Report - autoecoledufrene.com/dropbox.html

Report Overview

Submitted URL
autoecoledufrene.com/dropbox.html
IP
178.20.66.207
ASN
#29608 Absolight SARL
Submitted
2022-11-08 14:46:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.41.98.34
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.4 kB	4.9 kB	142.250.74.35
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	377 B	21 kB	142.250.74.174
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	473 B	746 B	142.250.74.10
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
autoecoledufrene.com	unknown	2017-01-23T13:16:57Z	2023-03-08T17:47:43Z	11 kB	223 kB	178.20.66.207
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	408 B	44 kB	142.250.74.168
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	998 B	54 kB	216.58.207.195
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	59 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-08	medium	autoecoledufrene.com/dropbox.html	Phishing
2022-11-08	medium	autoecoledufrene.com/dropbox.html	Phishing
2022-11-08	medium	autoecoledufrene.com/wp-includes/css/dist/block-library/style.min.css?ver=923f1c245c65dad5398ea3f7008a454d	Malware
2022-11-08	medium	autoecoledufrene.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3	Malware
2022-11-08	medium	autoecoledufrene.com/wp-content/uploads/sites/550/bb-theme/skin-63592cbd2d0a8.css?ver=1.7.12.1	Malware
2022-11-08	medium	autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-11-08	medium	autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3	Malware
2022-11-08	medium	autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3	Malware
2022-11-08	medium	autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1	Malware
2022-11-08	medium	autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	autoecoledufrene.com/wp-includes/js/wp-emoji-release.min.js?ver=923f1c245c65dad5398ea3f7008a454d	19 kB	2023-03-07	2024-04-17
Pretty URL autoecoledufrene.com/wp-includes/js/wp-emoji-release.min.js?ver=923f1c245c65dad5398ea3f7008a454d IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-17 08:02:08 Times Seen37986 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	autoecoledufrene.com/dropbox.html	275 B	2023-03-07	2023-04-05
Pretty URL autoecoledufrene.com/dropbox.html IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:48:55 Last Seen2023-04-05 02:10:50 Times Seen3 Hash b20f80f634808b6e75ae7eb74222d15d 025c8603ba47cc3a289e7e9eab204316434999f2 38bc212d8a923320a17a7425dd8b7477fce04549e14f9d415294b5b27d9d0c4b Loading...

	www.googletagmanager.com/gtag/js?id=UA-88128226-1&l=beehiveDataLayer	111 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-88128226-1&l=beehiveDataLayer IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:06:18 Last Seen2023-03-11 09:06:18 Times Seen1 Hash 6d931a5cb83af3d1913a401efad84418 3bd9ef00ac23c53423c0ff71a4e91216390bfa01 3d42355ae179b67eff2f39a9b41b8fd7862cd251d2e010704f67e34c59ce32e6 Loading...

	autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3	731 B	2023-03-07	2024-04-18
Pretty URL autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-18 11:28:37 Times Seen2318 Hash 97669983f6540f2badeef6ab07e5b637 b6f0084f6747da64cf24334b2c0027e57cbf7f23 fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7 Loading...

	autoecoledufrene.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-17
Pretty URL autoecoledufrene.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-17 19:29:15 Times Seen31774 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	autoecoledufrene.com/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061	86 kB	2023-03-08	2023-11-01
Pretty URL autoecoledufrene.com/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:50:23 Last Seen2023-11-01 20:50:31 Times Seen3 Hash a5fac63d16f52bfaacd712686d9ee596 98cc863849bb0bb2579ea5c2ea89649924d7e202 2dbd46d1c3ab5c8b18349acf916a647ab984f09098e8d98b41e41a6a67cf655c Loading...

	autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2	1.8 kB	2023-03-07	2024-04-18
Pretty URL autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:04 Last Seen2024-04-18 11:28:37 Times Seen751 Hash c2b558f7eda6aaf1803e917c62bd8ffe c187ecbee5605940d1c2541f567e528452d73cf9 fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb Loading...

	autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1	62 kB	2023-03-07	2024-04-18
Pretty URL autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:48:55 Last Seen2024-04-18 11:28:38 Times Seen204 Hash e2d20d90875bace4074c3c6006e9fea0 a0f44b0f8f6242760ea635f033c1c6b8a745cc12 e5d1ee4046ceeb81d3e43309d053b423b87018e60c4cf0dd8ee7c5d3e9e90465 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-15 19:32:36 Times Seen1507 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-18
Pretty URL autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-18 11:53:07 Times Seen68473 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1	23 kB	2023-03-08	2024-03-14
Pretty URL autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:45:37 Last Seen2024-03-14 01:03:01 Times Seen153 Hash ec14a8177f61419afb5077e7b5c28ee0 f0e1b858cb4df4e947fcc2468808aa72fb0aaa05 f2ea6f7fef85c34966443f26f211f936fdb27746401ee96156888d52c56493ad Loading...

	autoecoledufrene.com/dropbox.html	2.2 kB	2023-03-11	2023-03-11
Pretty URL autoecoledufrene.com/dropbox.html IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:06:18 Last Seen2023-03-11 09:06:18 Times Seen1 Hash d94d4534cbe5e3e6a550f2fcc857693c f463f069d1684c6bf66e887be0964449bd47e692 70a2d1bdfb91cf75b6ae48e323c87f47386b720376cf753820ca04375257bf4d Loading...

	autoecoledufrene.com/dropbox.html	110 B	2023-03-11	2023-03-11
Pretty URL autoecoledufrene.com/dropbox.html IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:06:18 Last Seen2023-03-11 09:06:18 Times Seen1 Hash ba728d96100ce87919306294f36b88ee ba63480ae7a1aeeebf71e163d354961875954a6e d90bf1d4f083049d9bee696a05b67efea814952dedd1cc3b895d70053af3ae58 Loading...

	autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3	20 kB	2023-03-07	2024-03-18
Pretty URL autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3 IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:04 Last Seen2024-03-18 15:32:57 Times Seen628 Hash e93d7fa3e0f8cecb5f3636517d0573dc 59a88a7f3402b855c15caa0e304ef2b238a8f17c 8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a Loading...

	autoecoledufrene.com/dropbox.html	72 B	2023-03-07	2024-03-14
Pretty URL autoecoledufrene.com/dropbox.html IP 178.20.66.207 ASN #29608 Absolight SARL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:04 Last Seen2024-03-14 01:03:01 Times Seen189 Hash 46dc272707f808a010d65270e350be87 ff0b024e575cd5217454cff3866870a8e3c6d061 029f3cf62854c4139b5392266d61b3e9ceec43cc74c113861e7e782cf5dfc2c4 Loading...

HTTP Transactions (52)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7034
Expires: Tue, 08 Nov 2022 16:44:00 GMT
Date: Tue, 08 Nov 2022 14:46:46 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2763
Cache-Control: max-age=160228
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:46 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:17:14 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10167
Expires: Tue, 08 Nov 2022 17:36:13 GMT
Date: Tue, 08 Nov 2022 14:46:46 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: unagvKgUDh6jdvcJb7zNZ29VXwd5reE6SqwsaL/ghQOfSU2h9F6MfSgd6KI1K8j0vHWeNGwHgEk=
x-amz-request-id: XJAQ71RS45YC449W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 14:11:20 GMT
age: 2126
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 14:46:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

autoecoledufrene.com/dropbox.html

178.20.66.207

301 Moved Permanently

0 B

URL HTTP/1.1
autoecoledufrene.com/dropbox.html
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /dropbox.html HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 08 Nov 2022 14:46:46 GMT
Server: Apache
Set-Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; expires=Tue, 08-Nov-2022 15:16:46 GMT; Max-Age=1800; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Location: https://autoecoledufrene.com/dropbox.html
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5010
Cache-Control: max-age=157409
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:30:16 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.41.98.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.98.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Pw6NqwR0x2oZaK387ME8VA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: imcAIUj9UtvtZpYK9BfT1KcNaG4=

autoecoledufrene.com/dropbox.html

178.20.66.207

404 Not Found

40 kB

URL HTTP/1.1
autoecoledufrene.com/dropbox.html
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
40 kB (40166 bytes)
Hash
a1d90f96e5bce1a6fa662d74178d16f1
f394563685ce2a2b5bfb0fd77e6053d27d30921f
3f4a89e4c56eecb8fa05ee2ac748d4124fd208ad0d53389e3e3064e2e2551585

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /dropbox.html HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:46:46 GMT
Server: Apache
Set-Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; expires=Tue, 08-Nov-2022 15:16:47 GMT; Max-Age=1800; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Link: <https://autoecoledufrene.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

autoecoledufrene.com/wp-includes/css/dist/block-library/style.min.css?ver=923f1c245c65dad5398ea3f7008a454d

178.20.66.207

200 OK

12 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/css/dist/block-library/style.min.css?ver=923f1c245c65dad5398ea3f7008a454d
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (47826)
Size
12 kB (12505 bytes)
Hash
3b8c4b8f6260a403d6206f241159bb38
4ccf913d00b5b7f54b195883578c678ca92457ed
1e4d3d74bdad2b40969b13402b41765b074c8fbd0e2587840e2aa70a0c3c9121

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=923f1c245c65dad5398ea3f7008a454d HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 14:23:30 GMT
ETag: "17265-5ec7d95b57ad4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 12505
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

autoecoledufrene.com/wp-includes/css/classic-themes.min.css?ver=1

178.20.66.207

200 OK

189 B

URL HTTP/1.1
autoecoledufrene.com/wp-includes/css/classic-themes.min.css?ver=1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 14:23:30 GMT
ETag: "d9-5ec7d95b910cd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 189
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

autoecoledufrene.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

178.20.66.207

200 OK

31 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (65447)
Size
31 kB (30995 bytes)
Hash
1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 14:23:31 GMT
ETag: "15e54-5ec7d95c6ad26-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 30995
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d6dbaa7f1a697305cfaabdc859cdb9d3
680fa363852fb33b9b76b83d3ba5c0a4c51499cb
2ccc20d4d484d91da7e9fb07056d62a620af07b21f495be49f54e7e83c988dda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

autoecoledufrene.com/wp-content/uploads/sites/550/tablepress-combined.min.css?ver=12

178.20.66.207

200 OK

2.3 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/tablepress-combined.min.css?ver=12
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (5149)
Size
2.3 kB (2325 bytes)
Hash
4a5db3f89ca98fe13fd32af2132fd2be
e9acb7a8d2a8bd27df11a39c9a116f366a16aff3
6fc4ee954153a59ce8d8ac3b964d7bee583b3d6179d5a43206395c03d6ab92da

HTTP Headers

GET /wp-content/uploads/sites/550/tablepress-combined.min.css?ver=12 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 28 Jul 2021 11:01:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 2325
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3

178.20.66.207

200 OK

1.6 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (5788), with no line terminators
Size
1.6 kB (1614 bytes)
Hash
788d0badc45697bfa320b40ce9a610b9
eb0b675a3913b5e90ba0cee7991c5267e7543d38
71c2a5cb1bf65ee15c2dd7cb3e9b902d9126fd776012b3ea137357103b805a74

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:13 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 1614
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-content/uploads/sites/550/bb-theme/skin-63592cbd2d0a8.css?ver=1.7.12.1

178.20.66.207

200 OK

9.1 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/bb-theme/skin-63592cbd2d0a8.css?ver=1.7.12.1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (61660), with no line terminators
Size
9.1 kB (9126 bytes)
Hash
983a27196063db66aa771615e545ee83
92f531b93f9ecd7cdc14aab402dc7d71305fe314
b5b599668e0283f44e5f6b969c612d0f1f1cc58da0c9a9dbb961f5d57d9441ce

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/sites/550/bb-theme/skin-63592cbd2d0a8.css?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:49:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 9126
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

178.20.66.207

200 OK

4.2 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Mon, 14 Dec 2020 16:35:10 GMT
ETag: "2bd8-5b66f39c7b6a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 4169
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3

178.20.66.207

200 OK

13 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (59119)
Size
13 kB (12858 bytes)
Hash
3e92af10a84a42002b92a4640296e4f3
6923adc599ae4bf8199f2e03380a6006c81c6318
72a08dac4113a17fedab19f6721d3003fd8ee2ae7b371ff9c55addc4420979e9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 12858
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

www.googletagmanager.com/gtag/js?id=UA-88128226-1&l=beehiveDataLayer

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-88128226-1&l=beehiveDataLayer
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43670 bytes)
Hash
393deba4477fa6a6a33e481698ee7c42
71b7d1fef29c130b9cd67993818d2fb9d64eaedc
fe50f74386356cc6847700b4245312ea12d57df4e1ee0c5e4d273a9de058fbe6

HTTP Headers

GET /gtag/js?id=UA-88128226-1&l=beehiveDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 14:46:47 GMT
expires: Tue, 08 Nov 2022 14:46:47 GMT
cache-control: private, max-age=900
last-modified: Tue, 08 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43670
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

autoecoledufrene.com/wp-content/themes/bb-theme-child/style.css

178.20.66.207

200 OK

383 B

URL HTTP/1.1
autoecoledufrene.com/wp-content/themes/bb-theme-child/style.css
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text
Size
383 B (383 bytes)
Hash
64704e3185e31e04e73cae1b1726355a
f242ff7da3c5462d4d914e92005e636ae1b85bbc
8ea417a794fd3f51a7216c7e81726d1c9ba16997a48568c270bd0027b8e8b4d9

HTTP Headers

GET /wp-content/themes/bb-theme-child/style.css HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Tue, 01 Mar 2022 10:04:50 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 383
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

autoecoledufrene.com/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.12.1

178.20.66.207

200 OK

24 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.12.1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (65326)
Size
24 kB (24108 bytes)
Hash
f576a6d67185145482495b6baf4d1903
c021ba4f0cf7fde7a1b9c80cbacb33e31eb8cf1d
05d61a6f9c5fcb281a317ada52a8479e20996f2c4699f7d6843bc9fd2e1641d8

HTTP Headers

GET /wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:35:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 24108
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3

178.20.66.207

200 OK

460 B

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (479)
Size
460 B (460 bytes)
Hash
22fba66950c06ff062b68622a34dd937
0801cb6d3a2f6873c1a588f5d183d9b5aa15a896
f65e9eebd16b50487c49999bda79cf565a7b1ab7dff223dd8aa1888038878144

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:18 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 460
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3

178.20.66.207

200 OK

7.2 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (19875), with no line terminators
Size
7.2 kB (7182 bytes)
Hash
40a80eabe15f2e409fbc4125d1fb1b93
27c911716c76dd67c5bb860537b67aaed87a8619
1280e267eb98320ecc0bdb0b8ee4b4d31fd6557acea1d5325e94fe83743ba90a

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 7182
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2

178.20.66.207

200 OK

800 B

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
HTML document, ASCII text, with very long lines (1781)
Size
800 B (800 bytes)
Hash
2ef26beeb71ec946ed392e43b85931e6
27f42617f5d95307f266390f7ea56c3bbd0432f7
b71f9fe2f0221f2c9fc1b97daced69dc37fe076f08e45717ff23a2ee6daa5bab

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 800
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

autoecoledufrene.com/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061

178.20.66.207

200 OK

19 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (367), with CRLF line terminators
Size
19 kB (19018 bytes)
Hash
eeca7546914d6dacd60ecbacded04e59
578e34d47dd062b52c81eb0499c387b4ffd71656
c98d0dde63f71180dabe86e287b2a38f60af9572beb8379e20f54fba5b95c16e

HTTP Headers

GET /wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Tue, 18 Oct 2022 13:59:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 19018
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

autoecoledufrene.com/wp-includes/js/wp-emoji-release.min.js?ver=923f1c245c65dad5398ea3f7008a454d

178.20.66.207

200 OK

5.0 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/js/wp-emoji-release.min.js?ver=923f1c245c65dad5398ea3f7008a454d
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5009 bytes)
Hash
e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=923f1c245c65dad5398ea3f7008a454d HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Mon, 30 May 2022 11:07:43 GMT
ETag: "48b9-5e038aa508b2a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 5009
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1

178.20.66.207

200 OK

5.5 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (22879), with no line terminators
Size
5.5 kB (5490 bytes)
Hash
21cc51b69cc66b0fbc0d904f50b49360
cc9e64997f2c8b7405e241b437b44f9e5ed4a035
04f2803535ad60361e165071a18d8b577835aa53e22b6a546182606bf193bc53

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:35:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 5490
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

autoecoledufrene.com/wp-content/uploads/sites/550/2017/08/logo-1.png

178.20.66.207

200 OK

18 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/uploads/sites/550/2017/08/logo-1.png
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
PNG image data, 495 x 175, 8-bit colormap, non-interlaced\012- data
Size
18 kB (17852 bytes)
Hash
ab05e82d2aa8fcbf93fae686f68754bc
971978a30a7da0acfc5618641a00076bafb310fd
cfef1b53e58b196d3a5cf3f45e176bfa308ed4b1cd67a1fa0c1d863cfe449c99

HTTP Headers

GET /wp-content/uploads/sites/550/2017/08/logo-1.png HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Fri, 03 Aug 2018 12:21:54 GMT
Accept-Ranges: bytes
Content-Length: 17852
Cache-Control: max-age=10368000, public
Expires: Wed, 08 Mar 2023 14:46:47 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1

178.20.66.207

200 OK

15 kB

URL HTTP/1.1
autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
ASCII text, with very long lines (62161)
Size
15 kB (15255 bytes)
Hash
b629a5cd322bc803c19472c9b20fa6ba
a72c637d9be4bdc8967f06e05d9e4d646da6b163
e27ed7c2d8ba357e883d779cc8fec421bc07fbc29d758bb4bf5ec1d876983376

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:35:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 15255
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://autoecoledufrene.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 16:40:18 GMT
expires: Fri, 03 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 425189
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2

216.58.207.195

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21528, version 1.0\012- data
Size
22 kB (21528 bytes)
Hash
1bfee3e98396ef2e378eca9689d4c859
5ac6383a9367f7f0bdfb55e477b0b976fdff3942
d3bf5c7f14111380b95d877ae25c01388693756986fdf6f8231deae0c209d7bc

HTTP Headers

GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://autoecoledufrene.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 21:24:36 GMT
expires: Tue, 07 Nov 2023 21:24:36 GMT
cache-control: public, max-age=31536000
age: 62531
last-modified: Mon, 18 Jul 2022 19:57:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 08 Nov 2022 14:41:09 GMT
expires: Tue, 08 Nov 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 339
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

autoecoledufrene.com/favicon.ico

178.20.66.207

302 Found

0 B

URL HTTP/1.1
autoecoledufrene.com/favicon.ico
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Tue, 08 Nov 2022 14:46:48 GMT
Server: Apache
Set-Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; expires=Tue, 08-Nov-2022 15:16:48 GMT; Max-Age=1800; path=/
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Link: <https://autoecoledufrene.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://autoecoledufrene.com/wp-includes/images/w-logo-blue-white-bg.png
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10801
Expires: Tue, 08 Nov 2022 17:46:49 GMT
Date: Tue, 08 Nov 2022 14:46:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10801
Expires: Tue, 08 Nov 2022 17:46:49 GMT
Date: Tue, 08 Nov 2022 14:46:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10801
Expires: Tue, 08 Nov 2022 17:46:49 GMT
Date: Tue, 08 Nov 2022 14:46:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10801
Expires: Tue, 08 Nov 2022 17:46:49 GMT
Date: Tue, 08 Nov 2022 14:46:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10801
Expires: Tue, 08 Nov 2022 17:46:49 GMT
Date: Tue, 08 Nov 2022 14:46:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4737 bytes)
Hash
39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:49:14 GMT
age: 61054
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4527 bytes)
Hash
7884b85a4b30e918a0b44f73a301a78b
f7ae1b83a0199b76dd0d31a21db4072b867e4f37
9576f9ad95c958887de953dee72b267cd0ed7293ed62fb540df76a2d49fac035

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4527
x-amzn-requestid: c3be9447-c43a-48d6-9aef-c0999742886c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1GFN5IAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b53-3bb315de52dcf6114da9ad05;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _nFA59k8ERwiA6Ct_pZJs0WkFuagosyyiOkeQc1PuWMcno-Lpz4UfA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:39 GMT
etag: "f7ae1b83a0199b76dd0d31a21db4072b867e4f37"
content-type: image/jpeg
age: 61449
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9336 bytes)
Hash
71473fb15e07b9c973e7368bdd2c2eb7
e5e369ed7b77ff7639bffc16da2f2ca6c035421c
a7e72e22f9d0204e2be1f21fe1c66c8469c5b14ef3b4c64f3cf2335ba5365618

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9336
x-amzn-requestid: fb33f029-9d6c-40df-aab2-bdb139d8dedb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKOGdEIAMFujA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-53c235ce324b4e896b401a40;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zP8bp-rTtlDnlSAnPdZNJL19gSEfS9HmA9WUgNx4jku9i1zoahW-og==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 61607
etag: "e5e369ed7b77ff7639bffc16da2f2ca6c035421c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 29927
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12662 bytes)
Hash
b64fcd58491917edfc8ffb57c1382cd0
edf97aab58dacd11fa52924b1382c2bf1ede5e55
a2c60a2f7780085b4643ab7f521fb6c858ca72c3170e6f3acd2250b9c3b14cc5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12662
x-amzn-requestid: edaa58fb-c3eb-4af0-ad32-be8c7cf14421
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKLHSBoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a40-4c35cd455ff7a829756eeb56;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FjjrCP8dJDZrk38J0SqWxN2Ya4O3-hcO_uW5ULwOQTREh4-MU_szA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 61607
etag: "edf97aab58dacd11fa52924b1382c2bf1ede5e55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10781 bytes)
Hash
4ff4c1be0934222258267f7595f2ecde
5d51855ed7cc6f8cac53eef1730212eb70b28036
49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10781
x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAwTF2cIAMF0DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yfT-BN4Codmr6J5v6xIIIpOG5EaHI1xnOqineRxdeQ3VJ_MmujMZew==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:38 GMT
age: 61450
etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

autoecoledufrene.com/wp-includes/images/w-logo-blue-white-bg.png

178.20.66.207

200 OK

4.1 kB

URL HTTP/1.1
autoecoledufrene.com/wp-includes/images/w-logo-blue-white-bg.png
IP
178.20.66.207:0
ASN
#29608 Absolight SARL

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://autoecoledufrene.com/dropbox.html
Connection: keep-alive
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; _ga=GA1.2.1970033255.1667918805; _gid=GA1.2.1111503517.1667918805
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:48 GMT
Server: Apache
Last-Modified: Thu, 11 Jun 2020 09:46:04 GMT
ETag: "1017-5a7cbd43985d7"
Accept-Ranges: bytes
Content-Length: 4119
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%2C400%7CRaleway%3A600&ver=923f1c245c65dad5398ea3f7008a454d

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%2C400%7CRaleway%3A600&ver=923f1c245c65dad5398ea3f7008a454d
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat%3A300%2C400%2C700%2C400%7CRaleway%3A600&ver=923f1c245c65dad5398ea3f7008a454d HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 14:46:47 GMT
date: Tue, 08 Nov 2022 14:46:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations