audenaertbv.eu/
185.182.56.24301 Moved Permanently 231 B IP 185.182.56.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 90971a342d8664d5ea7521d9ec4dda0b
7b7fb054929fc2e7548dad3efe57553819fe3067
46abb1b1de309985ef62581c18154c61b4188916421515b971a42b9f10672c0a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 09:41:00 GMT
Server: Apache/2
Location: https://audenaertbv.eu/
Content-Length: 231
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 09:14:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 360AaiRTw5osyrx3Bt4NBX_4USxoTNz6H2DguYHo25An_XdPY77uug==
Age: 1612
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6903
Expires: Tue, 13 Sep 2022 11:36:04 GMT
Date: Tue, 13 Sep 2022 09:41:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aXCClWMKBCHJuqvLaUhJJgbgzUd2-XX5Ioesp3COkcVcyBRSyGxESw==
age: 18347
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 06c756914df31cd575396998b98135d4
02630fdf12cf7fea5f6a21088056a4c61999ee3f
6364858924e6e9a419b078df95fb84c383677a58548d07f6275278b16966da9e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6364858924E6E9A419B078DF95FB84C383677A58548D07F6275278B16966DA9E"
Last-Modified: Mon, 12 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21563
Expires: Tue, 13 Sep 2022 15:40:24 GMT
Date: Tue, 13 Sep 2022 09:41:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 09:05:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4Px7dTYPIsz-hZVUsRpdSLSvRvsMdnWq-07RXaE26hW7M_O8w0W-6w==
Age: 2259
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5006
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:41:01 GMT
Last-Modified: Tue, 13 Sep 2022 08:17:35 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nWSvq9DyMWyjzTYOk1z3fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /un9uZSysvC3MJJ4puRe9eE39j0=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5152
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:41:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5152
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:41:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5152
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:41:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5152
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:41:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5152
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:41:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 41956
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47e1f64348aa12d707bf070f39877c7e
7a1f13d32de956fd50fccba0f813fb71bda79f63
9b3cee8039a2adb1291006a9ad55cd5032a2a6c10de3c5f57222692b02c0faac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7965
x-amzn-requestid: c0ddd7c6-9709-4251-8e7b-4a551f9a7d2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBro8EjxIAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f305-26023e0714937dca063dcbfa;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:09 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jj0LCxD4MdspTSEvLVsUaEbdNjjae7G-gogDBKtx1IE9VZauS4BblQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 23:11:59 GMT
age: 37744
etag: "7a1f13d32de956fd50fccba0f813fb71bda79f63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 43125
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b9c6d44f93a72d6c03ebcfadda1a48a
f6100190de6244ae74b6c1250b997749a381ed89
4bf351795fb3a9e8a1a917d6ab202b1c75007bd5dc450a869b4db5dbfdd81dc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 8335006d-add1-4ab7-9930-e2304a6d1de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQn93FGxIAMFSkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ced25-067cb6e120bd359b719bb421;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 20:01:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1L31YAxvPdmy1k0o-p11NcSM6ujk8NNaii936rsRrI9XoAxYF7CjIg==
via: 1.1 04e6cfc6f03b8f5e6f5459aacc86b372.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:11 GMT
age: 42172
etag: "f6100190de6244ae74b6c1250b997749a381ed89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg
34.120.237.76200 OK 2.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96d4d68111565e0e9d942cb22e3e4e93
5955dc0e311eca9988970d55d222bb77a7552fec
294fe6fa82e831192a0b16e1b2b1e57ac4ff082709a31ef52cc9c8586b9a4906
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2711
x-amzn-requestid: d1f9060c-585c-4ac8-bc60-2b3a2c80ee65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXb4DGKToAMFfog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa699-3522d608453b1c6374e4a94e;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:37:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eDXYc4gzXC8xdyNrP9rMoFU-Kewj4MfKQk0UUJitnTZnutZFtekXaA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:11 GMT
age: 43132
etag: "5955dc0e311eca9988970d55d222bb77a7552fec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15c4bbfd3d31955ae2beb1e47f1fda18
9e08828ce3d8d3170875c017ce70230fb60be657
c7cedd44499cf59595fd01e8ddd3bce3e93a86daeec18a7a0868c445f9ac5d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4810
x-amzn-requestid: 9fd1552d-1306-4164-a187-e8dee3cb7a27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqjEBdoAMFY8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-6c15aad5779bf7d625b2ffd7;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2vrSdQU9eQx35iv0ENwLlT1MX6G4zcnZTkPwy_ysh4VkJorpLjfH6A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 41956
etag: "9e08828ce3d8d3170875c017ce70230fb60be657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
audenaertbv.eu/
185.182.56.24200 OK 14 kB IP 185.182.56.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12915), with CRLF, LF line terminators
Hash 3abe696405704354a9b5221feefbb1d7
f40154a5f1d552eb1b14b8345778ef780b52c3ee
7552026ef96f50c56e3635de0261b9c7f54f6f8f2fc88353e3bc83a92d4f276d
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
link: <https://audenaertbv.eu/wp-json/>; rel="https://api.w.org/", <https://audenaertbv.eu/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://audenaertbv.eu/>; rel=shortlink
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14515
content-type: text/html; charset=UTF-8
date: Tue, 13 Sep 2022 09:41:01 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-devicemockup/assets/styles/al-main-style.css?ver=1.3.2
185.182.56.24200 OK 492 B URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-devicemockup/assets/styles/al-main-style.css?ver=1.3.2
IP 185.182.56.24:0
Hash 304e474f44b607fecd36e033d9685cd0
81f3d79bed7517aaa4dcab8bce717162e13d8614
b3dc3db2a4062822aca830aae2a492b644645b255d06666b20dfb8769e62e336
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-devicemockup/assets/styles/al-main-style.css?ver=1.3.2 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "8d6-5d8982c7c88ba-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 492
content-type: text/css
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-beforeafter/assets/styles/al-main-style.css?ver=2.1.0
185.182.56.24200 OK 1.4 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-beforeafter/assets/styles/al-main-style.css?ver=2.1.0
IP 185.182.56.24:0
Hash cdafa5a4ffd966ae2427251da6115f01
aa132a7d207eab2b538da493594fc12c727cdf7e
c5179d8b9d356fe88fcc872208c34918f8e44988ba312c5a63bdc321e60578e9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-beforeafter/assets/styles/al-main-style.css?ver=2.1.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:53 GMT
etag: "1c1a-5d8982c52158a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1413
content-type: text/css
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/styles/al-main-style.css?ver=2.1.0
185.182.56.24200 OK 317 B URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/styles/al-main-style.css?ver=2.1.0
IP 185.182.56.24:0
Hash 8dd160bd21fede608bbe81c34a8c4161
a7ed9a6ba852ef6f7c7631e14188a0d190aebfe8
9368001f9703ac38385b22dd080b19a8b617dca0cef7e1b108b61e19f98e3606
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/styles/al-main-style.css?ver=2.1.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:57 GMT
etag: "2fa-5d8982c8bcee2-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 317
content-type: text/css
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-imagemagnify/assets/styles/al-main-style.css?ver=2.2.0
185.182.56.24200 OK 680 B URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-imagemagnify/assets/styles/al-main-style.css?ver=2.2.0
IP 185.182.56.24:0
Hash ba893f2ee5ac42c0ba4963fb5652aa26
84202903c58f915f3d2ab07431a53f8030cb7052
fbb8f47a91204164aba8c49fb455adb8f43ebce98b48b867e4aecedb1fc6804d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-imagemagnify/assets/styles/al-main-style.css?ver=2.2.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "8f9-5d8982c7d3c6a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 680
content-type: text/css
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-duobutton/assets/styles/al-main-style.css?ver=2.1.0
185.182.56.24200 OK 1.7 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-duobutton/assets/styles/al-main-style.css?ver=2.1.0
IP 185.182.56.24:0
Hash 5095dae1a4150718ba73e0abd76a39de
fe83d02d92dc8f3360120bc52b2c3679b296f045
c1210ef086b06722e8585ae2bd32debe75e8e552f9e9a7101ca503f323d416df
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-duobutton/assets/styles/al-main-style.css?ver=2.1.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "32d2-5d8982c7cee4a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1747
content-type: text/css
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-reviews/assets/styles/al-main-style.css?ver=2.1.11
185.182.56.24200 OK 1.4 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-reviews/assets/styles/al-main-style.css?ver=2.1.11
IP 185.182.56.24:0
Hash 46a6871afae7722a2eb2e978852240f7
a7b272036346e572cdb13f90ac73b78ee0ab7f50
fc1f710d18f15c7cb3929e698909f300e7ce8c58b76031c1e28f6fbecc2afd71
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-reviews/assets/styles/al-main-style.css?ver=2.1.11 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:57 GMT
etag: "16e0-5d8982c8c097a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1350
content-type: text/css
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/styles/al-main-style.css?ver=2.2.2
185.182.56.24200 OK 1.3 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/styles/al-main-style.css?ver=2.2.2
IP 185.182.56.24:0
Hash 7f472cbbf802244513d0f351273e7c39
9439c284c6860bdeb753a602cd858f773fef3a8d
21af18c3bb7ff2c4ac312c7012f2916cf15b4fd41f86675c9aa7f461e34ccb55
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/styles/al-main-style.css?ver=2.2.2 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "1632-5d8982c7d82ba-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1332
content-type: text/css
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-windoweffects/assets/styles/al-main-style.css?ver=2.3.0
185.182.56.24200 OK 344 B URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-windoweffects/assets/styles/al-main-style.css?ver=2.3.0
IP 185.182.56.24:0
Hash 782922edb920b85b7ee9b3d7cfbaa7dd
7a561f8c348756506e9143755f000d629d9f22f4
38b45d59e7f1400e036e310c35d7cfdddb075c219bd998d5142add23b5d3dcf3
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-windoweffects/assets/styles/al-main-style.css?ver=2.3.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:57 GMT
etag: "2f3-5d8982c8c673a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 344
content-type: text/css
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/vendor/animate-css/animate.min.css?ver=3.5.1
185.182.56.24200 OK 4.3 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/vendor/animate-css/animate.min.css?ver=3.5.1
IP 185.182.56.24:0
File type ASCII text, with very long lines (57790)
Hash ee777e634ba2463f5f4a161dde14dcbe
a4ecf77a2c47390e3aecb2b912130cbcc421733e
cd82447b75b27668be76ec8b86546aafabdc1ddf952e07bcf8f25ef7387fa21f
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/vendor/animate-css/animate.min.css?ver=3.5.1 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "e283-5d8982c7d8e72-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4324
content-type: text/css
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-reviews/assets/vendor/shave/jquery.shave.js?ver=2.1.11
185.182.56.24200 OK 1.2 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-reviews/assets/vendor/shave/jquery.shave.js?ver=2.1.11
IP 185.182.56.24:0
Hash 0a84a3014adb9dc69356a7c2d314c400
5207858069455dba560868914426b866d2d03c4f
7a3ebf5a5681203204f81749fb539a9f1b6b9bf9c34775a29f11133f4c020c71
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-reviews/assets/vendor/shave/jquery.shave.js?ver=2.1.11 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:57 GMT
etag: "c0c-5d8982c8c114a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1181
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
185.182.56.24200 OK 5.1 kB URL HTTP/2 audenaertbv.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 185.182.56.24:0
File type ASCII text, with very long lines (11834)
Hash 64891214edf9c0fced86874263bcafc8
852272ac4a8f8cf211d5e8efc659c908b6ff9f22
de7d0f0dedb990ebfcb9a21b19e356d2fc6c353cfbc1f001bbf1da22e786415a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Sep 2022 14:25:24 GMT
etag: "3884-5e87baa98ba4d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5087
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
185.182.56.24200 OK 32 kB URL HTTP/2 audenaertbv.eu/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 185.182.56.24:0
File type ASCII text, with very long lines (60091)
Hash 2f1bb6df1042073b6b8192d76fc5243f
ba239ea605cee5f9bfdc635d0885962f7ff936bf
a760c8b5e38d77a4ce59ac1ee4de2800a1c31ed506f10bfe0bf528462c36067e
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 10:02:37 GMT
etag: "1729d-5e7aed461dde0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 31738
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-devicemockup/assets/scripts/al-main-script.js?ver=1.3.2
185.182.56.24200 OK 61 B URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-devicemockup/assets/scripts/al-main-script.js?ver=1.3.2
IP 185.182.56.24:0
Hash 2aaa7750caccaddf3abe053b4382b47a
5189c5a671b4a9bda8c0c0ffd4c1947373402b29
b7556d7c7c7c61af740d89639600888fd0cd8b48ddc810d653f1bf36cecc096b
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-devicemockup/assets/scripts/al-main-script.js?ver=1.3.2 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "3d-5d8982c7c80ea"
accept-ranges: bytes
content-length: 61
vary: User-Agent
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-duobutton/assets/scripts/al-main-script.js?ver=2.1.0
185.182.56.24200 OK 345 B URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-duobutton/assets/scripts/al-main-script.js?ver=2.1.0
IP 185.182.56.24:0
Hash d6c8310d78469a34c48df8c62c61b6f0
7727bc931f9a944b41ef18939664b2fb4fb468b8
0c2bec3a20bb8d830d90acfe0e0fbb9863caf4337af879d4c3455ee9ab3a7d6d
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-duobutton/assets/scripts/al-main-script.js?ver=2.1.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "3c0-5d8982c7ce67a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 345
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/scripts/noty-al-fb-notification-theme.js?ver=1.0.0
185.182.56.24200 OK 283 B URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/scripts/noty-al-fb-notification-theme.js?ver=1.0.0
IP 185.182.56.24:0
Hash f7ed1525d4929884372c96d0d8839a0d
e9878083ea57754522863f10d34bd1cc101edae3
f2071f4fb65b17aa64f065cd7afefb4ad3a1d4b93e12998ebf2816faf670ccaf
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/scripts/noty-al-fb-notification-theme.js?ver=1.0.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "2d1-5d8982c7d7ed2-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 283
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/scripts/ie-polyfill.js?ver=1.0.0
185.182.56.24200 OK 373 B URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/scripts/ie-polyfill.js?ver=1.0.0
IP 185.182.56.24:0
Hash 17e3a06224df1ffccba9ab8215060195
47fc9432e99904d2939be4abb06a668eeb2c75bc
7fa1887aea6e53ee1b6fd6be45755907ab9f479f06e27fe553b14766accc082d
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/scripts/ie-polyfill.js?ver=1.0.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:57 GMT
etag: "2c1-5d8982c8bc32a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 373
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/scripts/al-main-script.js?ver=2.1.0
185.182.56.24200 OK 750 B URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/scripts/al-main-script.js?ver=2.1.0
IP 185.182.56.24:0
File type HTML document, ASCII text
Hash d8867ea46992c42fe917cfc11c242da4
ae118927bd826378b569de4c9e9289e3a751b429
8b8f7e7b1502b31c8848afeaefb9922c94312cb15bcefc93af9fae8325a56ce9
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/scripts/al-main-script.js?ver=2.1.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:57 GMT
etag: "6eb-5d8982c8bc712-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 750
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrwfJh1Zyc6FYxlG.woff
185.182.56.24200 OK 4.7 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrwfJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 4708, version 1.1\012- data
Hash a71ad5ced9a25c621adebb019594ed28
d0e8500806faebcb3937ae546f68e536a6dd82df
ffb6aa78b46dec116952c68c8bf94c0e7adee1e7409286f9c8ecba49fd6cf1ee
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrwfJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "1264-5c0764bb1edc9-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4657
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WZhzSTh89ZNpQ.woff
185.182.56.24200 OK 5.1 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WZhzSTh89ZNpQ.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 5160, version 1.1\012- data
Hash 398d0a82329818dc884504502e3ea83a
9fe387ad469ff6c5e0031a2477f4c1d70b5b4989
1370b322efa0723da5bc803d3fe38725ff847a9c40ec45a52ea541902db07bfd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WZhzSTh89ZNpQ.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:11 GMT
etag: "1428-5c0764bae676f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5121
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gbD-Px3rCubqg.woff
185.182.56.24200 OK 5.1 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gbD-Px3rCubqg.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 5140, version 1.1\012- data
Hash fe1b0be0d8b10fe756f98eb9f8a61ea9
3d080736f26908758a779390ede95c5bbb66027f
1d14b1c3b749cdbd168c14bbf200c906652c1b82000f756f3a41bb60d457fd92
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gbD-Px3rCubqg.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "1414-5c0764bb03460-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5110
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/2021/04/Logo-Audenaertnegatief.png
185.182.56.24200 OK 19 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/2021/04/Logo-Audenaertnegatief.png
IP 185.182.56.24:0
File type PNG image data, 354 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ac090a5372da76378d2f28a05559988
a17582623c7e27a5f95ee3a56212008b261900f2
b263756217e6829554e11d068f4eb12265e6b1dd56b7bd8dcd7e96dd7a99413a
GET /wp-content/uploads/2021/04/Logo-Audenaertnegatief.png HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Apr 2021 14:01:31 GMT
etag: "4964-5bfdb113a0f3f"
accept-ranges: bytes
content-length: 18788
content-type: image/png
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/2021/04/Logo-AudenaertBV.png
185.182.56.24200 OK 21 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/2021/04/Logo-AudenaertBV.png
IP 185.182.56.24:0
File type PNG image data, 354 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash 529ae3aa0014c9ce74f49a26353c8fa4
fa274da9c83eb254ddfd099de6da57ac7dabc9c3
577163dece2c88c4c3ed237b9aa48b32ab6286738d65ad2fda882ec34504caac
GET /wp-content/uploads/2021/04/Logo-AudenaertBV.png HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Apr 2021 14:00:02 GMT
etag: "5195-5bfdb0bf433e4"
accept-ranges: bytes
content-length: 20885
content-type: image/png
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-beforeafter/assets/scripts/al-main-script.js?ver=2.1.0
185.182.56.24200 OK 1.7 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-beforeafter/assets/scripts/al-main-script.js?ver=2.1.0
IP 185.182.56.24:0
Hash b07920592798a9a60bf969c59903be29
7e8beeb7f6ebce10d900988386391f8903a36e15
24c09ae579c2706f39b723952852f24c0668ae3dbe203156f3a966907fc4aec8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-beforeafter/assets/scripts/al-main-script.js?ver=2.1.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:53 GMT
etag: "1ad2-5d8982c520dba-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1720
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-beforeafter/assets/vendor/twentytwenty/js/jquery.event.move.min.js?ver=1.3.6
185.182.56.24200 OK 2.0 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-beforeafter/assets/vendor/twentytwenty/js/jquery.event.move.min.js?ver=1.3.6
IP 185.182.56.24:0
File type ASCII text, with very long lines (5026)
Hash 8b855548dccc22d2ab6ed5e60f7dfd9f
562e51b967c7b18b573be07b91a8ce4fcb4f12ad
4901ecaa95a7934756bca22eb52c142f01e7ea0f809eaf89a126384a72854c5a
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-beforeafter/assets/vendor/twentytwenty/js/jquery.event.move.min.js?ver=1.3.6 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:53 GMT
etag: "163b-5d8982c52446a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1972
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-imagemagnify/assets/scripts/al-main-script.js?ver=2.2.0
185.182.56.24200 OK 2.9 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-imagemagnify/assets/scripts/al-main-script.js?ver=2.2.0
IP 185.182.56.24:0
Hash 188a54e4dff68a17686cda0fe02fb885
1cd031634a754889f0c66cf46cc8ac9d904f6dbd
dbfb54e6ea44a66d090bfe1bee2c5e5afe5e50ed227641e32aaa71926944d55b
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-imagemagnify/assets/scripts/al-main-script.js?ver=2.2.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "334e-5d8982c7d3882-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2885
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-reviews/assets/scripts/al-main-script.js?ver=2.1.11
185.182.56.24200 OK 3.9 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-reviews/assets/scripts/al-main-script.js?ver=2.1.11
IP 185.182.56.24:0
Hash 886293d9765ce7b3098fb8b87f3b6e66
4df22afa91137ed17999d4eb86adbe98fae2fd7a
332c4efb5373d5f55fa30404ea859254f2d7d3c9e683b066667789376bedd0b9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-reviews/assets/scripts/al-main-script.js?ver=2.1.11 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:57 GMT
etag: "4c59-5d8982c8c0592-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3856
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrwfJh1Zyc6FYxlG.woff
185.182.56.24200 OK 4.6 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrwfJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 4672, version 1.1\012- data
Hash cfe06df4c217e60421e360343c99dfd5
0d0457e8ce1889253846f164b92b5c9fa534f8fc
b1aec346736463e0c6421f2181a526e2b0cd251d83b8879e1b7ca9673eb94b51
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrwfJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "1240-5c0764bb63b5a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4631
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrwfJh1Zyc6FYxlG.woff
185.182.56.24200 OK 4.7 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrwfJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 4704, version 1.1\012- data
Hash d71caebdedd849b962645f4735edff6d
6de01ab010f63ad452c4aee6b042801403ac1f6b
1a8ae4553a1362f4aeccd5d8b612a376054f036ca353ee35808c8ab13cc58c1d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrwfJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "1260-5c0764bb8278a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4654
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrcVIT9d4cydYA.woff
185.182.56.24200 OK 4.5 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 4532, version 1.1\012- data
Hash d055007ccd1cc57de1d4776ca878ea5c
f62c2372f247f0954e7316b82478af0c8aa89eff
fa2b1641029935ec220e6f821af8ea15dd3f9523aae28ea9a994ca40419b9d35
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "11b4-5c0764bbacf3b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4487
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrwfJh1Zyc6FYxlG.woff
185.182.56.24200 OK 4.6 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrwfJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 4628, version 1.1\012- data
Hash 7cfd1f7dd51fe51da44f54f07206c333
dd4272c9016f7693b860f3f361fb8c2a17af1488
b4135eea81e8d06042bc5bd72c695a67ba4b1e1f6ec65094a5993f172ff857f9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrwfJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "1214-5c0764bb3d229-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4571
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCHPrcVIT9d4cydYA.woff
185.182.56.24200 OK 4.5 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCHPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 4536, version 1.1\012- data
Hash 09e0e3d4c44a88a4965da9dbc219d362
961abde95c8c385dc5503182174a2c999de3146c
9696421ee6ea73cdb2d3eadf7c5e4caced115389f562db135c1ef67c6a386b72
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCHPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:13 GMT
etag: "11b8-5c0764bbff78d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4492
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCHPrcVIT9d4cydYA.woff
185.182.56.24200 OK 4.4 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCHPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 4496, version 1.1\012- data
Hash e553bc513b2009954c9f0fe5fc35731b
e22764b577fe9d54cd425d2b3407bd214ac83996
669b1af8a93e97a21899bf6bebcb7ed8bf34a8a8178b55caadcceeff96e6c56d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCHPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "1190-5c0764bbcb784-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4436
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCHPrcVIT9d4cydYA.woff
185.182.56.24200 OK 4.5 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCHPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 4560, version 1.1\012- data
Hash 47e04dc884ef347dc56b51b7840bb91b
e06ee434ef477c2226af88dca7ce9b9d196be72a
e70ad94cbe6a2e7352b7f6cf987ebf268185018b4f2a4c3111d897986086996b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCHPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "11d0-5c0764bbe45f4-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4509
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz8_Z2jimrq1Q_.woff
185.182.56.24200 OK 5.2 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz8_Z2jimrq1Q_.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 5228, version 1.1\012- data
Hash d1f76ac2b231b53063b54465f26dad9f
30e09a44daee0ae3442369d72abd64dbeccbfa20
0bae4fa99e35789da548961d86f787c7a047035e5095f84684056e578ce11a05
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz8_Z2jimrq1Q_.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:11 GMT
etag: "146c-5c0764bac67b7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5179
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3g3D-Px3rCubqg.woff
185.182.56.24200 OK 10 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3g3D-Px3rCubqg.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 10188, version 1.1\012- data
Hash cfebd221262b5b8d5e4641c246eb2df8
dcca9c6c601387a5543f8f7a52aac2eb3fdbea45
7e714f4aed39d63f3ad98c3c43113b527ce8c4e767fbf72e45d465cf62b9421e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3g3D-Px3rCubqg.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "27cc-5c0764bafea28-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10151
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/scripts/jquery.noty.packaged.custom.js?ver=2.3.11
185.182.56.24200 OK 5.6 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/scripts/jquery.noty.packaged.custom.js?ver=2.3.11
IP 185.182.56.24:0
Hash 7508b6ce3b281670ff7b808f8f65dab8
b43ed1de6cd2200f115a921c26b551d99e27d9dc
3829d3692bc218ff82d2c6d325ffce532bc2582dbdc2b05b731b89fc1f069696
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/scripts/jquery.noty.packaged.custom.js?ver=2.3.11 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "7bb6-5d8982c7d7aea-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5569
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-windoweffects/assets/scripts/al-main-script.js?ver=2.3.0
185.182.56.24200 OK 5.2 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-windoweffects/assets/scripts/al-main-script.js?ver=2.3.0
IP 185.182.56.24:0
File type exported SGML document, Unicode text, UTF-8 text
Hash b9ab285b62bb5f58df3641dcdcd91d41
4aa49d78be3640fbdae82811dcf72c675bb17767
2e62990d101fe934b9e931dedadbc4548d0ad6abb221c862f342fb87f7b603eb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-windoweffects/assets/scripts/al-main-script.js?ver=2.3.0 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:57 GMT
etag: "538e-5d8982c8c6352-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5165
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/scripts/al-main-script.js?ver=2.2.2
185.182.56.24200 OK 5.9 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/scripts/al-main-script.js?ver=2.2.2
IP 185.182.56.24:0
Hash c1d9aef1f168df44579d40e2b6d3c366
f77461aede20dfe148a3b4eda529c935deef10a5
ba9a953a62d60aa751a4589d71a91725dbabb1873e520cb01531a77b87a59e8c
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-notification/assets/scripts/al-main-script.js?ver=2.2.2 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:56 GMT
etag: "5ce3-5d8982c7d7aea-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5886
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WRhzSTh89ZNpQ.woff
185.182.56.24200 OK 12 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WRhzSTh89ZNpQ.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 11836, version 1.1\012- data
Hash 71d3dc16f4416aaf2102fe7ce2a1f3a2
afaf579c91c122c3f93df6509e136af07ecb7667
686d03ace961b7669915f2292d16df7158818ad0137035af499c711748cb7f07
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WRhzSTh89ZNpQ.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:11 GMT
etag: "2e3c-5c0764bad9867-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11715
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gTD-Px3rCubqg.woff
185.182.56.24200 OK 12 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gTD-Px3rCubqg.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 11748, version 1.1\012- data
Hash e530376ac0d9d779dffc316baf56599b
c70eb2b3c10b312e0a5241480d956de00cbc29b6
7c0335c61abdea19d5b00afc5d437a0cb9f15b5af8b8004de06104a22e6a1750
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gTD-Px3rCubqg.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "2de4-5c0764baf4618-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11626
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrcfJh1Zyc6FYxlG.woff
185.182.56.24200 OK 10 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrcfJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 10136, version 1.1\012- data
Hash c92b4aac8ef31f5b48fec71921ef65b8
e902f01957c45921397870f3505a258776c8c685
905e465b5d29f9dbb8faa16dbf56fff898afa891c072dfb1042bbb7868001760
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrcfJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "2798-5c0764bb1a390-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10102
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrcfJh1Zyc6FYxlG.woff
185.182.56.24200 OK 10 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrcfJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 10092, version 1.1\012- data
Hash c5da7d8c21d233c2f323a26bdb987f0e
87a98c86bacbec94868670afbf24d1246e159758
3526c8161b6bb246d1563fbe662a2feb4d625dcc45521ac04a3379024aa3327e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrcfJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "276c-5c0764bb59b32-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10074
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrcfJh1Zyc6FYxlG.woff
185.182.56.24200 OK 10 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrcfJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 10100, version 1.1\012- data
Hash ae7c842d906be84b325e8d7565a14686
4e0075280ffeed85265ba479cd543ad0706ddcb5
67c7bcf08a3f126fa541c93c55f9f9e92fee86ec509a16d88998b85d8fb1ee57
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrcfJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "2774-5c0764bb7e13a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10081
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459W1hzSTh89ZNpQ.woff
185.182.56.24200 OK 10 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459W1hzSTh89ZNpQ.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 10308, version 1.1\012- data
Hash 5efc5156eea4fe9957eee19d8dca3842
1eeba40392f27e5f78e6e2466b2724933e9c3668
5c08d246cd84c7ce3e6765786b4c01774f0e0c80cd095c6cb09fa8b8e405f738
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459W1hzSTh89ZNpQ.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:11 GMT
etag: "2844-5c0764bade29f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10263
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrcfJh1Zyc6FYxlG.woff
185.182.56.24200 OK 10 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrcfJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 10028, version 1.1\012- data
Hash 2cd6f6e73476626ca8484ddb295ec6ff
1445c682ef5f10d3b24cb6f3967910fca43c87c6
974b3bc01c2767584bb98a014849b3b7988b4a4f5093053be4a2b7f2bc6a8ac0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrcfJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "272c-5c0764bb38021-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9992
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCMPrcVIT9d4cydYA.woff
185.182.56.24200 OK 10 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCMPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 9988, version 1.1\012- data
Hash 7cbdb5d6cadc0590ae3b5bc743414a30
ff2ba4ac8df060b90b3feaa7ab3496f94545dc7a
67322ec83a1fd4834e920ac2bc948a873707f31242495666eda91f35a7a94fc4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCMPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "2704-5c0764bba041b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9976
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCMPrcVIT9d4cydYA.woff
185.182.56.24200 OK 9.9 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCMPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 9936, version 1.1\012- data
Hash 5ea2dacc0f4170af096789a8b35e1920
13f3cddf045189e5e2804aff35e87b96ec0de5a2
99087623c73ab6db70d9560ef84a48de51df4d4a1c60cbb336f5619bc851267b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCMPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "26d0-5c0764bbc6964-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9915
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCMPrcVIT9d4cydYA.woff
185.182.56.24200 OK 10 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCMPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 10048, version 1.1\012- data
Hash fb458318e4f5f729ff7ff032e0298cfc
cf34fe67e12fc036b1236cbbfba43a53ca55b0e8
02d25aaebc52e177e7dc8fff60401e505959cc121d9cc4850506fef6228939c2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCMPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "2740-5c0764bbdfbbc-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10035
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCMPrcVIT9d4cydYA.woff
185.182.56.24200 OK 10 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCMPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 9984, version 1.1\012- data
Hash 22dad7210cdc0c90b0b30e9d8fd9730f
5fbddc2db2052e053ede96083faaf47d97bb44fe
2c1b2d5b55f26f0bbdd4186a6f2361015114d2326c185bbae0db3b82f369317d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCMPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:13 GMT
etag: "2700-5c0764bbfb525-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9962
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/scripts/kjua-0.1.1.min.js?ver=0.1.1
185.182.56.24200 OK 7.7 kB URL HTTP/2 audenaertbv.eu/wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/scripts/kjua-0.1.1.min.js?ver=0.1.1
IP 185.182.56.24:0
File type ASCII text, with very long lines (21596)
Hash 4c32d7c7ba0dbc5137d56f03cd0ab28c
555269bfc68bebfa8c3fca99c06225e8f970518c
4c399581aab2173c953c11b65c40f1203289d964a1a33aa033cbc203eb13dce4
GET /wp-content/plugins/al-fb-bundle/arcticlune-addons/al-fb-qrcode/assets/scripts/kjua-0.1.1.min.js?ver=0.1.1 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Feb 2022 09:42:57 GMT
etag: "548b-5d8982c8bc32a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7713
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
185.182.56.24200 OK 14 kB URL HTTP/2 audenaertbv.eu/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
IP 185.182.56.24:0
File type Web Open Font Format (Version 2), TrueType, length 13584, version 331.-31458\012- data
Hash 26636261aaf0d1ef6e9517fc5bf60c19
bd4460084be0826b1503d75122bff2a4d135b836
068d01d0631f14b77f9079c558a51ccfe79dc92e8052936f83e3a24b7c851dbf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Mar 2021 09:48:01 GMT
etag: "3510-5bebde4e5145f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13607
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCFPrcVIT9d4cydYA.woff
185.182.56.24200 OK 12 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCFPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 11552, version 1.1\012- data
Hash 1b678e366d8eaa41c0ad52384f09e082
419a6c4ae36775a8f04dda359e5558788d1041bb
62f7757bd63b2bdf42ef7f2863319369e4b731e198cb2a4862510c555bd4b57f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCFPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "2d20-5c0764bb9a65b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11527
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz-PZ2jimrq1Q_.woff
185.182.56.24200 OK 11 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz-PZ2jimrq1Q_.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 10668, version 1.1\012- data
Hash c289c5436e8675045fd94e27517097bf
d07f3b584d11a93b74f7fbaeec2a6c2f8d6e5bb2
bee35ca0efccffe4e024c905f7ac2bd915c69955b1569479368a011ee1613c99
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz-PZ2jimrq1Q_.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:11 GMT
etag: "29ac-5c0764babfe3f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10650
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCFPrcVIT9d4cydYA.woff
185.182.56.24200 OK 11 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCFPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 11272, version 1.1\012- data
Hash 7c0c38fb63b3f14671ae184582d6ddce
e640d4226478b70fab8458bef934cabd000298d5
d4483b4fd9d056296b26de265c4eb39f1afea4c88ec04672ebbd964d34ff1819
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCFPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "2c08-5c0764bbc1b44-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11247
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WdhzSTh89ZNpQ.woff
185.182.56.24200 OK 15 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WdhzSTh89ZNpQ.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 15416, version 1.1\012- data
Hash 7966a1953f894e2a2f2a91ddd78c246d
31d42d53992d66abd8c65f56aa58079d31e0a962
657ef27c309a3d3970f5d343022d447fe2fd105336bddfd2f258e33cd23dce9b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WdhzSTh89ZNpQ.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:11 GMT
etag: "3c38-5c0764baeadc0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15361
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
185.182.56.24200 OK 13 kB URL HTTP/2 audenaertbv.eu/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 20908, version 1.0\012- data
Hash 348fd2eb5e643ab55b941c5856bb91de
2a9f09f23744409d2b7e91e84de0cf64472319e9
896537956a829c4e7d97c3f4da555ad9b712cd75fca2e110b1879f5567255dec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Mar 2021 09:47:33 GMT
etag: "51ac-5bebde33767da-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12806
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDr4fJh1Zyc6FYxlG.woff
185.182.56.24200 OK 13 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDr4fJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 12688, version 1.1\012- data
Hash c23fb0148207e0c1cfd495b67a2a0882
4aa123fbf34645f9df237a32f9ceafc0276901ba
59e98037e04e6f41a4ad8a2a3655a60e89599ce7f123589e480af9250d5045c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDr4fJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "3190-5c0764bb32a31-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12653
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz8fZ2jimrq1Q_.woff
185.182.56.24200 OK 12 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz8fZ2jimrq1Q_.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 12144, version 1.1\012- data
Hash 2c989d7014a553aea5885d4032f8b39d
6c19b899c332655b27fb236352855c3ce69a843f
77f35495c69171e295bf0a0d1f191f61501d07e3a96db3ecaf3068172e4dc504
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz8fZ2jimrq1Q_.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:11 GMT
etag: "2f70-5c0764babac37-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12116
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCFPrcVIT9d4cydYA.woff
185.182.56.24200 OK 12 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCFPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 11684, version 1.1\012- data
Hash 6fdcb94f1b167477e93b0d84dfbca399
60c4a831f5421639fbe0a721abd9dcd6fc400351
db8ae8e8f8a4ca6dd4e3c89c402d51b45016208967aecc795a0b3e4e0dfd06a7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCFPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:13 GMT
etag: "2da4-5c0764bbf6aed-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11667
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCFPrcVIT9d4cydYA.woff
185.182.56.24200 OK 12 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCFPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 11692, version 1.1\012- data
Hash 32206ac6531d2b1d081a846d6b3ad393
1457c0212e32d3db4e3813a8e256fa95d4f70149
347b76970b17534944682670cc08992262b42e0b6bd7ca45243d3af1ab107ee9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCFPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "2dac-5c0764bbdb56c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11659
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDr4fJh1Zyc6FYxlG.woff
185.182.56.24200 OK 13 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDr4fJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 13040, version 1.1\012- data
Hash 4afaa6eaa6d68dcf844fdb1f584aa0ed
503a7a43e7aacb850482058bd3602726bc76cd7b
15ad2334eeff60e83e94cb70e6c8a632c0aa0e7932701bb1243a453657e1eb7a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDr4fJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "32f0-5c0764bb53d72-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13015
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDr4fJh1Zyc6FYxlG.woff
185.182.56.24200 OK 13 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDr4fJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 13068, version 1.1\012- data
Hash 9e2801ddd887f4853c3d576318868faf
402ce513093bd0fb167fb5393f61b287b300565f
609bad63f3693eef68b83907322006238509c86423d93218e639022ab58f05d9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDr4fJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "330c-5c0764bb78f32-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13037
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDr4fJh1Zyc6FYxlG.woff
185.182.56.24200 OK 13 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDr4fJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 13064, version 1.1\012- data
Hash a5af5ec37354e8ebc04f88ad6a3471b6
181abb984b2355dd6cede2ec0ae431aaddbdb3ba
c664caa287d82a63db48ba5282499a9492d950c6ff4a6b6a0f6089c1b9a45e0e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDr4fJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "3308-5c0764bb10750-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13029
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WlhzSTh89Y.woff
185.182.56.24200 OK 17 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WlhzSTh89Y.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 17180, version 1.1\012- data
Hash feca55a1b1ecee6967895fafd5306766
655283dc174631f9e17d8372dd8bc04cb80a7130
c33eb5e27d9e3e4d93429717b2f1870e89394c914d4f0eec4f97f48c17a42269
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WlhzSTh89Y.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:11 GMT
etag: "431c-5c0764baefbe0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 17130
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDr0fJh1Zyc6FYxlG.woff
185.182.56.24200 OK 15 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDr0fJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 14984, version 1.1\012- data
Hash 75190b89aad3c210965bc799b642143e
65dc1e916d61d08dc5b5b852f26627bfa69ff33f
318ec50f876cd11927696af419071c1059cd1320cff923ddb977e8fdd7cba6ba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDr0fJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "3a88-5c0764bb485d9-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14919
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDr0fJh1Zyc6FYxlG.woff
185.182.56.24200 OK 15 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDr0fJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 15260, version 1.1\012- data
Hash b8dfbf7e74b46f96c4c3da4c5f828cb0
ae6702a98681c8e1aee3e2594ad90d6d40c3d97c
d33d850357ae97f12aa6bd894c4112e1d6bd09c020bd4e1980ae433dcff741c4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDr0fJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "3b9c-5c0764bb89103-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15192
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrcVIT9d4cydYA.woff
185.182.56.24200 OK 14 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 14548, version 1.1\012- data
Hash d00a65312c7b64e2e3c348f60f8477c1
dbedf3e388df4a98722f03f6068eb8cd08885b5d
bf5ee2a36e2bc06bc9af44ec495e2d65b9a109d7a14a9717e122ab07ce492762
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "38d4-5c0764bbb252b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14484
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDr0fJh1Zyc6FYxlG.woff
185.182.56.24200 OK 15 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDr0fJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 15324, version 1.1\012- data
Hash b30eb80e34ab809545467ebbcee6d457
f1bb4d6921a3f1a0754ff6818e395455398adcf2
a7eacca1fce0c77689b354cf505e0c75ab6a4dd7ced9b4d79530d2f118d38d37
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDr0fJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "3bdc-5c0764bb6914a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15232
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gfD-Px3rCubqg.woff
185.182.56.24200 OK 15 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gfD-Px3rCubqg.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 15216, version 1.1\012- data
Hash 631298bc78270e87bfac60296faf9d61
e0dbe2f7da56c0f14c3542a8776ada3ee23c42c5
4003f091e31d03ae72684e1ba65fff43561f86a4792badf3bf53cacf8038903e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gfD-Px3rCubqg.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "3b70-5c0764bb07ab0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15152
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDr0fJh1Zyc6FYxlG.woff
185.182.56.24200 OK 15 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDr0fJh1Zyc6FYxlG.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 15224, version 1.1\012- data
Hash 530070f68cdc073aa95cb6a4c2aa0646
2099c1418da53128070b7a97090b89370acb4736
e5103d5dad611ea039f151f3a0ef0b7d433db02ecfca142fcaa8d9bb7620609b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDr0fJh1Zyc6FYxlG.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "3b78-5c0764bb23be9-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15153
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCGPrcVIT9d4cydYA.woff
185.182.56.24200 OK 14 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCGPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 14572, version 1.1\012- data
Hash 072726280c374bb0940004620c78eb06
5abb9c05f2981da6ce08631892f3f22167c7fae6
b7038762b847eb14eeea1ddca26a071824c722c1fe02a40551e99ab775a44342
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCGPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:13 GMT
etag: "38ec-5c0764bbe8c44-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14497
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCGPrcVIT9d4cydYA.woff
185.182.56.24200 OK 14 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCGPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 14460, version 1.1\012- data
Hash 7f86b7cb4664c99da5ff19cdb9b7f8b2
bac67881540622795f8f8b441d42c0ca17da06c3
718119bbd909de91039b99fd058ee51d9e715bb46ab7f156ac813c6bd343e7eb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCGPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "387c-5c0764bbd05a4-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14368
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCGPrcVIT9d4cydYA.woff
185.182.56.24200 OK 14 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCGPrcVIT9d4cydYA.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 14572, version 1.1\012- data
Hash 1bf10c62cd1be03ca4844cb0576c4647
130e5a351997a7a952feef00a0e8333efb0f9d41
94e355a69ccefc5b0eef2f59eab4d4a75b57ea5ed12b49bb5673c097aba32c91
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCGPrcVIT9d4cydYA.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:13 GMT
etag: "38ec-5c0764bc041c5-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14511
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz8vZ2jimrq1Q_.woff
185.182.56.24200 OK 16 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz8vZ2jimrq1Q_.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 15804, version 1.1\012- data
Hash 31ab213c485d0d45c225381e6b73b882
b028a61f3227d545a135ae32e7f512d5fb25ddc4
0b9405ac0f23678f46ba41de9edd8a8c51636daaef205b0dd79509c259c58441
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz8vZ2jimrq1Q_.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:11 GMT
etag: "3dbc-5c0764bacec87-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15741
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZ2jimrqw.woff
185.182.56.24200 OK 18 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZ2jimrqw.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 17580, version 1.1\012- data
Hash b38a2b2a0147c3d5be3bbf1f90217bbe
c52cf34d6c8bc417c4c78bc05217e4ed493069eb
65ee0e76e6b07cb6e575ef4646401db19660a78492cfb4e6852ff6bb2975df47
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZ2jimrqw.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:11 GMT
etag: "44ac-5c0764bad5217-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 17552
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gnD-Px3rCs.woff
185.182.56.24200 OK 17 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gnD-Px3rCs.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 17076, version 1.1\012- data
Hash 8b02d07db1bf7c1a3d1b21cf9a822c0d
08bd4153ed265bd80a226b1d57ba001e887dc33b
811ee2c58e2de2c3c79f873b81137a3cdf9345b0fc8e5c0df4dce292c745d6e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/JTURjIg1_i6t8kCHKm45_dJE3gnD-Px3rCs.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "42b4-5c0764bb0c4e8-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 17037
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfJh1Zyc6FYw.woff
185.182.56.24200 OK 21 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfJh1Zyc6FYw.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 20784, version 1.1\012- data
Hash 2d89796cc52001b3c3c553cf790cb1ea
52153eb0636749cb6743a21bcb26e18b24e190df
5b696c81c8a2657264a06e60652f09a08450f65cc1a016bd6c675006db343b5b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfJh1Zyc6FYw.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "5130-5c0764bb28621-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20564
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrMfJh1Zyc6FYw.woff
185.182.56.24200 OK 20 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrMfJh1Zyc6FYw.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 20300, version 1.1\012- data
Hash 2b84b7eda757f377258ee872dcfac920
9b9f9db8df3abb15524ccfb8e80873a4e7bca7a6
cde1fc41d6d43bfb9631a200ae9a613af9425ccb1a8f7e1b6b925568ef492db0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrMfJh1Zyc6FYw.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "4f4c-5c0764bb4f339-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20097
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrMfJh1Zyc6FYw.woff
185.182.56.24200 OK 21 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrMfJh1Zyc6FYw.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 20804, version 1.1\012- data
Hash de3eb31ed768b6569e284375753c44d7
bdb7d455876f872e22bcdb0a50e2f11514ae36d6
62fcab91d98c3495dcb3db83d89bc8c9dbe0ad35b4c6a77d805b85b7a87a816f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrMfJh1Zyc6FYw.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "5144-5c0764bb9489b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20614
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrcVIT9d4cw.woff
185.182.56.24200 OK 20 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrcVIT9d4cw.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 20684, version 1.1\012- data
Hash 2ecf72c83ad3a13d05db780aa896ad39
8ed804782fef8d14c40044915b57c8cad509749e
d8e41385646c224d0257364eba8c85eeb678c79fe941535dc0c64775e6912bb0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrcVIT9d4cw.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:13 GMT
etag: "50cc-5c0764bbede4c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20488
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrcVIT9d4cw.woff
185.182.56.24200 OK 20 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrcVIT9d4cw.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 20484, version 1.1\012- data
Hash b8ef6c7e20865a121cc0f54ce9170a94
1a566bd91ab7ba85e30d1bac68e93ae182ce2a5a
2090dd6e73a6290b719b2dfccfd609b86072163a36abe5f5aaa7f2a49b27726b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrcVIT9d4cw.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:13 GMT
etag: "5004-5c0764bc0e9bd-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20293
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d4cw.woff
185.182.56.24200 OK 20 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d4cw.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 20588, version 1.1\012- data
Hash 356ed8a0212bc50235a5b18d179d1a72
d021fb572d9e7563007ab8ba531c405df229eac2
8f13088ec7d014fb7ee3729fdff1ecab525ce291222c7d851cc307b07339f278
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d4cw.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "506c-5c0764bbb7733-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20393
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrcVIT9d4cw.woff
185.182.56.24200 OK 20 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrcVIT9d4cw.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 20228, version 1.1\012- data
Hash 5111beff0cc8e757a5c302eb43952b05
e9a68d79033090ad826db2942a9bba739a90627c
4e61155b09683754d188b7e8a44d130e3021df7515d9e0074a9d11c31e21d977
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrcVIT9d4cw.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "4f04-5c0764bbd674c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20015
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrMfJh1Zyc6FYw.woff
185.182.56.24200 OK 21 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrMfJh1Zyc6FYw.woff
IP 185.182.56.24:0
File type Web Open Font Format, TrueType, length 20832, version 1.1\012- data
Hash 0acb6766dc5b92e2d1ca608a7286f8b6
b4539d21be075e50b8d613eb039477beaa4c5857
f675c2f17f83bb3a18fac44abec44b9ac794dcfc65f729a8476dd06aa36eac44
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-gfonts/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrMfJh1Zyc6FYw.woff HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:12 GMT
etag: "5160-5c0764bb6db82-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20667
content-type: application/x-font-woff
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 65abcf17204a59d6f43fb62375b57cc9
0063ce2668025f5ea1e1248b8517cff2721587cf
ecb6273f3bbcdac965191b74eba489d8fc1b4b70ad9bc57b3b6be8dbbd1698f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECB6273F3BBCDAC965191B74EBA489D8FC1B4B70AD9BC57B3B6BE8DBBD1698F4"
Last-Modified: Mon, 12 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6315
Expires: Tue, 13 Sep 2022 11:26:19 GMT
Date: Tue, 13 Sep 2022 09:41:04 GMT
Connection: keep-alive
js.cofounderspecials.com/splash.js?v=1.2.9
91.211.91.112200 OK 573 B URL HTTP/1.1 js.cofounderspecials.com/splash.js?v=1.2.9
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (2348), with no line terminators
Hash 2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef
GET /splash.js?v=1.2.9 HTTP/1.1
Host: js.cofounderspecials.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 09:41:04 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
simple.cofounderspecials.com/strong.js?v=4.40
91.211.91.114200 OK 14 kB URL HTTP/2 simple.cofounderspecials.com/strong.js?v=4.40
IP 91.211.91.114:0
ASN #206638 PE Brezhnev Daniil
Hash d23069a171ca960e3ff50746e8640a65
43ec360365bd11c46b24f9ff43747049da9fc8ff
a03630bd9f17191584497f13c4f878409d6856a79d4378d72efba8507fc0d77c
GET /strong.js?v=4.40 HTTP/1.1
Host: simple.cofounderspecials.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 31 Aug 2022 20:17:31 GMT
vary: Accept-Encoding
etag: W/"630fc1db-92c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/2015/12/20191028_145014-1-scaled.jpg
185.182.56.24200 OK 620 kB URL HTTP/2 audenaertbv.eu/wp-content/uploads/2015/12/20191028_145014-1-scaled.jpg
IP 185.182.56.24:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1440, components 3\012- data
Size 620 kB (620169 bytes)
Hash fd4fa3cf29c4ca9ac5b9ddd156e73410
39505692844326e712b6bb68a1211266bd39641d
af13f9032ad2df44ea9b69ffbabe069988572df3bee3c254cb139183ec45daaa
GET /wp-content/uploads/2015/12/20191028_145014-1-scaled.jpg HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Mar 2021 07:26:42 GMT
etag: "97689-5bed0094c508e"
accept-ranges: bytes
content-length: 620169
content-type: image/jpeg
date: Tue, 13 Sep 2022 09:41:04 GMT
server: Apache/2
X-Firefox-Spdy: h2
away.bettershitecolumn.com/away.php?id=98&kid=3467-23&sid=884578-34-76987-11
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/away.php?id=98&kid=3467-23&sid=884578-34-76987-11
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /away.php?id=98&kid=3467-23&sid=884578-34-76987-11 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 13 Sep 2022 09:41:05 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /track.php?aid=98823&uid=46536-433-636474-23 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://audenaertbv.eu/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 13 Sep 2022 09:41:05 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
91.211.91.104200 OK 824 B URL HTTP/2 away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 982e269869a536191bdce9808e930472
4559c4d49303d0e2b734b3bd806629c12066f111
a7cef100c55d1f3288299ad13859e71e62d6769ea2ce9db406be958fab9ba68d
Analyzer Verdict Alert quad9 Sinkholed
GET /track.php?tid=54889&lid=9554-66-457679-29 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://audenaertbv.eu/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:05 GMT
content-type: text/html; charset=UTF-8
content-length: 824
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ec881a7e4d5df1c51cb8e230b59921cd
00bc905abc7819b2fdff997a7e19a4347c58c20e
31fccda433a1e7acbf259850c232af95bd6b104e84482e6e42f453bf7975d3a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31FCCDA433A1E7ACBF259850C232AF95BD6B104E84482E6E42F453BF7975D3A7"
Last-Modified: Sun, 11 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2793
Expires: Tue, 13 Sep 2022 10:27:39 GMT
Date: Tue, 13 Sep 2022 09:41:06 GMT
Connection: keep-alive
goldflowerservice.net/w66899721.js
185.177.94.108200 OK 49 B URL HTTP/2 goldflowerservice.net/w66899721.js
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 8b2c9a0f63099698ba10b15b41fa47e4
dba24ca51e5b2c0fba6fa07441972a2fcc217088
dbb05cc7642fa61c7cbeda7a9c1db3e43db644dfd78d14e4f8cf73df3b7689ad
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /w66899721.js HTTP/1.1
Host: goldflowerservice.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 49
last-modified: Wed, 27 Jul 2022 05:35:25 GMT
etag: "62e0ce9d-31"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
goldflowerservice.net/favicon.ico
185.177.94.108204 No Content 0 B URL HTTP/2 goldflowerservice.net/favicon.ico
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: goldflowerservice.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldflowerservice.net/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold1
Cookie: uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 13 Sep 2022 09:41:06 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ba297ff95ac339120722ddf2679b9ea8
8011f08c672dee179192201aa6e0a6b2449ef4fc
e70bab3053f87a268042dd0f0b230ae1e541146dccda4ce383db5ab9e0cc0cce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E70BAB3053F87A268042DD0F0B230AE1E541146DCCDA4CE383DB5AB9E0CC0CCE"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5435
Expires: Tue, 13 Sep 2022 11:11:41 GMT
Date: Tue, 13 Sep 2022 09:41:06 GMT
Connection: keep-alive
0.goldflowerservice.net/w66899721.js
185.177.94.108200 OK 49 B URL HTTP/2 0.goldflowerservice.net/w66899721.js
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 8b2c9a0f63099698ba10b15b41fa47e4
dba24ca51e5b2c0fba6fa07441972a2fcc217088
dbb05cc7642fa61c7cbeda7a9c1db3e43db644dfd78d14e4f8cf73df3b7689ad
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /w66899721.js HTTP/1.1
Host: 0.goldflowerservice.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70; uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 49
last-modified: Wed, 27 Jul 2022 05:35:25 GMT
etag: "62e0ce9d-31"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
0.goldflowerservice.net/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold1
185.177.94.108200 OK 53 kB URL HTTP/2 0.goldflowerservice.net/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold1
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (29334)
Hash f9fa75303decf76d202fc6166fc4346d
0e6e4bdb3707c9c22ca5569ad742a002d00acf40
72f41415c13214ad7ead948b863cf96b7b7c3fc5934f4ec56f12b74996044d9c
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold1 HTTP/1.1
Host: 0.goldflowerservice.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldflowerservice.net/
Cookie: uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:07 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70; expires=Thu, 13-Oct-2022 09:41:07 GMT; Max-Age=2592000; path=/; domain=0.goldflowerservice.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
1.goldflowerservice.net/w66899721.js
185.177.94.108200 OK 49 B URL HTTP/2 1.goldflowerservice.net/w66899721.js
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 8b2c9a0f63099698ba10b15b41fa47e4
dba24ca51e5b2c0fba6fa07441972a2fcc217088
dbb05cc7642fa61c7cbeda7a9c1db3e43db644dfd78d14e4f8cf73df3b7689ad
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /w66899721.js HTTP/1.1
Host: 1.goldflowerservice.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70; uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 49
last-modified: Wed, 27 Jul 2022 05:35:25 GMT
etag: "62e0ce9d-31"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
1.goldflowerservice.net/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold1
185.177.94.108200 OK 18 kB URL HTTP/2 1.goldflowerservice.net/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold1
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7636)
Hash 88658d5ad38a95a0cffa7586db8f0eaa
a6a575d35928946b46d614cdbb9cc69028ccb0c3
3e67a34c46acab8423290850d4a8be92a75125ac211ae128c806cd687b3064cc
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold1 HTTP/1.1
Host: 1.goldflowerservice.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.goldflowerservice.net/
Cookie: uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:07 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70; expires=Thu, 13-Oct-2022 09:41:07 GMT; Max-Age=2592000; path=/; domain=1.goldflowerservice.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
1.goldflowerservice.net/w66899721.js
185.177.94.108304 Not Modified 0 B URL HTTP/2 1.goldflowerservice.net/w66899721.js
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /w66899721.js HTTP/1.1
Host: 1.goldflowerservice.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70; uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70; uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 27 Jul 2022 05:35:25 GMT
If-None-Match: "62e0ce9d-31"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Tue, 13 Sep 2022 09:41:08 GMT
last-modified: Wed, 27 Jul 2022 05:35:25 GMT
etag: "62e0ce9d-31"
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ba297ff95ac339120722ddf2679b9ea8
8011f08c672dee179192201aa6e0a6b2449ef4fc
e70bab3053f87a268042dd0f0b230ae1e541146dccda4ce383db5ab9e0cc0cce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E70BAB3053F87A268042DD0F0B230AE1E541146DCCDA4CE383DB5AB9E0CC0CCE"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5433
Expires: Tue, 13 Sep 2022 11:11:41 GMT
Date: Tue, 13 Sep 2022 09:41:08 GMT
Connection: keep-alive
oo00.biz/sw/w1s.js
212.129.26.71200 OK 0 B IP 212.129.26.71:0
GET /sw/w1s.js HTTP/1.1
Host: oo00.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.goldflowerservice.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:07 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 09:41:07 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
goldflowerservice.net/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold1
185.177.94.108200 OK 0 B URL HTTP/2 goldflowerservice.net/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold1
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold1 HTTP/1.1
Host: goldflowerservice.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:06 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=ccf1e17e-2e2b-4862-a3c7-c93ca2fb2c70; expires=Thu, 13-Oct-2022 09:41:06 GMT; Max-Age=2592000; path=/; domain=goldflowerservice.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
185.182.56.24200 OK 0 B URL HTTP/2 audenaertbv.eu/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
IP 185.182.56.24:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Mar 2021 09:48:04 GMT
etag: "132c4-5bebde50a6ee8-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-scripts/89cac2e0bb99a34a58c96c788fce00dd.min.js?ver=3.2.1
185.182.56.24200 OK 0 B URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-scripts/89cac2e0bb99a34a58c96c788fce00dd.min.js?ver=3.2.1
IP 185.182.56.24:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-scripts/89cac2e0bb99a34a58c96c788fce00dd.min.js?ver=3.2.1 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Apr 2021 07:13:14 GMT
etag: "7162e-5c0764bd4f2ab-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: application/javascript
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
oo00.biz/sw/w1s.js
212.129.26.71200 OK 0 B IP 212.129.26.71:0
GET /sw/w1s.js HTTP/1.1
Host: oo00.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldflowerservice.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:06 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 09:41:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
load.bettershitecolumn.com/splash.js
91.211.91.104200 OK 0 B URL HTTP/2 load.bettershitecolumn.com/splash.js
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Analyzer Verdict Alert quad9 Sinkholed
GET /splash.js HTTP/1.1
Host: load.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 02 Sep 2022 10:55:58 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6311e13e-18e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/uploads/fusion-styles/92035dcdbbf9fb48f57f6e003abfecec.min.css?ver=3.2.1
185.182.56.24200 OK 0 B URL HTTP/2 audenaertbv.eu/wp-content/uploads/fusion-styles/92035dcdbbf9fb48f57f6e003abfecec.min.css?ver=3.2.1
IP 185.182.56.24:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-styles/92035dcdbbf9fb48f57f6e003abfecec.min.css?ver=3.2.1 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 May 2021 05:34:13 GMT
etag: "11a316-5c243980da1b3-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: text/css
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2
oo00.biz/sw/w1s.js
212.129.26.71200 OK 0 B IP 212.129.26.71:0
GET /sw/w1s.js HTTP/1.1
Host: oo00.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.goldflowerservice.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:07 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 09:41:07 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
oo00.biz/sw/w1s.js
212.83.131.39200 OK 0 B IP 212.83.131.39:0
GET /sw/w1s.js HTTP/1.1
Host: oo00.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:41:08 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 09:41:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
audenaertbv.eu/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
185.182.56.24200 OK 0 B URL HTTP/2 audenaertbv.eu/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
IP 185.182.56.24:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: audenaertbv.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://audenaertbv.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Mar 2021 09:48:04 GMT
etag: "13990-5bebde5064097-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
date: Tue, 13 Sep 2022 09:41:03 GMT
server: Apache/2
X-Firefox-Spdy: h2