc948f175ff4f824a4357c284700cce366d9898a8ec2 Loading...

	autoecoledufrene.com/wp-includes/js/wp-emoji-release.min.js?ver=82d4ce3717f2cf1a315f04638cd4089d	19 kB	2023-03-07	2024-04-17
Pretty URL autoecoledufrene.com/wp-includes/js/wp-emoji-release.min.js?ver=82d4ce3717f2cf1a315f04638cd4089d IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-17 08:02:08 Times Seen37986 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 03:30:27 Times Seen36926475 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	autoecoledufrene.com/	110 B	2023-03-10	2023-03-10
Pretty URL autoecoledufrene.com/ IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:14:38 Last Seen2023-03-10 05:14:38 Times Seen1 Hash 866ac9fd345360b6991da639226afbea 99e3716dfa70e607ee8a4fa4cf5e51a134aeea72 e45c1a87f887dacb3e55f49372c4e44cfb5602d5ef6db997cb231d298a13923c Loading...

	autoecoledufrene.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.12.3	7.9 kB	2023-03-07	2024-04-17
Pretty URL autoecoledufrene.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.12.3 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:23 Last Seen2024-04-17 00:11:22 Times Seen4724 Hash 75b90c4351b6e079459237e66836ef4e 723590ed08677aad34239e4b03a5edd64acd208e f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce Loading...

	autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1	62 kB	2023-03-07	2024-04-11
Pretty URL autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:48:55 Last Seen2024-04-11 09:51:23 Times Seen202 Hash e2d20d90875bace4074c3c6006e9fea0 a0f44b0f8f6242760ea635f033c1c6b8a745cc12 e5d1ee4046ceeb81d3e43309d053b423b87018e60c4cf0dd8ee7c5d3e9e90465 Loading...

	autoecoledufrene.com/	104 B	2023-03-07	2024-04-17
Pretty URL autoecoledufrene.com/ IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-17 20:02:00 Times Seen4265 Hash 3217923b47c3b4f1720c42f8cc99b87f 951a09e9e5b98a7ac8d114e42a743e5d41cb5dfb 39aa079dbe6286ef5a74421f2ca2a4d1b8f13b1c1506e51f0635a2c434b1b286 Loading...

	autoecoledufrene.com/	275 B	2023-03-07	2023-04-05
Pretty URL autoecoledufrene.com/ IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:48:55 Last Seen2023-04-05 02:10:50 Times Seen3 Hash b20f80f634808b6e75ae7eb74222d15d 025c8603ba47cc3a289e7e9eab204316434999f2 38bc212d8a923320a17a7425dd8b7477fce04549e14f9d415294b5b27d9d0c4b Loading...

	autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/bootstrap.bundle.js?ver=2.2.3	228 kB	2023-03-07	2024-03-12
Pretty URL autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/bootstrap.bundle.js?ver=2.2.3 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:43 Last Seen2024-03-12 09:19:01 Times Seen63 Hash 387f2fc293d037af09d1e2c7e532a34b 2bd4da177c58cc36b806f86f69632f69fbbdf4d7 5dcb7767499a23281e3ffc82f81f58ad88d573c4d53b4f5315ae0f63eff79e9a Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-15 19:32:36 Times Seen1507 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	autoecoledufrene.com/	2.2 kB	2023-03-10	2023-03-10
Pretty URL autoecoledufrene.com/ IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:14:38 Last Seen2023-03-10 05:14:38 Times Seen1 Hash 1b98432ac1c36a9aceec430057b0341c d476dfe5829fb76c5f244048d76b8616a7bf84e7 d6569b894ad6156ff67f5a2cfe3ac6262f06872ac83d0d51a5f4319e9034a0b3 Loading...

	autoecoledufrene.com/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061	86 kB	2023-03-09	2024-01-17
Pretty URL autoecoledufrene.com/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:00:16 Last Seen2024-01-17 10:44:53 Times Seen27 Hash 5050a18a3d21aadf78fba884218bded2 a2085f0ceaeebc20945ca41ebad24b59bc85328d ded70b4b3c193e8bca9e1893ce30110f8936c2d2087747b11048f21eb5a555fe Loading...

	autoecoledufrene.com/wp-content/uploads/sites/550/bb-plugin/cache/605-layout.js?ver=69cfe5e6d8dc7bc7c5df9c4715664781	34 kB	2023-03-10	2023-03-10
Pretty URL autoecoledufrene.com/wp-content/uploads/sites/550/bb-plugin/cache/605-layout.js?ver=69cfe5e6d8dc7bc7c5df9c4715664781 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:14:38 Last Seen2023-03-10 05:14:38 Times Seen1 Hash 69cfe5e6d8dc7bc7c5df9c4715664781 f4016c74fce18cda2f82cf0c272051e154795166 46081a0c62ab78d4d672ee52233931473c93569f20ffb14c971df776418d71da Loading...

HTTP Transactions (66)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e300ca7d2d586dd1ca0c185ef6b0da5
3914cfd3b7aa6e1d1117bf509319479e489ed2a4
91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2797
Expires: Fri, 23 Dec 2022 04:13:53 GMT
Date: Fri, 23 Dec 2022 03:27:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ad598540c6639aaaa344fb3ce4f3162f
b0b9f86d50de7dc23bdc7aee2f45d79a06165afc
4e9aaff330ce0c9c11f6bb8502fe21296b1845151bace75f73908a3194d5d0a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E9AAFF330CE0C9C11F6BB8502FE21296B1845151BACE75F73908A3194D5D0A1"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5128
Expires: Fri, 23 Dec 2022 04:52:44 GMT
Date: Fri, 23 Dec 2022 03:27:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 02:46:05 GMT
content-type: application/json
age: 2471
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7297
Expires: Fri, 23 Dec 2022 05:28:53 GMT
Date: Fri, 23 Dec 2022 03:27:16 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: q5/8PJvn5B/PD35Cuy0jUq3kWCD5yWhhOaAAO1dV0e0WT25yQd148Q+cLDKI2iZTEL2LlMfi3sGto2jOyjE3vw==
x-amz-request-id: PCRT7BH6X1Q4MS6X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 02:53:54 GMT
age: 2002
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:27:16 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

autoecoledufrene.com/

178.20.66.207

301 Moved Permanently

0 B

URL HTTP/1.1
autoecoledufrene.com/
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Dec 2022 03:27:16 GMT
Server: Apache
Set-Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; expires=Fri, 23-Dec-2022 03:57:16 GMT; Max-Age=1800; path=/
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Location: https://autoecoledufrene.com/
Cache-Control: max-age=0
Expires: Fri, 23 Dec 2022 03:27:16 GMT
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 03:08:02 GMT
age: 1154
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
70a7b165f99b2b8fa0dc98318a7158d7
4d924f7febab9c8fe3fe9199e8879fd6ad892575
c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3856
Cache-Control: max-age=110629
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:27:17 GMT
Etag: "63a41e2a-1d7"
Expires: Sat, 24 Dec 2022 10:11:06 GMT
Last-Modified: Thu, 22 Dec 2022 09:06:50 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.164.186.39

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.186.39:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WeSce3CSatVM8uvLtKIj9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i626to++ySGW54Q++BQHeFMjoB8=

autoecoledufrene.com/

178.20.66.207

200 OK

15 kB

URL HTTP/1.1
autoecoledufrene.com/
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
15 kB (15231 bytes)
Hash
f44f9629247502fe8c25f07ff7e99210
8dd78604b7ab9bcfcb0758c5f4a663cfb0b7f171
c5d96863b0f7134e3f2c5eb244254e6c389fd0875cf4ef09caa7061ef4f6410b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:16 GMT
Server: Apache
Set-Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; expires=Fri, 23-Dec-2022 03:57:17 GMT; Max-Age=1800; path=/
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Link: <https://autoecoledufrene.com/wp-json/>; rel="https://api.w.org/", <https://autoecoledufrene.com/wp-json/wp/v2/pages/605>; rel="alternate"; type="application/json", <https://autoecoledufrene.com/>; rel=shortlink
Cache-Control: max-age=0
Expires: Fri, 23 Dec 2022 03:27:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15231
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2

178.20.66.207

200 OK

78 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Size
78 kB (78174 bytes)
Hash
2ebca58ac2349001d2c1724019cc40f9
753d9726162d098e2adcf7e998777327860d4f8d
7a99082bbe0c7828df8283b32c28ba7c048150a096d779e3b28a84bba7d8e024

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Sat, 17 Dec 2022 20:09:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 22 Apr 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: font/woff2

autoecoledufrene.com/wp-includes/css/classic-themes.min.css?ver=1

178.20.66.207

200 OK

189 B

URL HTTP/1.1
autoecoledufrene.com/wp-includes/css/classic-themes.min.css?ver=1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 14:23:30 GMT
ETag: "d9-5ec7d95b910cd-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 22 Jan 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 189
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.6.1.4

178.20.66.207

200 OK

4.2 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.6.1.4
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (26516)
Size
4.2 kB (4229 bytes)
Hash
6a87e51ab7fe3359ddd1cb17ee69de28
4b2395f70d2f3c428a4e522a6efef6876e33340c
46ec61b5dcf44d0b9991ac4a4d00a569e40b89685548dd551edf73cefc7e61ce

HTTP Headers

GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.6.1.4 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Sat, 17 Dec 2022 20:09:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 4229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-content/uploads/sites/550/bb-plugin/cache/605-layout.css?ver=e9f0c5b698b9a28a0220b732883a889f

178.20.66.207

200 OK

8.6 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/bb-plugin/cache/605-layout.css?ver=e9f0c5b698b9a28a0220b732883a889f
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (65536), with no line terminators
Size
8.6 kB (8564 bytes)
Hash
0808ea12572fcd840d4199a48c169045
193e4c7f9b81f9449dfaa43f45f7f1bcaf17092e
6e6f29964ce6b3830d5e103be7671edcdcf4b0a22c17647c765245299723ce51

HTTP Headers

GET /wp-content/uploads/sites/550/bb-plugin/cache/605-layout.css?ver=e9f0c5b698b9a28a0220b732883a889f HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Sat, 17 Dec 2022 20:20:57 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 8564
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-includes/css/dist/block-library/style.min.css?ver=82d4ce3717f2cf1a315f04638cd4089d

178.20.66.207

200 OK

12 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/css/dist/block-library/style.min.css?ver=82d4ce3717f2cf1a315f04638cd4089d
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (47826)
Size
12 kB (12518 bytes)
Hash
8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=82d4ce3717f2cf1a315f04638cd4089d HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 10:03:57 GMT
ETag: "172a9-5edbbd2fbc283-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 22 Jan 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 12518
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

autoecoledufrene.com/wp-content/uploads/sites/550/tablepress-combined.min.css?ver=12

178.20.66.207

200 OK

2.3 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/tablepress-combined.min.css?ver=12
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (5149)
Size
2.3 kB (2325 bytes)
Hash
4a5db3f89ca98fe13fd32af2132fd2be
e9acb7a8d2a8bd27df11a39c9a116f366a16aff3
6fc4ee954153a59ce8d8ac3b964d7bee583b3d6179d5a43206395c03d6ab92da

HTTP Headers

GET /wp-content/uploads/sites/550/tablepress-combined.min.css?ver=12 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Wed, 28 Jul 2021 11:01:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 2325
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.1.4

178.20.66.207

200 OK

1.6 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.1.4
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (5788), with no line terminators
Size
1.6 kB (1614 bytes)
Hash
788d0badc45697bfa320b40ce9a610b9
eb0b675a3913b5e90ba0cee7991c5267e7543d38
71c2a5cb1bf65ee15c2dd7cb3e9b902d9126fd776012b3ea137357103b805a74

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.1.4 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Sat, 17 Dec 2022 20:09:29 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 1614
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.1.4

178.20.66.207

200 OK

13 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.1.4
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (59119)
Size
13 kB (12858 bytes)
Hash
3e92af10a84a42002b92a4640296e4f3
6923adc599ae4bf8199f2e03380a6006c81c6318
72a08dac4113a17fedab19f6721d3003fd8ee2ae7b371ff9c55addc4420979e9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.1.4 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Sat, 17 Dec 2022 20:09:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 12858
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

178.20.66.207

200 OK

4.2 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Mon, 14 Dec 2020 16:35:10 GMT
ETag: "2bd8-5b66f39c7b6a5-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 22 Jan 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 4169
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

autoecoledufrene.com/wp-content/uploads/sites/550/bb-theme/skin-637da169510f7.css?ver=1.7.12.1

178.20.66.207

200 OK

9.1 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/bb-theme/skin-637da169510f7.css?ver=1.7.12.1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (61660), with no line terminators
Size
9.1 kB (9126 bytes)
Hash
983a27196063db66aa771615e545ee83
92f531b93f9ecd7cdc14aab402dc7d71305fe314
b5b599668e0283f44e5f6b969c612d0f1f1cc58da0c9a9dbb961f5d57d9441ce

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/sites/550/bb-theme/skin-637da169510f7.css?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 04:28:25 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 9126
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

autoecoledufrene.com/wp-includes/js/wp-emoji-release.min.js?ver=82d4ce3717f2cf1a315f04638cd4089d

178.20.66.207

200 OK

5.0 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/js/wp-emoji-release.min.js?ver=82d4ce3717f2cf1a315f04638cd4089d
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5009 bytes)
Hash
e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=82d4ce3717f2cf1a315f04638cd4089d HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Mon, 30 May 2022 11:07:43 GMT
ETag: "48b9-5e038aa508b2a-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 22 Jan 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 5009
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

autoecoledufrene.com/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.12.1

178.20.66.207

200 OK

24 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.12.1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (65326)
Size
24 kB (24108 bytes)
Hash
f576a6d67185145482495b6baf4d1903
c021ba4f0cf7fde7a1b9c80cbacb33e31eb8cf1d
05d61a6f9c5fcb281a317ada52a8479e20996f2c4699f7d6843bc9fd2e1641d8

HTTP Headers

GET /wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:35:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 24108
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

178.20.66.207

200 OK

31 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (65447)
Size
31 kB (30995 bytes)
Hash
1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 14:23:31 GMT
ETag: "15e54-5ec7d95c6ad26-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 22 Jan 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 30995
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

autoecoledufrene.com/wp-content/themes/bb-theme-child/style.css

178.20.66.207

200 OK

415 B

URL HTTP/1.1
autoecoledufrene.com/wp-content/themes/bb-theme-child/style.css
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text
Size
415 B (415 bytes)
Hash
0391af9c431fc7620abd8367e8c86983
1442f8a8cea8a924091ae010b000333ec71880ad
615830209ca8f996677e7598e32fe2fd25311d53f354799d171d0661cc183fe5

HTTP Headers

GET /wp-content/themes/bb-theme-child/style.css HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2022 14:32:29 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 415
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

www.googletagmanager.com/gtag/js?id=UA-88128226-1&l=beehiveDataLayer

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-88128226-1&l=beehiveDataLayer
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43653 bytes)
Hash
b253dc269da07633968beca7b00bf052
0bd6fdefb8330b8cf1f9d0cce9f7894b6363d46d
70ecee032fd821a33c842e71b14f5d5ff26efb53dbbb8ae951ca332b614b6199

HTTP Headers

GET /gtag/js?id=UA-88128226-1&l=beehiveDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Dec 2022 03:27:17 GMT
expires: Fri, 23 Dec 2022 03:27:17 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43653
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/css/gdpr-cookie-consent-public.min.css?ver=2.2.3

178.20.66.207

200 OK

5.6 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/css/gdpr-cookie-consent-public.min.css?ver=2.2.3
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (45362), with no line terminators
Size
5.6 kB (5610 bytes)
Hash
323603c98a5fe858631490822db691c1
79b6d25ce164547975636530b6d91000903f4ba2
26f2a273ebbb6f28ac2024c28d25b29f8452788fab40fc2dcad5b46c5ef303ef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/gdpr-cookie-consent/public/css/gdpr-cookie-consent-public.min.css?ver=2.2.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 16:09:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 5610
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.12.3

178.20.66.207

200 OK

3.7 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.12.3
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (7874)
Size
3.7 kB (3687 bytes)
Hash
15e8ba18d359fb8b1babaa4f04a6cc05
bf7a9271caf1c33b2d16f364385ff1d7d0159c26
1f8559a1567006487557daf07873fc8ae63d8f663f91c0ee170bd698b976fd65

HTTP Headers

GET /wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.12.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 3687
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

autoecoledufrene.com/wp-content/uploads/sites/550/bb-plugin/cache/605-layout.js?ver=69cfe5e6d8dc7bc7c5df9c4715664781

178.20.66.207

200 OK

8.8 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/bb-plugin/cache/605-layout.js?ver=69cfe5e6d8dc7bc7c5df9c4715664781
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
Unicode text, UTF-8 text, with very long lines (1353)
Size
8.8 kB (8791 bytes)
Hash
a03493d25cf0fc68dc833c54d90790ab
50a91b6389bf2dbf60b684d6e4c4e2d5ee20ab0e
75f5dd30f5c1b7058bffd644f6d679bbe401dba9a1320109f0ca9ae65b62370e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/sites/550/bb-plugin/cache/605-layout.js?ver=69cfe5e6d8dc7bc7c5df9c4715664781 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Sat, 17 Dec 2022 20:20:57 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 8791
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.1.4

178.20.66.207

200 OK

460 B

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.1.4
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (479)
Size
460 B (460 bytes)
Hash
22fba66950c06ff062b68622a34dd937
0801cb6d3a2f6873c1a588f5d183d9b5aa15a896
f65e9eebd16b50487c49999bda79cf565a7b1ab7dff223dd8aa1888038878144

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.1.4 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Sat, 17 Dec 2022 20:09:37 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 460
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.1.4

178.20.66.207

200 OK

7.2 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.1.4
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (19875), with no line terminators
Size
7.2 kB (7182 bytes)
Hash
40a80eabe15f2e409fbc4125d1fb1b93
27c911716c76dd67c5bb860537b67aaed87a8619
1280e267eb98320ecc0bdb0b8ee4b4d31fd6557acea1d5325e94fe83743ba90a

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.1.4 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Sat, 17 Dec 2022 20:09:37 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 7182
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

autoecoledufrene.com/wp-includes/css/dashicons.min.css?ver=82d4ce3717f2cf1a315f04638cd4089d

178.20.66.207

200 OK

36 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/css/dashicons.min.css?ver=82d4ce3717f2cf1a315f04638cd4089d
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (58981)
Size
36 kB (35730 bytes)
Hash
00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=82d4ce3717f2cf1a315f04638cd4089d HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 21:45:30 GMT
ETag: "e688-5c009c83df2f8-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 22 Jan 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 35730
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1

178.20.66.207

200 OK

5.5 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (22879), with no line terminators
Size
5.5 kB (5490 bytes)
Hash
21cc51b69cc66b0fbc0d904f50b49360
cc9e64997f2c8b7405e241b437b44f9e5ed4a035
04f2803535ad60361e165071a18d8b577835aa53e22b6a546182606bf193bc53

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:35:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 5490
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1

178.20.66.207

200 OK

15 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (62161)
Size
15 kB (15255 bytes)
Hash
b629a5cd322bc803c19472c9b20fa6ba
a72c637d9be4bdc8967f06e05d9e4d646da6b163
e27ed7c2d8ba357e883d779cc8fec421bc07fbc29d758bb4bf5ec1d876983376

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:35:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 15255
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/js/gdpr-cookie-consent-public.min.js?ver=2.2.3

178.20.66.207

200 OK

6.7 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/js/gdpr-cookie-consent-public.min.js?ver=2.2.3
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (35892), with no line terminators
Size
6.7 kB (6701 bytes)
Hash
c15d5a5120d31b214f24d1c6fca7a30d
b282dfd16221d5cb3e400d8162c11a4da91b7aab
7a493ba97b160ace758e37ef6cda6f9abf33682f64899745ffdd07e457fc4f3d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/gdpr-cookie-consent/public/js/gdpr-cookie-consent-public.min.js?ver=2.2.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 16:09:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 6701
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/bootstrap.bundle.js?ver=2.2.3

178.20.66.207

200 OK

49 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/bootstrap.bundle.js?ver=2.2.3
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (337)
Size
49 kB (48865 bytes)
Hash
6a3b0023a937f4f3250a248993d342c5
9c839b1b5d566750cdc0d86bfd1ce4d1041fa7c5
f636febfdec6cbcc40ee530af18f793f48f7f2d1e8623cfb21b891b45e3992fa

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/bootstrap.bundle.js?ver=2.2.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 16:09:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 48865
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2

178.20.66.207

200 OK

77 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
Web Open Font Format (Version 2), TrueType, length 76736, version 331.-31196\012- data
Size
77 kB (76736 bytes)
Hash
ed311c7a0ade9a75bb3ebf5a7670f31d
0613c7ebba55ee47ef302c0f7766324692f899a7
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.1.4
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Sat, 17 Dec 2022 20:09:33 GMT
Accept-Ranges: bytes
Content-Length: 76736
Cache-Control: max-age=2592000
Expires: Sat, 22 Apr 2023 03:27:18 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2

142.250.74.35

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21528, version 1.0\012- data
Size
22 kB (21528 bytes)
Hash
1bfee3e98396ef2e378eca9689d4c859
5ac6383a9367f7f0bdfb55e477b0b976fdff3942
d3bf5c7f14111380b95d877ae25c01388693756986fdf6f8231deae0c209d7bc

HTTP Headers

GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://autoecoledufrene.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Dec 2022 21:19:49 GMT
expires: Tue, 19 Dec 2023 21:19:49 GMT
cache-control: public, max-age=31536000
age: 281249
last-modified: Mon, 18 Jul 2022 19:57:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-regular-400.woff2

178.20.66.207

200 OK

13 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-regular-400.woff2
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
Web Open Font Format (Version 2), TrueType, length 13224, version 331.-31196\012- data
Size
13 kB (13224 bytes)
Hash
b91d376b8d7646d671cd820950d5f7f1
13517529affa39e2585c591acae6dc336b6aa917
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.1.4
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Sat, 17 Dec 2022 20:09:33 GMT
Accept-Ranges: bytes
Content-Length: 13224
Cache-Control: max-age=2592000
Expires: Sat, 22 Apr 2023 03:27:18 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://autoecoledufrene.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 07:08:09 GMT
expires: Sat, 16 Dec 2023 07:08:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 591549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%2C400%7CRaleway%3A600&ver=82d4ce3717f2cf1a315f04638cd4089d

142.250.74.106

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%2C400%7CRaleway%3A600&ver=82d4ce3717f2cf1a315f04638cd4089d
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1116 bytes)
Hash
c69a0680c1657d512259cf0e4c1ed3bc
f5b0253bdd4f9f96d404fa77dc36d680f644b031
c59ce126f6f01cfac615acc480e2196aa1c5b2e64be7cd0a9092a1625c06c3fe

HTTP Headers

GET /css?family=Montserrat%3A300%2C400%2C700%2C400%7CRaleway%3A600&ver=82d4ce3717f2cf1a315f04638cd4089d HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Dec 2022 03:27:17 GMT
date: Fri, 23 Dec 2022 03:27:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

autoecoledufrene.com/wp-content/uploads/sites/550/2017/08/logo-1.png

178.20.66.207

200 OK

15 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/2017/08/logo-1.png
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
PNG image data, 495 x 175, 8-bit colormap, non-interlaced\012- data
Size
15 kB (15167 bytes)
Hash
70c3441cee130ffa81910b880b59b4e0
848c7acf7be6fae87f51d01494b058fde9fe0023
d2593962161d9793325f595955c495ae82580b7ae84f194ebf40470f96716a33

HTTP Headers

GET /wp-content/uploads/sites/550/2017/08/logo-1.png HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Sun, 13 Nov 2022 08:15:56 GMT
Accept-Ranges: bytes
Content-Length: 15167
Cache-Control: max-age=2592000, public
Expires: Sat, 22 Apr 2023 03:27:18 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

autoecoledufrene.com/wp-content/uploads/sites/550/2022/09/clio.png

178.20.66.207

200 OK

41 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/2022/09/clio.png
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
PNG image data, 500 x 333, 8-bit colormap, non-interlaced\012- data
Size
41 kB (40784 bytes)
Hash
e5bca144b09fa3fdd56523a708ff3998
9222a9ab714038147554cac273924360a43fa53f
f0265abf8719fc8be2220e1cea3ad631bf62049a05a0db1c1336bece9bc681db

HTTP Headers

GET /wp-content/uploads/sites/550/2022/09/clio.png HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Sun, 13 Nov 2022 08:12:36 GMT
Accept-Ranges: bytes
Content-Length: 40784
Cache-Control: max-age=2592000, public
Expires: Sat, 22 Apr 2023 03:27:18 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 23 Dec 2022 02:41:11 GMT
expires: Fri, 23 Dec 2022 04:41:11 GMT
cache-control: public, max-age=7200
age: 2767
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=570302643&t=pageview&_s=1&dl=https%3A%2F%2Fautoecoledufrene.com%2F&ul=en-us&de=UTF-8&dt=Accueil%20%7C%20Auto-%C3%A9cole%20du%20Fr%C3%AAne&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAAAAIg~&cid=1517843534.1671766037&tid=UA-88128226-1&_gid=344274013.1671766037&gtm=2oubu0&z=178024588

142.250.74.110

200 OK

35 B

URL HTTP/2
www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=570302643&t=pageview&_s=1&dl=https%3A%2F%2Fautoecoledufrene.com%2F&ul=en-us&de=UTF-8&dt=Accueil%20%7C%20Auto-%C3%A9cole%20du%20Fr%C3%AAne&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAAAAIg~&cid=1517843534.1671766037&tid=UA-88128226-1&_gid=344274013.1671766037&gtm=2oubu0&z=178024588
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /collect?v=1&_v=j98&aip=1&a=570302643&t=pageview&_s=1&dl=https%3A%2F%2Fautoecoledufrene.com%2F&ul=en-us&de=UTF-8&dt=Accueil%20%7C%20Auto-%C3%A9cole%20du%20Fr%C3%AAne&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAAAAIg~&cid=1517843534.1671766037&tid=UA-88128226-1&_gid=344274013.1671766037&gtm=2oubu0&z=178024588 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Thu, 22 Dec 2022 21:49:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 20239
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

autoecoledufrene.com/wp-content/uploads/sites/550/2015/11/pw3.png.png

178.20.66.207

200 OK

11 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/2015/11/pw3.png.png
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
PNG image data, 226 x 181, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10590 bytes)
Hash
a8084487aeb8302da8c6f593e5b4c255
b4eb15e405cb0319ddb65be327f06705708052dc
f4b082cbbcd57492b9719abcc18bdfea69c86bd2a1f2865352196f8fa80a5dd9

HTTP Headers

GET /wp-content/uploads/sites/550/2015/11/pw3.png.png HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; _ga=GA1.2.1517843534.1671766037; _gid=GA1.2.344274013.1671766037; wpl_user_preference=%7B%22necessary%22%3A%22yes%22%2C%22marketing%22%3A%22no%22%2C%22analytics%22%3A%22no%22%2C%22preferences%22%3A%22no%22%2C%22unclassified%22%3A%22no%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Fri, 03 Aug 2018 12:22:25 GMT
Accept-Ranges: bytes
Content-Length: 10590
Cache-Control: max-age=2592000, public
Expires: Sat, 22 Apr 2023 03:27:18 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

autoecoledufrene.com/wp-content/uploads/sites/550/2018/08/code__mobile1.png

178.20.66.207

200 OK

9.1 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/2018/08/code__mobile1.png
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
PNG image data, 213 x 143, 8-bit colormap, non-interlaced\012- data
Size
9.1 kB (9088 bytes)
Hash
c5f5979bbdda874a88661f9749ca08ff
9354f81749381e7b313154370d793fa745603d27
b853ee00e459f88f43e34f67525f1fe9d8d6213209c6ef0738b1bac3fd7c2287

HTTP Headers

GET /wp-content/uploads/sites/550/2018/08/code__mobile1.png HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; _ga=GA1.2.1517843534.1671766037; _gid=GA1.2.344274013.1671766037; wpl_user_preference=%7B%22necessary%22%3A%22yes%22%2C%22marketing%22%3A%22no%22%2C%22analytics%22%3A%22no%22%2C%22preferences%22%3A%22no%22%2C%22unclassified%22%3A%22no%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Thu, 09 Aug 2018 12:20:18 GMT
Accept-Ranges: bytes
Content-Length: 9088
Cache-Control: max-age=2592000, public
Expires: Sat, 22 Apr 2023 03:27:18 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2217
Expires: Fri, 23 Dec 2022 04:04:15 GMT
Date: Fri, 23 Dec 2022 03:27:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2217
Expires: Fri, 23 Dec 2022 04:04:15 GMT
Date: Fri, 23 Dec 2022 03:27:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2217
Expires: Fri, 23 Dec 2022 04:04:15 GMT
Date: Fri, 23 Dec 2022 03:27:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5659 bytes)
Hash
2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FGP2S7V05eAwwnHzdlYQJC9ZW-5xLD8Aqi7XBCcJtaqbVoNCocGFhw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:50:42 GMT
age: 5796
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd657fe5b-a7fc-44bd-b8e2-c5c7ead36566.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6480 bytes)
Hash
96a126d8ae1c913ce8e756744ccc5436
733507091d3da02e963fa7e3e86e8ccac9dd0201
06e0f305ba90ef771ddb9f9ef0f68b1809df7581d23f80f364dff0197ed76076

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd657fe5b-a7fc-44bd-b8e2-c5c7ead36566.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6480
x-amzn-requestid: db9db216-ecae-44cd-b013-48f6a0b37d5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOiR6FgKoAMF9JQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c173f-64e1b6984203f55d4a359cdb;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 06:59:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eFn2M6kZ706R47EKgHnavH9Zq9gEXdB5AbXT86uiULTfn6ttPdu_Pw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 16:26:14 GMT
age: 39664
etag: "733507091d3da02e963fa7e3e86e8ccac9dd0201"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef950d0-91b0-49dc-861b-561575fba09f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5505 bytes)
Hash
f041b688028eb1c8dcbee925ec0255fd
f60c30fd1ea1105f9a6fb23d6fd00f30f6deb757
724e5404f4b8ba9abf581972c1474fd1d497e9b16c3e5b42336a7ad48863fae6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef950d0-91b0-49dc-861b-561575fba09f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5505
x-amzn-requestid: 971471d1-6863-4f42-ad7f-6afa0cc651e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUqqFrRIAMFiPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce44-664cbcc82f3949a821ddde85;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Co3ceEuDEJYNa1u_hORq5Wf8HZ7MQDcvlQUt4geBqB5aosQjLi7PRw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:12 GMT
etag: "f60c30fd1ea1105f9a6fb23d6fd00f30f6deb757"
content-type: image/jpeg
age: 20946
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a1fb1-c604-4ebe-a587-c6a7bfc6e13d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3963 bytes)
Hash
7bbccd71cd7292dea16d1840b36b49ad
ae5e12eb73e85cc334ce5fba454fcd61e0065da4
9d622628cb3a9658be54adbc1b3e7d7c4e1c41c5468c23109dae021b63001b70

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a1fb1-c604-4ebe-a587-c6a7bfc6e13d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3963
x-amzn-requestid: e92dc9ff-ebf1-4fde-b6a0-8e6e3828fcb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dUm_zEO9oAMF5IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e8531-1ff86cf3152fcd2109a5bbf9;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 03:12:49 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: xSFIFOjOqtULQfP6VE3maXo2PvokEdJs9N8QIAuvdRgKThsOCS7-XQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 23:15:23 GMT
age: 15115
etag: "ae5e12eb73e85cc334ce5fba454fcd61e0065da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12794 bytes)
Hash
7ee73339f3e7eaeb4c1ecab1a24632a8
48ff42e4329102d6a006b8f947bfaf29c0a5de17
ae5787d0df124d7d95ccaaf58148bb46c931610ca908cd58787748da5b75a1c0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12794
x-amzn-requestid: 82617475-f461-429b-b38d-0c84eee33754
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk55IGPioAMFi1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a509d3-0dfc997d3853974a08914362;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:52:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -24dBoLhaZcF6kjZCYp8EJSAYmslMmv15G3oPgPAydPxVA0j51Vs3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:52:20 GMT
age: 5698
etag: "48ff42e4329102d6a006b8f947bfaf29c0a5de17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9580464f-844c-4e13-be46-5c4206500fd1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13126 bytes)
Hash
c2891340facccb86f9ccbfd7f1ebd443
54c9bc71fcef4494c920f5bc34379d8c05b1759d
f84738eb775ae5c671e46bb9950bc17c03fdedfc5a79785a26784623f0f39f4d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9580464f-844c-4e13-be46-5c4206500fd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13126
x-amzn-requestid: ad064485-bb59-45d6-8c64-11bb33ba0c02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqHywIAMFgsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-73c0a9123d4aab116ba3b0b4;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: i2OxHELH9AuabmDUpx3cnUJKuPRcNmSvA7EpZQDdLTnwZQapu4VjEA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:58:38 GMT
age: 19720
etag: "54c9bc71fcef4494c920f5bc34379d8c05b1759d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

autoecoledufrene.com/favicon.ico

178.20.66.207

302 Found

0 B

URL HTTP/1.1
autoecoledufrene.com/favicon.ico
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Set-Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; expires=Fri, 23-Dec-2022 03:57:18 GMT; Max-Age=1800; path=/
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Link: <https://autoecoledufrene.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://autoecoledufrene.com/wp-includes/images/w-logo-blue-white-bg.png
Cache-Control: max-age=0
Expires: Fri, 23 Dec 2022 03:27:18 GMT
Content-Length: 0
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

autoecoledufrene.com/wp-includes/images/w-logo-blue-white-bg.png

178.20.66.207

200 OK

4.1 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/images/w-logo-blue-white-bg.png
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://autoecoledufrene.com/
Connection: keep-alive
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; _ga=GA1.2.1517843534.1671766037; _gid=GA1.2.344274013.1671766037; wpl_user_preference=%7B%22necessary%22%3A%22yes%22%2C%22marketing%22%3A%22no%22%2C%22analytics%22%3A%22no%22%2C%22preferences%22%3A%22no%22%2C%22unclassified%22%3A%22no%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:18 GMT
Server: Apache
Last-Modified: Thu, 11 Jun 2020 09:46:04 GMT
ETag: "1017-5a7cbd43985d7"
Accept-Ranges: bytes
Content-Length: 4119
Cache-Control: max-age=2592000
Expires: Sun, 22 Jan 2023 03:27:18 GMT
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

autoecoledufrene.com/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061

178.20.66.207

200 OK

0 B

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:27:17 GMT
Server: Apache
Last-Modified: Thu, 22 Dec 2022 14:37:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public
Expires: Sat, 23 Dec 2023 03:27:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 19018
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations