r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7034
Expires: Tue, 08 Nov 2022 16:44:00 GMT
Date: Tue, 08 Nov 2022 14:46:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2763
Cache-Control: max-age=160228
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:46 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:17:14 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10167
Expires: Tue, 08 Nov 2022 17:36:13 GMT
Date: Tue, 08 Nov 2022 14:46:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: unagvKgUDh6jdvcJb7zNZ29VXwd5reE6SqwsaL/ghQOfSU2h9F6MfSgd6KI1K8j0vHWeNGwHgEk=
x-amz-request-id: XJAQ71RS45YC449W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 14:11:20 GMT
age: 2126
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 14:46:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
autoecoledufrene.com/dropbox.html
178.20.66.207301 Moved Permanently 0 B URL HTTP/1.1 autoecoledufrene.com/dropbox.html
IP 178.20.66.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /dropbox.html HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 08 Nov 2022 14:46:46 GMT
Server: Apache
Set-Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; expires=Tue, 08-Nov-2022 15:16:46 GMT; Max-Age=1800; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Location: https://autoecoledufrene.com/dropbox.html
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5010
Cache-Control: max-age=157409
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:30:16 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.98.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.98.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Pw6NqwR0x2oZaK387ME8VA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: imcAIUj9UtvtZpYK9BfT1KcNaG4=
autoecoledufrene.com/dropbox.html
178.20.66.207404 Not Found 40 kB URL HTTP/1.1 autoecoledufrene.com/dropbox.html
IP 178.20.66.207:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash a1d90f96e5bce1a6fa662d74178d16f1
f394563685ce2a2b5bfb0fd77e6053d27d30921f
3f4a89e4c56eecb8fa05ee2ac748d4124fd208ad0d53389e3e3064e2e2551585
Analyzer Verdict Alert fortinet Phishing
GET /dropbox.html HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:46:46 GMT
Server: Apache
Set-Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; expires=Tue, 08-Nov-2022 15:16:47 GMT; Max-Age=1800; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Link: <https://autoecoledufrene.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
autoecoledufrene.com/wp-includes/css/dist/block-library/style.min.css?ver=923f1c245c65dad5398ea3f7008a454d
178.20.66.207200 OK 12 kB URL HTTP/1.1 autoecoledufrene.com/wp-includes/css/dist/block-library/style.min.css?ver=923f1c245c65dad5398ea3f7008a454d
IP 178.20.66.207:0
File type ASCII text, with very long lines (47826)
Hash 3b8c4b8f6260a403d6206f241159bb38
4ccf913d00b5b7f54b195883578c678ca92457ed
1e4d3d74bdad2b40969b13402b41765b074c8fbd0e2587840e2aa70a0c3c9121
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=923f1c245c65dad5398ea3f7008a454d HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 14:23:30 GMT
ETag: "17265-5ec7d95b57ad4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 12505
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
autoecoledufrene.com/wp-includes/css/classic-themes.min.css?ver=1
178.20.66.207200 OK 189 B URL HTTP/1.1 autoecoledufrene.com/wp-includes/css/classic-themes.min.css?ver=1
IP 178.20.66.207:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 14:23:30 GMT
ETag: "d9-5ec7d95b910cd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 189
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
autoecoledufrene.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
178.20.66.207200 OK 31 kB URL HTTP/1.1 autoecoledufrene.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 178.20.66.207:0
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 14:23:31 GMT
ETag: "15e54-5ec7d95c6ad26-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 30995
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d6dbaa7f1a697305cfaabdc859cdb9d3
680fa363852fb33b9b76b83d3ba5c0a4c51499cb
2ccc20d4d484d91da7e9fb07056d62a620af07b21f495be49f54e7e83c988dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
autoecoledufrene.com/wp-content/uploads/sites/550/tablepress-combined.min.css?ver=12
178.20.66.207200 OK 2.3 kB URL HTTP/1.1 autoecoledufrene.com/wp-content/uploads/sites/550/tablepress-combined.min.css?ver=12
IP 178.20.66.207:0
File type ASCII text, with very long lines (5149)
Hash 4a5db3f89ca98fe13fd32af2132fd2be
e9acb7a8d2a8bd27df11a39c9a116f366a16aff3
6fc4ee954153a59ce8d8ac3b964d7bee583b3d6179d5a43206395c03d6ab92da
GET /wp-content/uploads/sites/550/tablepress-combined.min.css?ver=12 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 28 Jul 2021 11:01:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 2325
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
autoecoledufrene.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3
178.20.66.207200 OK 1.6 kB URL HTTP/1.1 autoecoledufrene.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3
IP 178.20.66.207:0
File type ASCII text, with very long lines (5788), with no line terminators
Hash 788d0badc45697bfa320b40ce9a610b9
eb0b675a3913b5e90ba0cee7991c5267e7543d38
71c2a5cb1bf65ee15c2dd7cb3e9b902d9126fd776012b3ea137357103b805a74
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:13 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 1614
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
autoecoledufrene.com/wp-content/uploads/sites/550/bb-theme/skin-63592cbd2d0a8.css?ver=1.7.12.1
178.20.66.207200 OK 9.1 kB URL HTTP/1.1 autoecoledufrene.com/wp-content/uploads/sites/550/bb-theme/skin-63592cbd2d0a8.css?ver=1.7.12.1
IP 178.20.66.207:0
File type ASCII text, with very long lines (61660), with no line terminators
Hash 983a27196063db66aa771615e545ee83
92f531b93f9ecd7cdc14aab402dc7d71305fe314
b5b599668e0283f44e5f6b969c612d0f1f1cc58da0c9a9dbb961f5d57d9441ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/sites/550/bb-theme/skin-63592cbd2d0a8.css?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:49:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 9126
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
178.20.66.207200 OK 4.2 kB URL HTTP/1.1 autoecoledufrene.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 178.20.66.207:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Mon, 14 Dec 2020 16:35:10 GMT
ETag: "2bd8-5b66f39c7b6a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 4169
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3
178.20.66.207200 OK 13 kB URL HTTP/1.1 autoecoledufrene.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3
IP 178.20.66.207:0
File type ASCII text, with very long lines (59119)
Hash 3e92af10a84a42002b92a4640296e4f3
6923adc599ae4bf8199f2e03380a6006c81c6318
72a08dac4113a17fedab19f6721d3003fd8ee2ae7b371ff9c55addc4420979e9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 12858
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.googletagmanager.com/gtag/js?id=UA-88128226-1&l=beehiveDataLayer
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-88128226-1&l=beehiveDataLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 393deba4477fa6a6a33e481698ee7c42
71b7d1fef29c130b9cd67993818d2fb9d64eaedc
fe50f74386356cc6847700b4245312ea12d57df4e1ee0c5e4d273a9de058fbe6
GET /gtag/js?id=UA-88128226-1&l=beehiveDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 14:46:47 GMT
expires: Tue, 08 Nov 2022 14:46:47 GMT
cache-control: private, max-age=900
last-modified: Tue, 08 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43670
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
autoecoledufrene.com/wp-content/themes/bb-theme-child/style.css
178.20.66.207200 OK 383 B URL HTTP/1.1 autoecoledufrene.com/wp-content/themes/bb-theme-child/style.css
IP 178.20.66.207:0
Hash 64704e3185e31e04e73cae1b1726355a
f242ff7da3c5462d4d914e92005e636ae1b85bbc
8ea417a794fd3f51a7216c7e81726d1c9ba16997a48568c270bd0027b8e8b4d9
GET /wp-content/themes/bb-theme-child/style.css HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Tue, 01 Mar 2022 10:04:50 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 383
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
autoecoledufrene.com/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.12.1
178.20.66.207200 OK 24 kB URL HTTP/1.1 autoecoledufrene.com/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.12.1
IP 178.20.66.207:0
File type ASCII text, with very long lines (65326)
Hash f576a6d67185145482495b6baf4d1903
c021ba4f0cf7fde7a1b9c80cbacb33e31eb8cf1d
05d61a6f9c5fcb281a317ada52a8479e20996f2c4699f7d6843bc9fd2e1641d8
GET /wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:35:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 24108
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3
178.20.66.207200 OK 460 B URL HTTP/1.1 autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3
IP 178.20.66.207:0
File type ASCII text, with very long lines (479)
Hash 22fba66950c06ff062b68622a34dd937
0801cb6d3a2f6873c1a588f5d183d9b5aa15a896
f65e9eebd16b50487c49999bda79cf565a7b1ab7dff223dd8aa1888038878144
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:18 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 460
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3
178.20.66.207200 OK 7.2 kB URL HTTP/1.1 autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3
IP 178.20.66.207:0
File type ASCII text, with very long lines (19875), with no line terminators
Hash 40a80eabe15f2e409fbc4125d1fb1b93
27c911716c76dd67c5bb860537b67aaed87a8619
1280e267eb98320ecc0bdb0b8ee4b4d31fd6557acea1d5325e94fe83743ba90a
GET /wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 7182
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2
178.20.66.207200 OK 800 B URL HTTP/1.1 autoecoledufrene.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2
IP 178.20.66.207:0
File type HTML document, ASCII text, with very long lines (1781)
Hash 2ef26beeb71ec946ed392e43b85931e6
27f42617f5d95307f266390f7ea56c3bbd0432f7
b71f9fe2f0221f2c9fc1b97daced69dc37fe076f08e45717ff23a2ee6daa5bab
GET /wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:37:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 800
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
autoecoledufrene.com/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061
178.20.66.207200 OK 19 kB URL HTTP/1.1 autoecoledufrene.com/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061
IP 178.20.66.207:0
File type ASCII text, with very long lines (367), with CRLF line terminators
Hash eeca7546914d6dacd60ecbacded04e59
578e34d47dd062b52c81eb0499c387b4ffd71656
c98d0dde63f71180dabe86e287b2a38f60af9572beb8379e20f54fba5b95c16e
GET /wp-content/plugins/advanced-iframe/js/ai.min.js?ver=692061 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Tue, 18 Oct 2022 13:59:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 19018
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
autoecoledufrene.com/wp-includes/js/wp-emoji-release.min.js?ver=923f1c245c65dad5398ea3f7008a454d
178.20.66.207200 OK 5.0 kB URL HTTP/1.1 autoecoledufrene.com/wp-includes/js/wp-emoji-release.min.js?ver=923f1c245c65dad5398ea3f7008a454d
IP 178.20.66.207:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=923f1c245c65dad5398ea3f7008a454d HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Mon, 30 May 2022 11:07:43 GMT
ETag: "48b9-5e038aa508b2a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 5009
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1
178.20.66.207200 OK 5.5 kB URL HTTP/1.1 autoecoledufrene.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1
IP 178.20.66.207:0
File type ASCII text, with very long lines (22879), with no line terminators
Hash 21cc51b69cc66b0fbc0d904f50b49360
cc9e64997f2c8b7405e241b437b44f9e5ed4a035
04f2803535ad60361e165071a18d8b577835aa53e22b6a546182606bf193bc53
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:35:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 5490
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
autoecoledufrene.com/wp-content/uploads/sites/550/2017/08/logo-1.png
178.20.66.207200 OK 18 kB URL HTTP/1.1 autoecoledufrene.com/wp-content/uploads/sites/550/2017/08/logo-1.png
IP 178.20.66.207:0
File type PNG image data, 495 x 175, 8-bit colormap, non-interlaced\012- data
Hash ab05e82d2aa8fcbf93fae686f68754bc
971978a30a7da0acfc5618641a00076bafb310fd
cfef1b53e58b196d3a5cf3f45e176bfa308ed4b1cd67a1fa0c1d863cfe449c99
GET /wp-content/uploads/sites/550/2017/08/logo-1.png HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Fri, 03 Aug 2018 12:21:54 GMT
Accept-Ranges: bytes
Content-Length: 17852
Cache-Control: max-age=10368000, public
Expires: Wed, 08 Mar 2023 14:46:47 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1
178.20.66.207200 OK 15 kB URL HTTP/1.1 autoecoledufrene.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1
IP 178.20.66.207:0
File type ASCII text, with very long lines (62161)
Hash b629a5cd322bc803c19472c9b20fa6ba
a72c637d9be4bdc8967f06e05d9e4d646da6b163
e27ed7c2d8ba357e883d779cc8fec421bc07fbc29d758bb4bf5ec1d876983376
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1 HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:47 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 12:35:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 08 Nov 2023 14:46:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 15255
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://autoecoledufrene.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 16:40:18 GMT
expires: Fri, 03 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 425189
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2
216.58.207.195200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21528, version 1.0\012- data
Hash 1bfee3e98396ef2e378eca9689d4c859
5ac6383a9367f7f0bdfb55e477b0b976fdff3942
d3bf5c7f14111380b95d877ae25c01388693756986fdf6f8231deae0c209d7bc
GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://autoecoledufrene.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 21:24:36 GMT
expires: Tue, 07 Nov 2023 21:24:36 GMT
cache-control: public, max-age=31536000
age: 62531
last-modified: Mon, 18 Jul 2022 19:57:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 08 Nov 2022 14:41:09 GMT
expires: Tue, 08 Nov 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 339
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
autoecoledufrene.com/favicon.ico
178.20.66.207302 Found 0 B URL HTTP/1.1 autoecoledufrene.com/favicon.ico
IP 178.20.66.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/dropbox.html
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Tue, 08 Nov 2022 14:46:48 GMT
Server: Apache
Set-Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; expires=Tue, 08-Nov-2022 15:16:48 GMT; Max-Age=1800; path=/
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Link: <https://autoecoledufrene.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://autoecoledufrene.com/wp-includes/images/w-logo-blue-white-bg.png
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10801
Expires: Tue, 08 Nov 2022 17:46:49 GMT
Date: Tue, 08 Nov 2022 14:46:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10801
Expires: Tue, 08 Nov 2022 17:46:49 GMT
Date: Tue, 08 Nov 2022 14:46:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10801
Expires: Tue, 08 Nov 2022 17:46:49 GMT
Date: Tue, 08 Nov 2022 14:46:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10801
Expires: Tue, 08 Nov 2022 17:46:49 GMT
Date: Tue, 08 Nov 2022 14:46:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10801
Expires: Tue, 08 Nov 2022 17:46:49 GMT
Date: Tue, 08 Nov 2022 14:46:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:49:14 GMT
age: 61054
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7884b85a4b30e918a0b44f73a301a78b
f7ae1b83a0199b76dd0d31a21db4072b867e4f37
9576f9ad95c958887de953dee72b267cd0ed7293ed62fb540df76a2d49fac035
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4527
x-amzn-requestid: c3be9447-c43a-48d6-9aef-c0999742886c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1GFN5IAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b53-3bb315de52dcf6114da9ad05;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _nFA59k8ERwiA6Ct_pZJs0WkFuagosyyiOkeQc1PuWMcno-Lpz4UfA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:39 GMT
etag: "f7ae1b83a0199b76dd0d31a21db4072b867e4f37"
content-type: image/jpeg
age: 61449
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71473fb15e07b9c973e7368bdd2c2eb7
e5e369ed7b77ff7639bffc16da2f2ca6c035421c
a7e72e22f9d0204e2be1f21fe1c66c8469c5b14ef3b4c64f3cf2335ba5365618
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9336
x-amzn-requestid: fb33f029-9d6c-40df-aab2-bdb139d8dedb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKOGdEIAMFujA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-53c235ce324b4e896b401a40;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zP8bp-rTtlDnlSAnPdZNJL19gSEfS9HmA9WUgNx4jku9i1zoahW-og==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 61607
etag: "e5e369ed7b77ff7639bffc16da2f2ca6c035421c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 29927
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b64fcd58491917edfc8ffb57c1382cd0
edf97aab58dacd11fa52924b1382c2bf1ede5e55
a2c60a2f7780085b4643ab7f521fb6c858ca72c3170e6f3acd2250b9c3b14cc5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12662
x-amzn-requestid: edaa58fb-c3eb-4af0-ad32-be8c7cf14421
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKLHSBoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a40-4c35cd455ff7a829756eeb56;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FjjrCP8dJDZrk38J0SqWxN2Ya4O3-hcO_uW5ULwOQTREh4-MU_szA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 61607
etag: "edf97aab58dacd11fa52924b1382c2bf1ede5e55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ff4c1be0934222258267f7595f2ecde
5d51855ed7cc6f8cac53eef1730212eb70b28036
49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10781
x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAwTF2cIAMF0DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yfT-BN4Codmr6J5v6xIIIpOG5EaHI1xnOqineRxdeQ3VJ_MmujMZew==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:38 GMT
age: 61450
etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
autoecoledufrene.com/wp-includes/images/w-logo-blue-white-bg.png
178.20.66.207200 OK 4.1 kB URL HTTP/1.1 autoecoledufrene.com/wp-includes/images/w-logo-blue-white-bg.png
IP 178.20.66.207:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: autoecoledufrene.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://autoecoledufrene.com/dropbox.html
Connection: keep-alive
Cookie: spo_550_fa=33fa61aa9bcf8cb79b5978d4f00c79ea; _ga=GA1.2.1970033255.1667918805; _gid=GA1.2.1111503517.1667918805
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:46:48 GMT
Server: Apache
Last-Modified: Thu, 11 Jun 2020 09:46:04 GMT
ETag: "1017-5a7cbd43985d7"
Accept-Ranges: bytes
Content-Length: 4119
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%2C400%7CRaleway%3A600&ver=923f1c245c65dad5398ea3f7008a454d
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%2C400%7CRaleway%3A600&ver=923f1c245c65dad5398ea3f7008a454d
IP 142.250.74.10:0
GET /css?family=Montserrat%3A300%2C400%2C700%2C400%7CRaleway%3A600&ver=923f1c245c65dad5398ea3f7008a454d HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoecoledufrene.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 14:46:47 GMT
date: Tue, 08 Nov 2022 14:46:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2