| | 3.98.254.20 | 301 Moved Permanently | 230 B |
URL User Request GET HTTP/2IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash72f1b209977dc83dab007f0e2d7a288b 437776015c478debb7da09373271f6a4a0b2bd42 1a8f0f9ec66b97c8bcaec45a7e354fa450de7a1f99589d5a6508529e07fa1bd6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /en HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 26 Apr 2024 08:35:57 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 230
Connection: keep-alive
Server: Apache
Location: https://3.98.254.20/en
Cache-Control: max-age=600
Expires: Fri, 26 Apr 2024 08:45:57 GMT
|
|
| | 3.98.254.20 | 301 Moved Permanently | 231 B |
URL User Request GET HTTP/2IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash6cbb16020df0d866f757d27e3898f43d a5eca1b29168aa7ef5e5c2c25332b4aaff85f41a f688953ed755daf675a6870861f8e33f3c011a3057607e7d2f78f28fd52bd1db
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /en HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 26 Apr 2024 08:35:59 GMT
content-type: text/html; charset=iso-8859-1
content-length: 231
location: https://3.98.254.20/en/
server: Apache
cache-control: max-age=600
expires: Fri, 26 Apr 2024 08:45:59 GMT
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-temoins-navigation/css/librairies/iframemanager.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 2.0 kB |
URL GET HTTP/23.98.254.20/user/plugins/druide-temoins-navigation/css/librairies/iframemanager.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (7827), with no line terminators Hash90a819b334f57871b85c51cd60278a0e e94f239aa06f70c815dc20513114b17e3693cba8 97eabab6ecf4f8aab9851d240ac389078c69f7e264ff6431570c84bc4f5bed47
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-temoins-navigation/css/librairies/iframemanager.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 1968
server: Apache
last-modified: Thu, 21 Sep 2023 19:57:20 GMT
etag: "1e93-605e3e6512d39-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-temoins-navigation/css/librairies/cookieconsent.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 4.4 kB |
URL GET HTTP/23.98.254.20/user/plugins/druide-temoins-navigation/css/librairies/cookieconsent.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (19313), with no line terminators Hash18d00a1550fa595b0cbcfd76567f8460 b6930cd9e7dadf4a3d6cb9a6373fe688f5579253 2ceeeed9440b419619c1fb6ede63fe60cfd57d46444b739bd1d6aa6f9cb3dab1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-temoins-navigation/css/librairies/cookieconsent.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 4429
server: Apache
last-modified: Thu, 21 Sep 2023 19:57:20 GMT
etag: "4b71-605e3e6512d39-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-temoins-navigation/css/druide-temoins-navigation.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 581 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-temoins-navigation/css/druide-temoins-navigation.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1853), with no line terminators Hashae88cabda2567cd07f9d58ccc075ca85 3f5e3b4c145784bd02149eb955bc63b8e47b7e54 3677aa69a11c3a334356e14f9c619079e154dd4ceb46d532335b201f3c46bd74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-temoins-navigation/css/druide-temoins-navigation.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 581
server: Apache
last-modified: Tue, 19 Dec 2023 17:28:42 GMT
etag: "73d-60ce032b16d5a-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/css/menu-flottant.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 1.1 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/css/menu-flottant.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (4046), with no line terminators Hash40395c932f283cdd49a85c6e470594ca 18ac2eca87755fe8c9f76e99a4771c7f974982fa 0f9642008bd5aa1e35f1994cfa0105bea3c10108ffcf720d1983476853014ddb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/css/menu-flottant.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 1105
server: Apache
last-modified: Mon, 18 Mar 2024 18:35:50 GMT
etag: "fce-613f3a07fec57-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/css/bannieres.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 526 B |
URL GET HTTP/23.98.254.20/user/themes/antidote/css/bannieres.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (2460), with no line terminators Hash7104d847300abfe77dc872962cd3f3c4 a07b10ca673f5d7cba4958a7926966608f7f3064 0e09517a1c8ecbd885cc1ab4599ab3af864a7d477c86dc446fa1688bc4b364ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/css/bannieres.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 526
server: Apache
last-modified: Thu, 12 Nov 2020 00:20:00 GMT
etag: "99c-5b3dddf650f83-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/css/base.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 15 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/css/base.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (65534), with no line terminators Hashbbdbe7ad95458353aecc1130f2aa7f79 b3b49c53315034a4b364312e6109f80843b40f2a 1eaf2005b8e48792eade65dfb4a7b2c95d70fc121aaf4767e9980f995cf412df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/css/base.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 14574
server: Apache
last-modified: Tue, 16 Apr 2024 16:38:53 GMT
etag: "19771-616395fa5121a-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-markdown/css/vignette-video.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 131 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-markdown/css/vignette-video.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashdd3dc23405f3ac722e3778904fed2fa0 46e1c7969f17e7ec13f5ff21764da73b57242cd7 aebc9601919b4e8a991199ad033f809849e535dc8ae2d7f8b9b15eac2acfd94c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-markdown/css/vignette-video.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 131
server: Apache
last-modified: Mon, 20 Mar 2023 13:57:20 GMT
etag: "b7-5f7554e3e0dbf-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-markdown/css/conteneur-video-lancement.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 644 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-markdown/css/conteneur-video-lancement.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (2843), with no line terminators Hash6d8ee5ee44296dbca3e7db6e2eb02fcc c5c8a61c35ae546367cd9ae8defc1a625c40c2f3 2fd56a1b6779a5bffa61cb6579701fa6e7dd93ee40804d4a0c37d85e9406f4d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-markdown/css/conteneur-video-lancement.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 644
server: Apache
last-modified: Thu, 21 Sep 2023 19:57:20 GMT
etag: "b1b-605e3e6511d9a-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-markdown/css/image-avec-infobulles.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 1.4 kB |
URL GET HTTP/23.98.254.20/user/plugins/druide-markdown/css/image-avec-infobulles.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (5425), with no line terminators Hashea095a6691a01efccbd11a28e5ae675c 3babdaf4d784d5492e17e8df42e61055402527c4 a986b03f9c51d11b5a9e87798a3612b3c8358de49ce48b54b5cf40f085ac9a0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-markdown/css/image-avec-infobulles.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 1376
server: Apache
last-modified: Mon, 20 Mar 2023 13:57:20 GMT
etag: "1531-5f7554e3e0dbf-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/css/page-accueil.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 8.6 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/css/page-accueil.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashed607354f41050667096539ed6c31883 39b698c7e4b528f18539cc2144a855b1504dd642 058572e998afde16d7578533bc28e48e60c085e0d51153af135ada3bcf944f19
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/css/page-accueil.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 8600
server: Apache
last-modified: Thu, 04 Apr 2024 16:28:43 GMT
etag: "131d8-61547d52a25ec-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-markdown/css/section-a-devoiler.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 662 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-markdown/css/section-a-devoiler.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (3357), with no line terminators Hash2cf948bf0f70fb2dddc1276fa4554122 e67735bf2df8210bbb91a04e7e222001836483f6 508d62be4658a7ee636aaae943f250a8859283133f925e6472c3446119097925
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-markdown/css/section-a-devoiler.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 662
server: Apache
last-modified: Tue, 12 Mar 2024 20:21:56 GMT
etag: "d1d-6137c68db8401-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-appel-horaire-fermeture-salc/css/message-fermeture.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 215 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-appel-horaire-fermeture-salc/css/message-fermeture.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
Hash2aff0e4992b664f8be5ddec0ac63e972 d79943efdac62b62283269453657e59a185ee416 c78740f7195ea69d5886851f6951d7906637f8e891747cccaf3732185f51e7d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-appel-horaire-fermeture-salc/css/message-fermeture.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 215
server: Apache
last-modified: Fri, 16 Dec 2022 16:41:58 GMT
etag: "177-5eff4a5ee690e-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/shortcode-owl-carousel/css/owl.carousel.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 951 B |
URL GET HTTP/23.98.254.20/user/plugins/shortcode-owl-carousel/css/owl.carousel.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (2854) Hashe0422f812aba45254cf47f9a3c96504c e009863352e7e464712dd23e6160d2318333a1da ca6300d7f9068654315e7d2af431731d1b77548635121ec125c11f33723cf1ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/shortcode-owl-carousel/css/owl.carousel.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 951
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "bc3-5a1e0cfdce834-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/shortcode-owl-carousel/css/shortcode.owl.carousel.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 324 B |
URL GET HTTP/23.98.254.20/user/plugins/shortcode-owl-carousel/css/shortcode.owl.carousel.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
Hashcc2821e71f7b584f5ece3778becf58db 7d7e0da7a56aae15ee140a636c6b87afed1f25f6 2c7091abd0baff627a53c5696f1b3833d335e18296942a83810ffcdbe3470ab9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/shortcode-owl-carousel/css/shortcode.owl.carousel.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 324
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "406-5a1e0cfdce834-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-markdown/css/volet.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 626 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-markdown/css/volet.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (2323), with no line terminators Hash78948c5b915232a6a9c6c4f65073c224 95ba8e8c39eb786e43339a88d1ed41acd4b86552 af813d8e447d197fb032a9b3a13b6cc7f3187e9b4a31d1d5ba8caddc7c1e8193
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-markdown/css/volet.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 626
server: Apache
last-modified: Mon, 20 Mar 2023 13:57:20 GMT
etag: "913-5f7554e3e0dbf-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/librairies/countUp.umd.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 2.5 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/librairies/countUp.umd.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashf7c8879e39c4e4372e70e3d0e568e9d3 379a850a7ff2207ba90a2212b48b0cd4feee42be e8c91e5ba5936f7f048edf42227a9e843ab8ab19f79a630cb483680e948b18e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/librairies/countUp.umd.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 2505
server: Apache
last-modified: Tue, 12 Apr 2022 13:34:19 GMT
etag: "2a7e-5dc751e3255ff-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-markdown/js/section-a-devoiler.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 592 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-markdown/js/section-a-devoiler.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash9670fd443d5be96a1decbc6f2af2a365 e09faad5276dba714bb4e904d0d48203f9a5bed1 763f2f0cf5eba0fd29cac27ef893d9f065181c308b49fa8e3751bdd63270090f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-markdown/js/section-a-devoiler.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 592
server: Apache
last-modified: Tue, 30 May 2023 14:31:56 GMT
etag: "782-5fcea10b44800-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/page-accueil.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 505 B |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/page-accueil.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hashf8748999c2396e64348c8b12487dbee1 fc71a58e2b66fbb062be613abd9afb3365e785a4 63eb508d2c9afeb8f089e5bfc40782f13c171e2429fc4e6d4f72a42a826f1f3a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/page-accueil.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 505
server: Apache
last-modified: Mon, 16 May 2022 14:29:08 GMT
etag: "4ef-5df21d8d885a6-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/librairies/clamp.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 2.8 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/librairies/clamp.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hashee972ae9e0e5b58452d8ed4069511051 1f1f7495134bd31ddb0098132fd7093c0deb89ee 7a998bf15ddda5c954d1f726bd5f7cacc4880ca1b5675ec28189858ff37e9be1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/librairies/clamp.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 2777
server: Apache
last-modified: Wed, 22 Jun 2022 19:44:13 GMT
etag: "258b-5e20e8fd0cb2c-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/a/5/a/6/b/a5a6b6420c31ca091ae0270c026a2e75ff936554-dictionnaires-en.png | 3.98.254.20 | 200 OK | 25 kB |
URL GET HTTP/23.98.254.20/images/a/5/a/6/b/a5a6b6420c31ca091ae0270c026a2e75ff936554-dictionnaires-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 850 x 546, 8-bit colormap, non-interlaced Hashe5cd3d58658c77a52fc2c1844a371f81 6c01329bdf4aa1593a0b56111b4dd52d76a34ca4 607189920389e77c5569cd7b097639f43053eda5d2a9c7c882dfa514aba44183
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/a/5/a/6/b/a5a6b6420c31ca091ae0270c026a2e75ff936554-dictionnaires-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 24570
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:26 GMT
etag: "5ffa-616c9acfa8179"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-video/js/druide-video.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 365 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-video/js/druide-video.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash7719059ed8e0f46df62cc0933d398335 e059e3e699c79df0433f3b3c02a08c888fa23a47 77649bffb58e1f002c53e98aca52badffc0e72971b48bab1ef0f2e5bb6b1c64b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-video/js/druide-video.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 365
server: Apache
last-modified: Mon, 06 Feb 2023 18:29:57 GMT
etag: "2d8-5f40c37d4c71f-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/general.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 6.3 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/general.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hasha32488af0f8f41e369fd7451ecab8d87 ef04ee943ac757d622093f40d178a77a84cb766e e7206f81554ed4087be805803fe348fda255118c3c93082af177a831a8ea8c3c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/general.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 6291
server: Apache
last-modified: Tue, 02 Apr 2024 18:37:33 GMT
etag: "5338-61521663c8155-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/shortcode-owl-carousel/js/owl.carousel.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 11 kB |
URL GET HTTP/23.98.254.20/user/plugins/shortcode-owl-carousel/js/owl.carousel.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32012) Hash6473747d818f47587036ccde48050d82 75560ff8e721a6344a927f369debcf80004c9d24 63c97e11ea143afafc4aa123fe04f28c16fc0aa86dac0e8653d3f8c81fb8d5c1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/shortcode-owl-carousel/js/owl.carousel.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 10975
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "a766-5a1e0cfdcf7d4-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-formulaire-test/js/druide-formulaire-test.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 183 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-formulaire-test/js/druide-formulaire-test.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash5283ecffa9f22ebebcf26b4231556c67 6e85950b55e46513650ec535e0decc4106318783 8a4d0703aacb8aa9d6e989b25128c5e25ed4e7134b06f96bbb32fbbdaa18cbc1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-formulaire-test/js/druide-formulaire-test.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 183
server: Apache
last-modified: Mon, 31 May 2021 16:39:22 GMT
etag: "133-5c3a2de1dc98b-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/librairies/tippy-bundle.umd.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 8.6 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/librairies/tippy-bundle.umd.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (25667) Hashbce60cf7abdb60a0ca342bd83df95590 9569ca1889db197f1bd14d69b79ca16b059d25b2 06cdba570717262c6e2eb49cb5037a3eb73bba22b9232b172992ed5bfb681add
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/librairies/tippy-bundle.umd.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 8605
server: Apache
last-modified: Tue, 12 Apr 2022 13:34:19 GMT
etag: "648c-5dc751e32659f-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-temoins-navigation/js/librairies/iframemanager.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 2.8 kB |
URL GET HTTP/23.98.254.20/user/plugins/druide-temoins-navigation/js/librairies/iframemanager.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (5638) Hashcce468b07cd6542a5d2f026127d22d86 e617bafc06ededddaf972a9c271eb4e203f584c2 93a7d3b98ff76903c84f781c8f695e1851246cfd3e9788f838084be281e5b63c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-temoins-navigation/js/librairies/iframemanager.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 2846
server: Apache
last-modified: Thu, 21 Sep 2023 19:57:20 GMT
etag: "165e-605e3e6512d39-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-markdown/js/image-avec-infobulles.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 1.9 kB |
URL GET HTTP/23.98.254.20/user/plugins/druide-markdown/js/image-avec-infobulles.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash4455bf84209551d5f45ae2bc62651967 a1d7dd7fe0653bb1b319298f1b6630541d7adb27 a9374e5753b5cf7ad45f0c0115d3bc2ed826423a6c3b432046d1ad4590360ef2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-markdown/js/image-avec-infobulles.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 1931
server: Apache
last-modified: Mon, 20 Mar 2023 13:57:20 GMT
etag: "218b-5f7554e3e1d5f-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/librairies/popper.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 7.2 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/librairies/popper.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19678) Hash463674fdc53d47f39734db21c4c8b357 67ee426eda84c61059869264f53bfa3672d5e849 5e153110525d09cc0d40b28c8eb11278ae52eebbb9cfadcae0509b3009597606
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/librairies/popper.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 7228
server: Apache
last-modified: Tue, 12 Apr 2022 13:34:19 GMT
etag: "4d50-5dc751e32659f-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/librairies/modernizr.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 988 B |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/librairies/modernizr.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1886) Hash2042aec8d62df7a12a5f537ff2a2bfbe 0831923af50b55610fcf7b090d32e7dd2ada4e4d 95649d81d156797cb222ba4032dde05524d387aa4165af8efb322381d0dc50f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/librairies/modernizr.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 988
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "7ce-5a1e0cfdecc90-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-markdown/js/youtube.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 515 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-markdown/js/youtube.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashf9802ff15227b8ef9913278334c421bb e95b7c7f4024c6e9ea22dbced2be5121fed6fc6a 24b623f81d476c6ac623588f6f2a78c31f6762763a9acd9a760eb202de982773
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-markdown/js/youtube.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 515
server: Apache
last-modified: Thu, 21 Sep 2023 19:57:20 GMT
etag: "443-605e3e6511d9a-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/4/6/5/b/8/465b8f1ee0d4c4faeced8814c1005a2fda701ab8-portable-antidote-10.png | 3.98.254.20 | 200 OK | 14 kB |
URL GET HTTP/23.98.254.20/images/4/6/5/b/8/465b8f1ee0d4c4faeced8814c1005a2fda701ab8-portable-antidote-10.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 366 x 206, 8-bit colormap, non-interlaced Hash31042857f10cab841666d33155526161 d74795a5ec95e7e9d1001e0fe1836f3342e371ee fbaaf5f831e80bae63f8c60b79ad6505d2c64cf786470ee30b9bc5be3f7e9346
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/4/6/5/b/8/465b8f1ee0d4c4faeced8814c1005a2fda701ab8-portable-antidote-10.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 14418
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:36 GMT
etag: "3852-616c9ad98869e"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/c/5/3/0/d/c530dfa34ebfd7c569d3989f1f2754555c97a130-appareils-amo-en.png | 3.98.254.20 | 200 OK | 16 kB |
URL GET HTTP/23.98.254.20/images/c/5/3/0/d/c530dfa34ebfd7c569d3989f1f2754555c97a130-appareils-amo-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 383 x 213, 8-bit colormap, non-interlaced Hash79ef39b86e5396e1ea41fc495c2783b1 65f53e910433fe823110fa773f91b06668dc9934 0550bf749ad1cdb9337368a30adc5c6dd49fddd34fca61f75e9f96a58a027805
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/c/5/3/0/d/c530dfa34ebfd7c569d3989f1f2754555c97a130-appareils-amo-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 15752
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:39 GMT
etag: "3d88-616c9adc1c91f"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/d/f/e/4/9/dfe494c1914e868725161115a9a187ce55327d81-fenetres-antidote-web-en.png | 3.98.254.20 | 200 OK | 13 kB |
URL GET HTTP/23.98.254.20/images/d/f/e/4/9/dfe494c1914e868725161115a9a187ce55327d81-fenetres-antidote-web-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 366 x 229, 8-bit colormap, non-interlaced Hash753879b3d5f886eae0d7aa6c6529f189 3f9a56f4a3cdfed69ae5c629427aae78c52f222a 74d592d72cd64d58271efd133061298a4596526dd2d66464f9947cbe0675bb57
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/d/f/e/4/9/dfe494c1914e868725161115a9a187ce55327d81-fenetres-antidote-web-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 13444
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:37 GMT
etag: "3484-616c9ada18f1e"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/b/f/a/6/1/bfa61907bcede264d0400250bcfa3f30b968ec87-correcteur-en.png | 3.98.254.20 | 200 OK | 28 kB |
URL GET HTTP/23.98.254.20/images/b/f/a/6/1/bfa61907bcede264d0400250bcfa3f30b968ec87-correcteur-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 850 x 546, 8-bit colormap, non-interlaced Hashbfc273f74fdcbf907b37d76f3e7d510d b42c49d3ae5232f82b5ac346a3b6b8a73c804186 c586b83f4b6f62d9ba4d4ac4d0ae52035f85a29fe953b638111bd86125025efa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/b/f/a/6/1/bfa61907bcede264d0400250bcfa3f30b968ec87-correcteur-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 27504
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:24 GMT
etag: "6b70-616c9acdb60b9"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/5/3/2/9/7/53297abcd3db10156c9f66d06deedbc04fe06936-fiole.png | 3.98.254.20 | 200 OK | 42 kB |
URL GET HTTP/23.98.254.20/images/5/3/2/9/7/53297abcd3db10156c9f66d06deedbc04fe06936-fiole.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 374 x 576, 8-bit colormap, non-interlaced Hash93299e1b09898ded770894a9bf415606 64ed9f36069927ed211da2e31cdcae83d3f4e509 372102cdd3b873a6b5b2708d3c235fb32c842b4ed47b2aeed8210130c9e704ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/5/3/2/9/7/53297abcd3db10156c9f66d06deedbc04fe06936-fiole.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 41599
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:17 GMT
etag: "a27f-616c9ac6c0cb7"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/9/8/e/b/6/98eb66c32a7feab3c28135ca0b864d1400786a82-logo-harvard-en.png | 3.98.254.20 | 200 OK | 4.5 kB |
URL GET HTTP/23.98.254.20/images/9/8/e/b/6/98eb66c32a7feab3c28135ca0b864d1400786a82-logo-harvard-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 229 x 58, 8-bit colormap, non-interlaced Hashbc37bc28776e4827fbf8f589f35bc637 eeb81f9859c5ddc2e7730f328f69ed07d986afcf 6e23117c19550bd107dcc95a26769efabdb2377e49e50c3a7e9f4ca08a760857
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/9/8/e/b/6/98eb66c32a7feab3c28135ca0b864d1400786a82-logo-harvard-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 4502
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:43 GMT
etag: "1196-616c9adfada81"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-shortcodes-antidote/js/conteneur-video-lancement.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 928 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-shortcodes-antidote/js/conteneur-video-lancement.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash17d62dea74bdcb11da13cb771027b04d 9c1896fd85cf4a7901702f208c098fee9e168563 cc38c1a26629209e41624a884706eb810b88bcc02d5fcedc33eca24632ec99ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-shortcodes-antidote/js/conteneur-video-lancement.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 928
server: Apache
last-modified: Thu, 21 Sep 2023 19:57:20 GMT
etag: "a70-605e3e6511d9a-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/librairies/scroll-restoration-polyfill.browser.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 378 B |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/librairies/scroll-restoration-polyfill.browser.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (693) Hashd396f12b9352826906c20807c2bd4abb b676b5d319ca0f6216df8f0ac26dd5e933630950 6de2a9426aae627ea3633df42572ecf9932c0e9e7b4c71ae36d9ce7bef2d165e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/librairies/scroll-restoration-polyfill.browser.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 378
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "310-5a1e0cfdf786e-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/2/c/a/a/2/2caa20860102337c84b827086b32fd2d4235cfaf-logo-arizona-state-university-en.png | 3.98.254.20 | 200 OK | 4.1 kB |
URL GET HTTP/23.98.254.20/images/2/c/a/a/2/2caa20860102337c84b827086b32fd2d4235cfaf-logo-arizona-state-university-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 232 x 43, 8-bit colormap, non-interlaced Hash0a7283ae389320edc58d8e416cf2865b 6a8198aea5d0b971288ad1cfc9015e75d3f84c23 24650a5e4ba95a5c46847fa4d5424876828e54de8f35b7fd6f2e952de6729288
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/2/c/a/a/2/2caa20860102337c84b827086b32fd2d4235cfaf-logo-arizona-state-university-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 4062
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:44 GMT
etag: "fde-616c9ae0605e2"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-matomo/js/druide-matomo.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 749 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-matomo/js/druide-matomo.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hashc9bd8796c95b88f99e2c9f6f3af01675 37e7706bb7378e9477c9bd8fc2140c77c4d78fca 1528cc78d20335a9496277f6a9e7c9505a79d5cb2a7bfa78fb7c4f5e89c7f77c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-matomo/js/druide-matomo.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 749
server: Apache
last-modified: Thu, 21 Sep 2023 19:57:20 GMT
etag: "980-605e3e6511d9a-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/librairies/basic-scroll.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 6.2 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/librairies/basic-scroll.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (18522), with no line terminators Hash550c1d1479e5cbe91c660365d4e5936a 4682f6673d1cead18fc919528070984b58ba35b9 ee0eba4df94ab48294bd3c3e613f8082bc9d569baa6981a4c0d0d0af1a497615
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/librairies/basic-scroll.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 6170
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "485a-5a1e0cfdebcf0-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/3/6/0/7/b/3607b1f36bc678b4ac36909366c05468ed6990e0-guides-en.png | 3.98.254.20 | 200 OK | 25 kB |
URL GET HTTP/23.98.254.20/images/3/6/0/7/b/3607b1f36bc678b4ac36909366c05468ed6990e0-guides-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 850 x 546, 8-bit colormap, non-interlaced Hash7f2b93a6eb04d2b4ace557c547c1594e 3f7e4787fba40a0b8a540aa7fd3b34ab7da40a9c 3c4e078627ec2dad582deea79b6e4ab70319f87e26058f017378c7697cea9a56
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/3/6/0/7/b/3607b1f36bc678b4ac36909366c05468ed6990e0-guides-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 25426
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:27 GMT
etag: "6352-616c9ad0aae1a"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/form/assets/form-styles.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 1.4 kB |
URL GET HTTP/23.98.254.20/user/plugins/form/assets/form-styles.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (4285) Hashf611a243b821e8963e3981acdd5077b3 389c991a51a2d2ed728f62cee7372c7e9704f4cb f3e7759814b7154f340e849790a3de2d4b72e8af6c1240f0e95157c2abde8f88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/form/assets/form-styles.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 1374
server: Apache
last-modified: Tue, 20 Jun 2023 19:17:58 GMT
etag: "10c3-5fe948254c62a-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/jquery.ui.menuflottant.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 2.4 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/jquery.ui.menuflottant.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash9bc89dc7e9aed369093f39f20a6eacad be7f0cb188c102b8e69a8f100ff5f8ee1c606d40 8fef001e0c5e0feb7eb6b87ce2ef2ad2bf73e4e84509fae456a8a68c009aa9b3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/jquery.ui.menuflottant.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 2360
server: Apache
last-modified: Wed, 19 May 2021 18:21:24 GMT
etag: "2643-5c2b2e4f24dd2-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/c/5/0/0/6/c50063e0d9e13a077b86e843e0e5a607e6d85c05-badge-25-years-en.png | 3.98.254.20 | 200 OK | 8.7 kB |
URL GET HTTP/23.98.254.20/images/c/5/0/0/6/c50063e0d9e13a077b86e843e0e5a607e6d85c05-badge-25-years-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 178 x 178, 8-bit colormap, non-interlaced Hashc862ab5e2afaa434a7ed4796a79d4f61 58b1a5fb94f874febc0824b0f1adbe942404b7d9 0966bb46ceb4b927d1b5584fda366b803d0090c6958bda36c25b1b29f358c17d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/c/5/0/0/6/c50063e0d9e13a077b86e843e0e5a607e6d85c05-badge-25-years-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 8716
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:17 GMT
etag: "220c-616c9ac712d37"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/4/b/2/2/9/4b2299eed3ce3e5cf050af8ab230c0dab59cff43-badge-watch-event-en.png | 3.98.254.20 | 200 OK | 7.1 kB |
URL GET HTTP/23.98.254.20/images/4/b/2/2/9/4b2299eed3ce3e5cf050af8ab230c0dab59cff43-badge-watch-event-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 178 x 178, 8-bit colormap, non-interlaced Hash18269c17ec6afa2515ef8916cae6de53 03066e8a54da7ce7906eeebc9587ab59cdb2ee3c e7131281cd766758e899036700cabede352f4b64e348511b9b01bc7cc7d6bb8c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/4/b/2/2/9/4b2299eed3ce3e5cf050af8ab230c0dab59cff43-badge-watch-event-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 7051
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:20 GMT
etag: "1b8b-616c9ac988b58"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/images/fermer-arrondi.svg | 3.98.254.20 | 200 OK | 1.6 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/images/fermer-arrondi.svg IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash82e467715725b5d83bbe3d8a87decf50 0eccad1a13cf073bd7464d9e22d4f3429ed0aa21 2d0c653a7723075f3ad77cc8d90a1b08e003997f349a9fbc61386a6e944b7698
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/images/fermer-arrondi.svg HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/svg+xml
content-length: 1566
server: Apache
last-modified: Tue, 19 Oct 2021 13:06:05 GMT
etag: "61e-5ceb45300e29d"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 28 Apr 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/5/9/2/d/f/592df70c2f5bfc8cdfb2beead4a5df0d1cda2ebc-logo-kpmg-en.png | 3.98.254.20 | 200 OK | 2.3 kB |
URL GET HTTP/23.98.254.20/images/5/9/2/d/f/592df70c2f5bfc8cdfb2beead4a5df0d1cda2ebc-logo-kpmg-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 140 x 54, 8-bit colormap, non-interlaced Hash62ea2594548a2fbbc4deccebdd45fcd7 4abaa54d38f71797902976b1f0a532e4aa9c845b 25304da3be706c7f4afbb4d3f53ff1eaa6c71dbaa5d329208cd6f5f21e29a924
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/5/9/2/d/f/592df70c2f5bfc8cdfb2beead4a5df0d1cda2ebc-logo-kpmg-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 2259
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:43 GMT
etag: "8d3-616c9ae004922"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/config/plugins/druide-temoins-navigation/config-druide-temoins-navigation.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 3.9 kB |
URL GET HTTP/23.98.254.20/user/config/plugins/druide-temoins-navigation/config-druide-temoins-navigation.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (411) Hash93d38a0b23e237f39ddafedadf423b2e d2fe0f9e8174920231f340fbc25b4386d5bd82ab bc0de3c304fafdecd7fbd007ee8fd4efb122333f11f2af32e859bd25b8793011
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/config/plugins/druide-temoins-navigation/config-druide-temoins-navigation.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 3904
server: Apache
last-modified: Thu, 21 Sep 2023 19:57:20 GMT
etag: "55c2-605e3e650fe5a-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-temoins-navigation/js/marqueur-nouvelle-session.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 83 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-temoins-navigation/js/marqueur-nouvelle-session.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashcd519bc5e44bb3ce592feafd7a159f65 651ad73ad9e5c694f6a0717b025cc43315251c0b 6dbaa7210ca294b82f070d998bfb4ede50d6286a9555850be49820e9b2ddd445
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-temoins-navigation/js/marqueur-nouvelle-session.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 83
server: Apache
last-modified: Thu, 21 Sep 2023 19:57:20 GMT
etag: "48-605e3e6512d39-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-markdown/css/groupe-images.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 139 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-markdown/css/groupe-images.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashf7c0edab339067bc075eb43049c27ae3 980425decb460c8ad5373f114bf4a183e23dee00 adf4deb1d30968a49dc617180db375b514b80fa09dced6b49705eadc8eae147e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-markdown/css/groupe-images.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 139
server: Apache
last-modified: Mon, 20 Mar 2023 13:57:20 GMT
etag: "df-5f7554e3e0dbf-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/shortcode-owl-carousel/css/owl.theme.default.min.css?g-64abb6d6 | 3.98.254.20 | 200 OK | 479 B |
URL GET HTTP/23.98.254.20/user/plugins/shortcode-owl-carousel/css/owl.theme.default.min.css?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (846) Hash03d666e0fa14a395029971d586e3a785 653f4b6cd316f0ea08ff39b1183f20c4b3e8f2eb b3aa6f4f3ac99330dd993d392ebd1c259a355a283d9b9002f0897adee725df55
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/shortcode-owl-carousel/css/owl.theme.default.min.css?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/css
content-length: 479
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "3eb-5a1e0cfdce834-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-temoins-navigation/js/librairies/cookieconsent.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 6.6 kB |
URL GET HTTP/23.98.254.20/user/plugins/druide-temoins-navigation/js/librairies/cookieconsent.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (18063) Hash96b31e78159c6f270a78898324c30287 ccb53216a54ea81c9be495155927e03db6407d51 85e254496474a23adf0e3000a780a2231b010e96351d83bbbd9358c50434965c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-temoins-navigation/js/librairies/cookieconsent.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 6592
server: Apache
last-modified: Thu, 21 Sep 2023 19:57:20 GMT
etag: "4718-605e3e6512d39-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/librairies/detect.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 756 B |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/librairies/detect.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
Hash556d3545efe363f30c8e24ec642258c8 0f887547cdeca88066cd330fae25120195c4525f e66db4af239f05ceef09eba9bd1cb9a83616327413660ddf6cbaaa13fe76118f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/librairies/detect.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 756
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "ea1-5a1e0cfdebcf0-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/druide-markdown/js/volet.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 405 B |
URL GET HTTP/23.98.254.20/user/plugins/druide-markdown/js/volet.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash9af5b1a630aaa5bb153b42bde363c188 e2374142c958076fb78d73c7a8595f5f01c63689 0086bb2b7211b9590067c9b44fbae57746e194436e2507b160df24874da0d729
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/druide-markdown/js/volet.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 405
server: Apache
last-modified: Mon, 20 Mar 2023 13:57:20 GMT
etag: "428-5f7554e3e1d5f-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/system/assets/jquery/jquery-3.x.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 31 kB |
URL GET HTTP/23.98.254.20/system/assets/jquery/jquery-3.x.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash641dd14370106e992d352166f5a07e99 eda46747c71d38a880bee44f9a439c3858bb8f99 a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /system/assets/jquery/jquery-3.x.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 31043
server: Apache
last-modified: Wed, 06 Mar 2024 19:45:46 GMT
etag: "15ec3-613033478fdd2-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/plugins/anchors/js/anchor.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 2.6 kB |
URL GET HTTP/23.98.254.20/user/plugins/anchors/js/anchor.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (5676) Hasha58f4bdbf86e8ae057af9131b5b1bcfd f51be2f0039e8c8062255efa7a798a4f0ea41470 d16319f4f1786f685317ae84825bfff47e55c24ea59ce1b801b982271a3de964
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/plugins/anchors/js/anchor.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 2620
server: Apache
last-modified: Tue, 24 May 2022 20:46:46 GMT
etag: "1778-5dfc80e1a74e1-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/js/librairies/jquery-ui.min.js?g-64abb6d6 | 3.98.254.20 | 200 OK | 13 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/js/librairies/jquery-ui.min.js?g-64abb6d6 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (37497) Hashf98823a4297f574cf6513ec2b1725580 5da10e65a8c6f21da18520c1728176570110e635 43aca28602c7d36b5372ba41936214c8bd826ad595cdd300793ef28ae409db99
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/js/librairies/jquery-ui.min.js?g-64abb6d6 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/javascript
content-length: 13011
server: Apache
last-modified: Tue, 25 Jul 2023 14:16:03 GMT
etag: "9370-601505f038e16-gzip"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/a/a/a/1/b/aaa1ba356b33582f5d10bdde7097fd4e16161700-fiole-fr.png | 3.98.254.20 | 200 OK | 22 kB |
URL GET HTTP/23.98.254.20/images/a/a/a/1/b/aaa1ba356b33582f5d10bdde7097fd4e16161700-fiole-fr.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 313 x 392, 8-bit colormap, non-interlaced Hash1e70748e11d3e92571ca72acd5024a5f 45cfdc9fe2e8f4088b0232d9082feea561486881 6a722cd4f3a08415a0dbd7cff4cc7b67840be4c44b5323637f76d20a485a3119
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/a/a/a/1/b/aaa1ba356b33582f5d10bdde7097fd4e16161700-fiole-fr.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 21634
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:42 GMT
etag: "5482-616c9aded8c41"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/6/7/3/e/3/673e3eee36a37ab69413806769bb39eba7f14e72-logo-siemens-en.png | 3.98.254.20 | 200 OK | 1.8 kB |
URL GET HTTP/23.98.254.20/images/6/7/3/e/3/673e3eee36a37ab69413806769bb39eba7f14e72-logo-siemens-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 197 x 32, 8-bit colormap, non-interlaced Hashe73d1c922d1ff4ceaf095c3c88c14091 bbfdf40593f35dca1a0338def173eca387f524c5 12800f8a176bd1926d613383576931502e2babf516c3d5f59b5cff2acbb59bd5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/6/7/3/e/3/673e3eee36a37ab69413806769bb39eba7f14e72-logo-siemens-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 1797
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:44 GMT
etag: "705-616c9ae06c162"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/d/5/b/1/e/d5b1eeca5f2a5abc81f37a933ad8946b7baefd03-fiole.png | 3.98.254.20 | 200 OK | 12 kB |
URL GET HTTP/23.98.254.20/images/d/5/b/1/e/d5b1eeca5f2a5abc81f37a933ad8946b7baefd03-fiole.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 172 x 266, 8-bit colormap, non-interlaced Hash6e293bb540fdad840ecf80ddf72ba0db e7febcace9194e650fc06c29e00334abd9805d0d 1af4237c2b1ee9cc4863fa1839884f47c008426b176018978b9d603a03d0c3f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/d/5/b/1/e/d5b1eeca5f2a5abc81f37a933ad8946b7baefd03-fiole.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 12529
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:55 GMT
etag: "30f1-616c9aeac198a"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/images/pied-page/icone-facebook-pied-page-normal.svg | 3.98.254.20 | 200 OK | 749 B |
URL GET HTTP/23.98.254.20/user/themes/antidote/images/pied-page/icone-facebook-pied-page-normal.svg IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha328e156810fed5beaf3cf9fea535a14 4d0b776bc3c1df372420a4f384c63097bb8698aa 5c26b04afa9038cc51fc6468922c18beb1db7504aeaeaa00d470a7c504af740f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/images/pied-page/icone-facebook-pied-page-normal.svg HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/svg+xml
content-length: 749
server: Apache
last-modified: Tue, 12 Apr 2022 13:34:19 GMT
etag: "2ed-5dc751e3255ff"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 28 Apr 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/images/pied-page/icone-rss-pied-page-normal.svg | 3.98.254.20 | 200 OK | 1.2 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/images/pied-page/icone-rss-pied-page-normal.svg IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashd0a1e8d8b6928533412bfb8acdcd5994 3e6c47d08578b66b2eb5a7e5153f669945800a46 d7777ee69b777cac7e53fa1b466144601028f8e0c04f54ad41be65ee5f3d9ca4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/images/pied-page/icone-rss-pied-page-normal.svg HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/svg+xml
content-length: 1238
server: Apache
last-modified: Tue, 12 Apr 2022 13:34:19 GMT
etag: "4d6-5dc751e3255ff"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 28 Apr 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/images/logo-druide.svg | 3.98.254.20 | 200 OK | 9.9 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/images/logo-druide.svg IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash1114ccd5edc2ba17b67a7d2a0d735adf 5992d5ce17f1cfd60f47aa8c0165cd475b8c780c 83be07a850af2d2ace5b00028b408c3e4d44b6a248d8d1299956c7cd1d31c091
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/images/logo-druide.svg HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/svg+xml
content-length: 9942
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "26d6-5a1e0cfde20b1"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 28 Apr 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/pages/01.accueil/05._produits-antidote/sigle-aplus.png | 3.98.254.20 | 200 OK | 11 kB |
URL GET HTTP/23.98.254.20/user/pages/01.accueil/05._produits-antidote/sigle-aplus.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 231 x 191, 8-bit/color RGBA, non-interlaced Hash300c01f55e9f59fc245a06697331e299 eb7677a278c0ab50fdb86bb7884fdbd68866c790 82951e945463a8a6c8b4d911ad8e9f94b7d6e167fe075646241c0b4778542aca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/pages/01.accueil/05._produits-antidote/sigle-aplus.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 11207
server: Apache
last-modified: Tue, 19 Oct 2021 16:15:09 GMT
etag: "2bc7-5ceb6f725a482"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/a/0/b/f/1/a0bf1fc8072b7c898ac6d86ea04864d846430ad0-logo-aon-en.png | 3.98.254.20 | 200 OK | 2.0 kB |
URL GET HTTP/23.98.254.20/images/a/0/b/f/1/a0bf1fc8072b7c898ac6d86ea04864d846430ad0-logo-aon-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 126 x 54, 8-bit colormap, non-interlaced Hash5a54f139b5fba10a1d89b1736080ef93 4f30acb7c723af2f125f6dc1d829a2a2e309d07d 73cf4d0bebc58889d360e40166ac3b322c2979d10015da06647f6cab3daf8aa8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/a/0/b/f/1/a0bf1fc8072b7c898ac6d86ea04864d846430ad0-logo-aon-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 1974
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:43 GMT
etag: "7b6-616c9ae030842"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/b/0/b/f/0/b0bf04e5f30d8aaa766d4e17fe285e4d95e69bbe-logo-galderma-en.png | 3.98.254.20 | 200 OK | 2.6 kB |
URL GET HTTP/23.98.254.20/images/b/0/b/f/0/b0bf04e5f30d8aaa766d4e17fe285e4d95e69bbe-logo-galderma-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 279 x 30, 8-bit colormap, non-interlaced Hash3765dda1d10854ccd95c79dbf4ac07d9 04d82155bbc48d7cd33796df4d43cc686f41b5a2 2beec2de7c0748deab0d557ca85f3e0cd404aabbf15dea7691d5ebbb44b8ebaa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/b/0/b/f/0/b0bf04e5f30d8aaa766d4e17fe285e4d95e69bbe-logo-galderma-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 2568
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:43 GMT
etag: "a08-616c9adf53d01"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/images/8/7/8/6/f/8786fad5bfaad1aef6e55cd758c2dbe79c14b1dd-logo-brown-en.png | 3.98.254.20 | 200 OK | 3.8 kB |
URL GET HTTP/23.98.254.20/images/8/7/8/6/f/8786fad5bfaad1aef6e55cd758c2dbe79c14b1dd-logo-brown-en.png IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 184 x 91, 8-bit colormap, non-interlaced Hash52358c0edc2f43a100e712bca1ee0518 2a274f0d5d5941b3cbd2f3bade813693db65506e 4374e7f57f38f57f85e302ab479b19bfd21bbc2249aa9b4bb25827e6c3a5686a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/8/7/8/6/f/8786fad5bfaad1aef6e55cd758c2dbe79c14b1dd-logo-brown-en.png HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: image/png
content-length: 3839
server: Apache
last-modified: Tue, 23 Apr 2024 20:48:43 GMT
etag: "eff-616c9ae01cfc2"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| matomo.druide.com/js/container_rasryJ67.js | 35.182.212.241 | 200 OK | 32 kB |
URL GET HTTP/2matomo.druide.com/js/container_rasryJ67.js IP35.182.212.241:443
CertificateIssuerSectigo Limited Subjectmatomo.druide.com Fingerprint1B:97:16:52:D7:F5:8B:48:79:B1:A0:56:87:B8:05:64:A1:EA:01:8E ValidityFri, 02 Jun 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1601) Hashdf13ac2f74f73d703744277bd8d621d8 8bfbb0f9f56c20f5a590c38d945a6c2bcbf4f055 be3377c79361a890fc0fad5aacd950994e106fcf602a33560a781802bb02fa95
GET /js/container_rasryJ67.js HTTP/1.1
Host: matomo.druide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: text/javascript
content-length: 32086
server: Apache/2.4.57 (Debian)
last-modified: Fri, 26 Apr 2024 08:12:02 GMT
etag: "1a178-616fb755fe3b9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
set-cookie: AWSALBAPP-0=_remove_; Expires=Fri, 03 May 2024 08:36:01 GMT; Path=/
AWSALBAPP-1=_remove_; Expires=Fri, 03 May 2024 08:36:01 GMT; Path=/
AWSALBAPP-2=_remove_; Expires=Fri, 03 May 2024 08:36:01 GMT; Path=/
AWSALBAPP-3=_remove_; Expires=Fri, 03 May 2024 08:36:01 GMT; Path=/
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/images/logo-sigle.svg | 3.98.254.20 | 200 OK | 34 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/images/logo-sigle.svg IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashe174d6e4c906b424ca917566b17b0a4b 4f61653ccbf4272b954b0be2dfb3d4737b14adda 007e10d3a69eb45a9f269226951af27efa1409a16270890bfe0f4c9395dd9bcc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/images/logo-sigle.svg HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/base.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: image/svg+xml
content-length: 33687
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "8397-5a1e0cfde20b1"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/images/fond-accueil.jpg | 3.98.254.20 | 200 OK | 69 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/images/fond-accueil.jpg IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], progressive, precision 8, 1440x738, components 3 Hashb5cca46f50f7a335051b0801d4b9f00e 0893275a67e276c7ca54cb845a1465d71bd85f4c f82967839502ee4fc489defc598b135181e5333061df28d978f66c6ff216bfed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/images/fond-accueil.jpg HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/page-accueil.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: image/jpeg
content-length: 68633
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "10c19-5a1e0cfddc2f2"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/polices/sofia-pro/sofiapro-semibold.woff2 | 3.98.254.20 | 200 OK | 77 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/polices/sofia-pro/sofiapro-semibold.woff2 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 76864, version 3.0 Hash564db32370e4a40726d1ed44142499f0 734be800c05b13fd0134cba19589d1b82b83b662 e6cdd5e23e436e568ceb2766ac5d94ce9cbc5f0d8d881c850b5d9f9d07e75ddc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/polices/sofia-pro/sofiapro-semibold.woff2 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/base.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: application/x-font-woff2
content-length: 76864
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "12c40-5a1e0cfe033ed"
accept-ranges: bytes
cache-control: max-age=172800
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/images/logo-antidote-blanc.svg | 3.98.254.20 | 200 OK | 8.3 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/images/logo-antidote-blanc.svg IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashf26596d182b63dbcc1e8260408a3c175 69308a7926274590ab1fe984c1db344407e2c289 132d3e6151ed0f451ec9e79fa620f12e19d88611029f5ad208dc3ab34ff4f689
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/images/logo-antidote-blanc.svg HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/page-accueil.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: image/svg+xml
content-length: 8309
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "2075-5a1e0cfde20b1"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/images/fond-texte-souligne-blanc.svg | 3.98.254.20 | 200 OK | 281 B |
URL GET HTTP/23.98.254.20/user/themes/antidote/images/fond-texte-souligne-blanc.svg IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash66f6f136a33bfcf227436b97a5ec1c08 da9ba361d739ecde2a49b8b44c8535649a5613cc 862788009e65e4043e2dea55d2aa43dee42652938109d6bc161cb232e1b39efd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/images/fond-texte-souligne-blanc.svg HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/page-accueil.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: image/svg+xml
content-length: 281
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "119-5a1e0cfddf1d2"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/polices/sofia-pro/sofiapro-bold.woff2 | 3.98.254.20 | 200 OK | 48 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/polices/sofia-pro/sofiapro-bold.woff2 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48096, version 3.0 Hash943390f4fa94807f2d88b8c398e4422a 0065f1a45e4a45eb095eac88dce1a90e954ee494 616c5b0865d5d7dd282ef96a4ea98167e16ba56f73dc2ba38dfa6e71367febe8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/polices/sofia-pro/sofiapro-bold.woff2 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/base.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: application/x-font-woff2
content-length: 48096
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "bbe0-5a1e0cfdfc68e"
accept-ranges: bytes
cache-control: max-age=172800
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/polices/sofia-pro/sofiapro-medium.woff2 | 3.98.254.20 | 200 OK | 48 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/polices/sofia-pro/sofiapro-medium.woff2 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 47828, version 3.0 Hash8d9617b43b26243d0bb22591bca7b2b1 50c457d7b0882137a9b50f343e93c4815bc70912 7957e00b78a848d31718947b9d234af5ea899be45caf14932965480cbfa2f408
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/polices/sofia-pro/sofiapro-medium.woff2 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/base.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: application/x-font-woff2
content-length: 47828
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "bad4-5a1e0cfdff56d"
accept-ranges: bytes
cache-control: max-age=172800
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/images/fond-texte-souligne.svg | 3.98.254.20 | 200 OK | 268 B |
URL GET HTTP/23.98.254.20/user/themes/antidote/images/fond-texte-souligne.svg IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasheeaa97b355b921b59ef70530f4d42055 67d864d0f7378d56a9168b216cd25c7295f07736 86c0d106467cce11a7b77de562411302e30ee5065f6872819ec7ef740aa777b9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/images/fond-texte-souligne.svg HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/page-accueil.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: image/svg+xml
content-length: 268
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "10c-5a1e0cfddf1d2"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/polices/icones-antidote/icones-antidote-druide-202403.woff2 | 3.98.254.20 | 200 OK | 16 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/polices/icones-antidote/icones-antidote-druide-202403.woff2 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15688, version 1.0 Hashffe7b197ac0882a265f6bc27de2a7570 72660258dd68586ea946d2bfba1e45541081d85b e00f6889e7380b749e10cc3706a14a79a990d906a757994825109e85c4ad5046
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/polices/icones-antidote/icones-antidote-druide-202403.woff2 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/base.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: application/x-font-woff2
content-length: 15688
server: Apache
last-modified: Wed, 13 Mar 2024 20:25:00 GMT
etag: "3d48-6139091aa066c"
accept-ranges: bytes
cache-control: max-age=172800
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/polices/sofia-pro/sofiapro-regular.woff2 | 3.98.254.20 | 200 OK | 47 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/polices/sofia-pro/sofiapro-regular.woff2 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 47328, version 3.0 Hashf0d5dec8894289826d4d08622801772b 994935213f64ddf7bc989284e6c49d91a53576a4 274c8d069f52d6327d78c5698ed26ccf67ba5efddee97c1173800ebd35e14e89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/polices/sofia-pro/sofiapro-regular.woff2 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/base.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: application/x-font-woff2
content-length: 47328
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "b8e0-5a1e0cfe014ad"
accept-ranges: bytes
cache-control: max-age=172800
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/images/fond-ecoles@2x.jpg | 3.98.254.20 | 200 OK | 125 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/images/fond-ecoles@2x.jpg IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 846x784, components 3 Size125 kB (125379 bytes) Hash28be4add9853c9822d0c5d2791bf8aea f7b54bd4b8a76d93f4281148d5e2c44ef18e2fe9 f8c6b16585fa9d732c77e09621a772993ed537e4203e904721003a138754f3ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/images/fond-ecoles@2x.jpg HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/page-accueil.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: image/jpeg
content-length: 125379
server: Apache
last-modified: Thu, 12 Nov 2020 00:20:00 GMT
etag: "1e9c3-5b3dddf654e03"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/apple-touch-icon.png?v=alJ05eNddp | 3.98.254.20 | 200 OK | 28 kB |
URL GET HTTP/23.98.254.20/apple-touch-icon.png?v=alJ05eNddp IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typePNG image data, 180 x 180, 8-bit/color RGB, non-interlaced Hashfcf5c961a341d13b27ea67e85b957fba 054e0c5e922707a26487de810e1d6b9787b86445 74e95d7535b08bdb37da57e1d83788aa671db9ba1f7967f3c977f1f08dee079a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /apple-touch-icon.png?v=alJ05eNddp HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: image/png
content-length: 27781
server: Apache
last-modified: Tue, 12 Sep 2023 18:01:49 GMT
etag: "6c85-6052d3c9fee45"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 26 May 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/favicon.svg?v=alJ05eNddp | 3.98.254.20 | 200 OK | 369 kB |
URL GET HTTP/23.98.254.20/favicon.svg?v=alJ05eNddp IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size369 kB (368829 bytes) Hash42fb70e157f8fbf7e895f3071c56f1c9 73d2dc67ae43f2254553c3770952887ef3a186b8 414a2373258cd80df14703d963d2ab45bd6953248e2185545e8bf626eed2345c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.svg?v=alJ05eNddp HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/en/
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: image/svg+xml
content-length: 368829
server: Apache
last-modified: Tue, 12 Sep 2023 18:01:49 GMT
etag: "5a0bd-6052d3c9ffde5"
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3.98.254.20/user/themes/antidote/polices/sofia-pro/sofiapro-regularit.woff2 | 3.98.254.20 | 200 OK | 50 kB |
URL GET HTTP/23.98.254.20/user/themes/antidote/polices/sofia-pro/sofiapro-regularit.woff2 IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 49880, version 3.0 Hashf2b5dff24baba48baf8e2553aa963be9 5cb96b9033fef9c08c1f030bed665bd86bed8e01 fe28a3259d84bd0d689580bf6fb90f2829262d08d6df01497df0af01b17ed84d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /user/themes/antidote/polices/sofia-pro/sofiapro-regularit.woff2 HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/user/themes/antidote/css/base.min.css?g-64abb6d6
Cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:01 GMT
content-type: application/x-font-woff2
content-length: 49880
server: Apache
last-modified: Sat, 28 Mar 2020 02:16:55 GMT
etag: "c2d8-5a1e0cfe0244d"
accept-ranges: bytes
cache-control: max-age=172800
expires: Sun, 28 Apr 2024 08:36:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
vary: Origin
X-Firefox-Spdy: h2
|
|
| matomo.druide.com/matomo.php?action_name=Antidote%3A%20Corrector%2C%20Dictionaries%2C%20Guides&idsite=4&rec=1&r=114334&h=8&m=36&s=1&url=https%3A%2F%2F3.98.254.20%2Fen%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pf_net=0&pf_srv=412&pf_tfr=1&pf_dm1=97&pf_dm2=2942&pf_onl=1&pv_id=VAMstd&devicePixelRatio=1&new_visit=1&uadata=%7B%7D | 35.182.212.241 | 204 No Content | 0 B |
URL POST HTTP/2matomo.druide.com/matomo.php?action_name=Antidote%3A%20Corrector%2C%20Dictionaries%2C%20Guides&idsite=4&rec=1&r=114334&h=8&m=36&s=1&url=https%3A%2F%2F3.98.254.20%2Fen%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pf_net=0&pf_srv=412&pf_tfr=1&pf_dm1=97&pf_dm2=2942&pf_onl=1&pv_id=VAMstd&devicePixelRatio=1&new_visit=1&uadata=%7B%7D IP35.182.212.241:443
CertificateIssuerSectigo Limited Subjectmatomo.druide.com Fingerprint1B:97:16:52:D7:F5:8B:48:79:B1:A0:56:87:B8:05:64:A1:EA:01:8E ValidityFri, 02 Jun 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=Antidote%3A%20Corrector%2C%20Dictionaries%2C%20Guides&idsite=4&rec=1&r=114334&h=8&m=36&s=1&url=https%3A%2F%2F3.98.254.20%2Fen%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pf_net=0&pf_srv=412&pf_tfr=1&pf_dm1=97&pf_dm2=2942&pf_onl=1&pv_id=VAMstd&devicePixelRatio=1&new_visit=1&uadata=%7B%7D HTTP/1.1
Host: matomo.druide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://3.98.254.20
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 26 Apr 2024 08:36:01 GMT
server: Apache/2.4.57 (Debian)
x-powered-by: PHP/8.1.20
tk: N
access-control-allow-origin: https://3.98.254.20
access-control-allow-credentials: true
set-cookie: AWSALBAPP-0=_remove_; Expires=Fri, 03 May 2024 08:36:01 GMT; Path=/
AWSALBAPP-1=_remove_; Expires=Fri, 03 May 2024 08:36:01 GMT; Path=/
AWSALBAPP-2=_remove_; Expires=Fri, 03 May 2024 08:36:01 GMT; Path=/
AWSALBAPP-3=_remove_; Expires=Fri, 03 May 2024 08:36:01 GMT; Path=/
X-Firefox-Spdy: h2
|
|
| matomo.druide.com/matomo.php?ping=1&idsite=4&rec=1&r=609463&h=8&m=36&s=22&url=https%3A%2F%2F3.98.254.20%2Fen%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=VAMstd&uadata=%7B%7D | 35.182.212.241 | | 0 B |
URL matomo.druide.com/matomo.php?ping=1&idsite=4&rec=1&r=609463&h=8&m=36&s=22&url=https%3A%2F%2F3.98.254.20%2Fen%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=VAMstd&uadata=%7B%7D IP35.182.212.241:0
CertificateIssuerSectigo Limited Subjectmatomo.druide.com Fingerprint1B:97:16:52:D7:F5:8B:48:79:B1:A0:56:87:B8:05:64:A1:EA:01:8E ValidityFri, 02 Jun 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?ping=1&idsite=4&rec=1&r=609463&h=8&m=36&s=22&url=https%3A%2F%2F3.98.254.20%2Fen%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=VAMstd&uadata=%7B%7D HTTP/1.1
Host: matomo.druide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://3.98.254.20
DNT: 1
Connection: keep-alive
Referer: https://3.98.254.20/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 26 Apr 2024 08:36:22 GMT
server: Apache/2.4.57 (Debian)
x-powered-by: PHP/8.1.20
tk: N
access-control-allow-origin: https://3.98.254.20
access-control-allow-credentials: true
set-cookie: AWSALBAPP-0=_remove_; Expires=Fri, 03 May 2024 08:36:22 GMT; Path=/
AWSALBAPP-1=_remove_; Expires=Fri, 03 May 2024 08:36:22 GMT; Path=/
AWSALBAPP-2=_remove_; Expires=Fri, 03 May 2024 08:36:22 GMT; Path=/
AWSALBAPP-3=_remove_; Expires=Fri, 03 May 2024 08:36:22 GMT; Path=/
X-Firefox-Spdy: h2
|
|
| | 3.98.254.20 | 200 OK | 40 kB |
URL User Request GET HTTP/2IP3.98.254.20:443
CertificateIssuerSectigo Limited Subject*.druide.com FingerprintED:F8:ED:2F:07:EC:FF:B7:D0:0E:63:43:CF:FE:8B:1D:00:6C:91:9A ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /en/ HTTP/1.1
Host: 3.98.254.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:36:00 GMT
content-type: text/html; charset=utf-8
server: Apache
pragma: no-cache
access-control-allow-origin:
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, CONNECT
access-control-expose-headers: X-Test
cache-control: max-age=604800
expires: Fri, 03 May 2024 08:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
set-cookie: grav-ses-55b18cb=ba8rjdcirrigiubbhko4dfcngm; expires=Sat, 27-Apr-2024 08:35:59 GMT; Max-Age=86400; path=/; domain=3.98.254.20; secure; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|