r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7743
Expires: Sat, 03 Dec 2022 20:34:31 GMT
Date: Sat, 03 Dec 2022 18:25:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6211
Cache-Control: max-age=150555
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:28 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 12:14:43 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 18:18:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 432
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7802
Expires: Sat, 03 Dec 2022 20:35:30 GMT
Date: Sat, 03 Dec 2022 18:25:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d2DFy1j1MsQbZkbQAvuZQWdQILEOXlG2ByRPhjUe+znjf6ycrQ8FcmbkoQrtfznpuI9EN70xlRY=
x-amz-request-id: YYXX0N0PVEKNS3CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 17:46:39 GMT
age: 2329
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:25:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 18:08:58 GMT
cache-control: public,max-age=3600
age: 990
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
2d-distribution-ardres.com/
51.91.236.193301 Moved Permanently 0 B URL HTTP/1.1 2d-distribution-ardres.com/
IP 51.91.236.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
date: Sat, 03 Dec 2022 18:25:29 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.4
x-redirect-by: WordPress
location: https://2d-distribution-ardres.com/
x-iplb-request-id: 5B5A2A9A:6B02_335BECC1:0050_638B9498_34936:1C787
x-iplb-instance: 32678
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6200
Cache-Control: max-age=145482
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:29 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:50:11 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60b6349f777afcfb8053e223632aed58
86b25b1411314fda8f8518d28d20bbcbee8e3f0c
dc99bd250660a515bf1249a5920505c12d3101a397cf7e2d2d507fc0839ae930
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC99BD250660A515BF1249A5920505C12D3101A397CF7E2D2D507FC0839AE930"
Last-Modified: Fri, 02 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21551
Expires: Sun, 04 Dec 2022 00:24:40 GMT
Date: Sat, 03 Dec 2022 18:25:29 GMT
Connection: keep-alive
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w4btjv78WGhchW3s296p6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ucrhQwmFfTfii0C6xf0YcWy7ZLA=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8785
Expires: Sat, 03 Dec 2022 20:51:55 GMT
Date: Sat, 03 Dec 2022 18:25:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8785
Expires: Sat, 03 Dec 2022 20:51:55 GMT
Date: Sat, 03 Dec 2022 18:25:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20153
Expires: Sun, 04 Dec 2022 00:01:23 GMT
Date: Sat, 03 Dec 2022 18:25:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8785
Expires: Sat, 03 Dec 2022 20:51:55 GMT
Date: Sat, 03 Dec 2022 18:25:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20153
Expires: Sun, 04 Dec 2022 00:01:23 GMT
Date: Sat, 03 Dec 2022 18:25:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 62886
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 74064
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 48202
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:39:57 GMT
age: 74733
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bd85z5A6C0nxpDjeSEPp1NHJxXFO5sy1OgTLz7KpdWz61TNrfyQ47Q==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:53:20 GMT
age: 52330
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 11:01:04 GMT
age: 26666
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2
51.91.236.193200 OK 8.8 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2
IP 51.91.236.193:0
File type ASCII text, with very long lines (44114)
Hash 811424e7d6252b5481fd9e38e5b18167
d8e7351b56aba81e68821718b5251aea1697a6fc
bdf89e27472bb6421c502c9215469cc43deef57b61be375a4d27338b14b298f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 8808
server: Apache
last-modified: Fri, 30 Sep 2022 08:23:49 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
51.91.236.193200 OK 5.0 kB URL HTTP/2 2d-distribution-ardres.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 51.91.236.193:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 5009
server: Apache
last-modified: Wed, 25 May 2022 01:46:09 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
51.91.236.193200 OK 12 kB URL HTTP/2 2d-distribution-ardres.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 51.91.236.193:0
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 12518
server: Apache
last-modified: Wed, 16 Nov 2022 01:43:53 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.3
51.91.236.193200 OK 2.0 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.3
IP 51.91.236.193:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash 38b1f483d4bf6b1548990385c8673746
1668edb02c5170be308368292a4c12033d0a42f4
98138d83d7cb12e99802ba034b400a67e0d7b6e378d8bcd1b4d9f4fe44ce1111
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.3 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 1962
server: Apache
last-modified: Fri, 30 Sep 2022 08:42:24 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
51.91.236.193200 OK 972 B URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 51.91.236.193:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 972
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2
51.91.236.193200 OK 424 B URL HTTP/2 2d-distribution-ardres.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2
IP 51.91.236.193:0
File type ASCII text, with very long lines (882), with no line terminators
Hash ee80e5093d4e46344ea1eadd7306ae9f
63a9ad2501f4a6dc61ba9a31230ccb96e2fc99d9
ad7a17c7be30b44ef409671f71e0e2c6f99d839e1927a4825e6b3f930be4a7c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 424
server: Apache
last-modified: Fri, 30 Sep 2022 08:23:49 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.3
51.91.236.193200 OK 22 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.3
IP 51.91.236.193:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 9706fd6c4fd98d190897f3c107a53d72
906e95cc7656a85f2e3f4f5ac898b8d942017b59
288ec9bae1e7067e86acda75a521a85b46d8976f511e7894c962a58663ff00e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.3 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 22539
server: Apache
last-modified: Fri, 30 Sep 2022 08:42:24 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2
51.91.236.193200 OK 2.1 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2
IP 51.91.236.193:0
File type ASCII text, with very long lines (18333), with no line terminators
Hash 493b5458e78e50e8f3f4c5b7201f4fe5
827d9dd1a7048fc26cbbea5cca8a003917a55f08
21e51535a4b3701189a71e9a8a3760cd5392eefcc7fd835ca98c374809313d43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 2147
server: Apache
last-modified: Fri, 30 Sep 2022 08:23:49 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2
51.91.236.193200 OK 16 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2
IP 51.91.236.193:0
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Hash d3f08474921c6d851d14c2ed696171ba
a11eaa3c3efb9d26ddaab9f3556b116d7f0bcade
df57e23dcaa0a4737c4b68672b7277e3affb1cef2521e5eecc65238db3fcf770
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 16217
server: Apache
last-modified: Fri, 30 Sep 2022 08:23:49 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/variation-swatches-woo/assets/css/swatches.css?ver=1.0.4
51.91.236.193200 OK 1.8 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/variation-swatches-woo/assets/css/swatches.css?ver=1.0.4
IP 51.91.236.193:0
Hash a477bdeb5352758c19500c27ce1ce05e
d22fdf4c47d1828150345aba11dc3100e0fcf88e
b25631f8d8e671a89fc064af9ea506cb3687d9af9e6acea9bba7dbc74481eb2c
GET /wp-content/plugins/variation-swatches-woo/assets/css/swatches.css?ver=1.0.4 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 1751
server: Apache
last-modified: Fri, 30 Sep 2022 08:30:20 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
51.91.236.193200 OK 4.0 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 51.91.236.193:0
File type ASCII text, with very long lines (19233)
Hash 24dc15839234f4dbd06f677098762e1c
a285318fa3f4d9a1491f523f080cd32e1df12315
016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 3961
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
51.91.236.193200 OK 4.2 kB URL HTTP/2 2d-distribution-ardres.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 51.91.236.193:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 4169
server: Apache
last-modified: Thu, 18 Feb 2021 10:05:43 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
51.91.236.193200 OK 31 kB URL HTTP/2 2d-distribution-ardres.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 51.91.236.193:0
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 30995
server: Apache
last-modified: Wed, 02 Nov 2022 01:44:03 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.7
51.91.236.193200 OK 4.2 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (14869)
Hash 1fcdd9935a66511c3b8069495af248e3
b0e375ac95b547b3bb6ce74cd1bcc505ffc2281d
4a741209fc122872cb5ae018a5870d70848a616fa98eb4289ad78cec986ec282
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 4205
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7
51.91.236.193200 OK 855 B URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (13766)
Hash b67ce014664ad80f61a78b2721f5001f
80a3c23a3643598f590765c091f16008c834eb18
77f77a21706b27952b789ff364c6322da6675363d50bb0f9cdff7c4b6db6ec40
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 855
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/elementor/css/post-3049.css?ver=1664527587
51.91.236.193200 OK 358 B URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/elementor/css/post-3049.css?ver=1664527587
IP 51.91.236.193:0
File type ASCII text, with very long lines (1120), with no line terminators
Hash bb480c6bb873f5ff40365a0482b74ddb
ef84cbac1f79c8c92ca31708bb6108ff2a189575
7155b7da9366b7ae7a4f076670550ef74b8db1b54941c5ec9f5c3c362a7fc075
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-3049.css?ver=1664527587 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 358
server: Apache
last-modified: Fri, 30 Sep 2022 08:46:27 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7
51.91.236.193200 OK 20 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (65497)
Hash aabd344581399563134b985f514a1cd8
6b5a37930501a8b1ed54dd5f6c41251dd1943ecf
b4dee2a7a178a601312478f2b97c5b8aff205c8930669a9bf90825bb4a2a9bb1
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 20219
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
51.91.236.193200 OK 309 B URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 51.91.236.193:0
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 309
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
51.91.236.193200 OK 308 B URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 51.91.236.193:0
File type ASCII text, with very long lines (491)
Hash 851fd514d412b7e854365f20a4227c8a
08bf47072f70af1816450cc85a5efb3b8f9114d2
a9449e3cc7c003e5ed6b93bae7b0bba3e4f1713c52214f41d3591692a759b9d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 308
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.7
51.91.236.193200 OK 4.2 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (26516)
Hash d74abcef3df71d56667a44693f75c454
be993a7b5c88a550ef0dc19c4841f240e41967f8
8c8fb98c0a68a93f2bcf224fcc1bdaa1095fc1b3f5418f2e2c5fddcfa3dee410
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 4229
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.7
51.91.236.193200 OK 2.6 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (10019)
Hash 0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 2592
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2
51.91.236.193200 OK 870 B URL HTTP/2 2d-distribution-ardres.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2
IP 51.91.236.193:0
File type ASCII text, with very long lines (2928), with no line terminators
Hash d260c400d0c0214785505a3cfba4aedc
abba4472f22e548539920c5d0c1d261618e5d3ef
2ca4abc0e073bb4ff6d578a5a7fb89f3e5b79ff5b2d3dbfa0ea9fafc6ef9cec0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 870
server: Apache
last-modified: Fri, 30 Sep 2022 08:23:49 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2
51.91.236.193200 OK 4.1 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2
IP 51.91.236.193:0
File type ASCII text, with very long lines (16935), with no line terminators
Hash 757a17fde44c92828cafe307b596ceb9
02059cf326b80b0e75e8854362978b11b0967afa
0ed1f9942a2eed5143794f12eb7c4fffcbbda3019bf486949bd487099ece14c0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 4075
server: Apache
last-modified: Fri, 30 Sep 2022 08:23:49 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
51.91.236.193200 OK 2.9 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 51.91.236.193:0
File type ASCII text, with very long lines (9680), with no line terminators
Hash 7c2c4ebd10adb73367b5c5f0e1e5d3ce
a67e4fd0e3e7452e74b22517ba924b58307d7758
5244443e699788a134cc77adfc3fd18f03386df5fe49e6c82b057387ba4d0ebd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 2914
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
51.91.236.193200 OK 13 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 51.91.236.193:0
File type ASCII text, with very long lines (57726)
Hash 991d00cd7cb62d50a29295522d554f1f
e128a5238f141e9c4da1979716108d858340fe03
b8fcb61816168fc6a7ee01bb09fa4378398838dc6e4f49dc411872876355d113
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 12582
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.7
51.91.236.193200 OK 13 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (59158)
Hash d7913fc87c4606f82b4ee77a8d47fc2f
62a54acf7535ae53425b44dadfe5fdabf3d8300a
bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 12869
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
51.91.236.193200 OK 3.9 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 51.91.236.193:0
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash 7ef755c2700783f9eae63fc539149a18
e57c0c5ceb5e2fbf1aaad44aad6319f8b26b69a1
95c808afbeaf569865125c132b69df4a68bca03fd6b792d38ef9a0e341dbf06b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 3934
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.4
51.91.236.193200 OK 982 B URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.4
IP 51.91.236.193:0
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.4 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 982
server: Apache
last-modified: Fri, 30 Sep 2022 08:42:21 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.4
51.91.236.193200 OK 1.1 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.4
IP 51.91.236.193:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 0d03578b274ddfa19d4be46ff5d4f242
5d5322d264d2219c50b60abcf9625533088afbf2
342455e97f9438a6f336423fa4f6fc6dc59da5d84c23f4d39ebc5425aa9ada27
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.4 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 1086
server: Apache
last-modified: Fri, 30 Sep 2022 08:42:21 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.4
51.91.236.193200 OK 1.0 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.4
IP 51.91.236.193:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 45db3d2887c26700a51bf469e3bb3aa1
d070b5fb53d2fbb66964bbfd482270b855d0ee96
1abc0cff49f82d9a063c04cd086b991af6ad00467efc4cb8d8d4e3c9a0f95777
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.4 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 1039
server: Apache
last-modified: Fri, 30 Sep 2022 08:42:21 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.4
51.91.236.193200 OK 794 B URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.4
IP 51.91.236.193:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.4 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 794
server: Apache
last-modified: Fri, 30 Sep 2022 08:42:21 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.4
51.91.236.193200 OK 3.5 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.4
IP 51.91.236.193:0
File type ASCII text, with very long lines (9115)
Hash 4eb090d1d9263b041ec90bac1a6e6e8f
0b0a01684ed1e07a41a9f6eb02423738a68f8b12
f621d8d1bdc2c1508699ef2510c1b35122fef1ee7da3ed10fe66a881a6d882b2
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.4 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 3499
server: Apache
last-modified: Fri, 30 Sep 2022 08:42:21 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-includes/js/wp-util.min.js?ver=6.1.1
51.91.236.193200 OK 756 B URL HTTP/2 2d-distribution-ardres.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 51.91.236.193:0
File type ASCII text, with very long lines (1391)
Hash 838aa5f64f258023c2f4ced3125cc12e
0f9ba4eee7038506d01a6e741b16324ffb347fda
8212000a2ae7888dec134e6a079a16c19d71f6bcd0924384abb16027325ed218
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 756
server: Apache
last-modified: Wed, 02 Nov 2022 01:44:03 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 420c360df039738ee7cfc3920cc93552
60e03fd1c972ff8540657a0749039f485a75f9be
76636238a645dc67a188a47420247d819d52f543075a39e81ac69cb4c244dab5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5644
Cache-Control: max-age=145288
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Etag: "638b1317-117"
Expires: Mon, 05 Dec 2022 10:46:59 GMT
Last-Modified: Sat, 03 Dec 2022 09:12:55 GMT
Server: ECS (amb/6B76)
X-Cache: HIT
Content-Length: 279
2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.9.4
51.91.236.193200 OK 3.7 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.9.4
IP 51.91.236.193:0
File type ASCII text, with very long lines (13887), with no line terminators
Hash 9d985e151711f23efa0846e2d13c6af6
c700e1555f861a236f1956bb4f8726292fe056eb
50c7fea0f8c6df392ea08b883b9e4daf3ad889836f87aeefad8736939fda9956
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.9.4 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 3654
server: Apache
last-modified: Fri, 30 Sep 2022 08:42:21 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-includes/js/underscore.min.js?ver=1.13.4
51.91.236.193200 OK 7.3 kB URL HTTP/2 2d-distribution-ardres.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 51.91.236.193:0
File type ASCII text, with very long lines (18798)
Hash 3f92fc0fb188799b432341421df6cfde
09041f63af89e1164a53dec66eb7b2ac1dc58ba6
6b09e750d7ecaac14315f7c7e09b6de17f8d1f790b4acdc094b74832402aee31
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 7311
server: Apache
last-modified: Wed, 02 Nov 2022 01:44:03 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/variation-swatches-woo/assets/js/swatches.js?ver=1.0.4
51.91.236.193200 OK 3.8 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/variation-swatches-woo/assets/js/swatches.js?ver=1.0.4
IP 51.91.236.193:0
Hash 335c134014f8bce815518d936930a68f
898e658a17e9d5a04a9acd2caaa34c2828919a57
fa80349f71c8a67b72660804d23ba6b55a07402413ccfef7b1b9fa0b4748f52b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/variation-swatches-woo/assets/js/swatches.js?ver=1.0.4 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 3847
server: Apache
last-modified: Fri, 30 Sep 2022 08:30:20 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 420c360df039738ee7cfc3920cc93552
60e03fd1c972ff8540657a0749039f485a75f9be
76636238a645dc67a188a47420247d819d52f543075a39e81ac69cb4c244dab5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5644
Cache-Control: max-age=145288
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Etag: "638b1317-117"
Expires: Mon, 05 Dec 2022 10:46:59 GMT
Last-Modified: Sat, 03 Dec 2022 09:12:55 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
2d-distribution-ardres.com/wp-content/uploads/elementor/css/post-5333.css?ver=1668004408
51.91.236.193200 OK 4.0 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/elementor/css/post-5333.css?ver=1668004408
IP 51.91.236.193:0
File type ASCII text, with very long lines (53355), with no line terminators
Hash 1a7b4d38b7b1a411e557a97098dd89e8
36f0ef8330e193e8a51992dfc4dc5515654f09d7
134d4fd2311cea6372d8e3e1822a1ba23f8189fe17762f0cc0e85aae5256d223
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-5333.css?ver=1668004408 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 3977
server: Apache
last-modified: Wed, 09 Nov 2022 14:33:28 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7
51.91.236.193200 OK 2.2 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (4918)
Hash ac5286e01cb948466083b4a9db3725b1
158ee166465804fafaf226ed85b2243bb34d5fb1
e4ab2a0069a89260933d5fc4235c352cd504a7fe88d14c95ef66f46a680718b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 2193
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7
51.91.236.193200 OK 11 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7
IP 51.91.236.193:0
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash 540ab7a81306a8a45622d154e9df498b
f06d1223e432a8d648d15008c4dcd7306553e0ac
9f5782726439ecaa602bfb3f5d4762d50409899eb22562da187e252a3eaf0df9
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 10742
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
51.91.236.193200 OK 3.0 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 51.91.236.193:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 2993
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
51.91.236.193200 OK 36 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 51.91.236.193:0
File type ASCII text, with very long lines (65280)
Hash f2f239cb6e82311cd197aa5888632811
e2376a981fa3bf8e7e36e86b979f3a3ea6443d29
c4ceac2088d1b38f5263c50bdfb2e54ed643186248b3a81c5850214b55336e4d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 35491
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
51.91.236.193200 OK 3.4 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 51.91.236.193:0
File type ASCII text, with very long lines (10544)
Hash 88f71137b2a89a53df46cdb4deeb4e3d
426e12f0e8712db20afd2c54e77e1384074f3181
591a8b7a859de8af878c56e1ec72384596285f768387e9958f0a0afe53d89428
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 3446
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.7
51.91.236.193200 OK 1.1 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (2620), with no line terminators
Hash 366a9c35bbef9fea7021f6b1b56cf8d0
18feab78c61c6e8261db364d6681a9633041e837
b1108a264198109bc4e692e30e2dc7c148625fa9a3dce15477fc7618669c7a6f
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 1139
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4be8bdb5ee6f27027d0d35875265ca1a
18cea65a2a01b53d1e5425cf1c141b5a34e9742c
c273b899e938dd7c6adac5d8e860dfa93a93ea52dcc6b293f1c829cd15ea3516
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3521
Cache-Control: max-age=108952
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Etag: "638a8d72-116"
Expires: Mon, 05 Dec 2022 00:41:23 GMT
Last-Modified: Fri, 02 Dec 2022 23:42:42 GMT
Server: ECS (amb/6B76)
X-Cache: HIT
Content-Length: 278
2d-distribution-ardres.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
51.91.236.193200 OK 7.1 kB URL HTTP/2 2d-distribution-ardres.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 51.91.236.193:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash fc922a895f5f92269c928556b67564f6
8759e1f16a826dd6dd73f4161a65a79a049c4d6f
d7445c88608e9da487d81ef5167866c42ff1099b5f48efda4b5f5ac41aa7d9b8
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 7097
server: Apache
last-modified: Wed, 02 Nov 2022 01:44:03 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
jullyambery.net/api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8786x&format=arrjs&r=1664861252250
188.114.97.1204 No Content 0 B URL HTTP/2 jullyambery.net/api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8786x&format=arrjs&r=1664861252250
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8786x&format=arrjs&r=1664861252250 HTTP/1.1
Host: jullyambery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 18:25:31 GMT
set-cookie: _la=1670091931; Secure; SameSite=None
_lt=0; Secure; SameSite=None
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pujFKRjHiRtHQkWhJMEq4JMxmzt%2BE%2FUp2DHAsCddtg5AMo%2FWAya9GaGUY9eNtBFzwpRLtjtQvSdbbxggKKzgCWG%2BsBIj5%2Fur%2BrLhwHYsmqscqXqya9P0LdrthafIq1iTI4U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773e586afa5f0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7
51.91.236.193200 OK 12 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (40474)
Hash 9f98d9eb97acbaa6fdbecb9086f0eba1
b8f3c7e68de9fcbc87c3bb232f71800e62a2c2f7
1eff8a686486469b581f8ea377acaaedb79cc6339976d17c9392752be4c4a993
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 12045
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
jullyambery.net/api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8786x&format=arrjs&r=1664545988346
188.114.97.1204 No Content 0 B URL HTTP/2 jullyambery.net/api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8786x&format=arrjs&r=1664545988346
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8786x&format=arrjs&r=1664545988346 HTTP/1.1
Host: jullyambery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 18:25:31 GMT
set-cookie: _la=1670091931; Secure; SameSite=None
_lt=0; Secure; SameSite=None
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14MC9V7PYPBqCoHL4vRzhk5OnkBfH9EpggJcXx9G9LjdOUqbE%2Bfi5fNsXt51RxUfy6yxIcgYutdL5PFE4lE53OLzJE%2BVH56q7kZ9wPVQG%2FIbatSp96x9QLM8uK1RiR%2BCGTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773e586afa630b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4be8bdb5ee6f27027d0d35875265ca1a
18cea65a2a01b53d1e5425cf1c141b5a34e9742c
c273b899e938dd7c6adac5d8e860dfa93a93ea52dcc6b293f1c829cd15ea3516
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4132
Cache-Control: max-age=109563
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Etag: "638a8d72-116"
Expires: Mon, 05 Dec 2022 00:51:34 GMT
Last-Modified: Fri, 02 Dec 2022 23:42:42 GMT
Server: ECS (amb/6BB1)
X-Cache: HIT
Content-Length: 278
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.7
51.91.236.193200 OK 13 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (43101)
Hash 227f3f29a5ac2d74fec28aeb97d0768a
2a7516811b58b46c0ee982c7c6616c76433e19c5
dbc5b4077a4e85e9dedec28dd5c513cfdfbc672d16f8eb3eb7d2340188bcd6c6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 13121
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7
51.91.236.193200 OK 374 B URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7
IP 51.91.236.193:0
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
content-length: 374
server: Apache
last-modified: Fri, 30 Sep 2022 08:43:53 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 98c7cbe55ef2c03504de9a1c11c48448
5490eee01dd5cd3cdb1605e6fcf58bdb811a6197
dd553c506497567a0992dac8bd754285147008a0db2fae3a0fd94c3718ca06f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5670
Cache-Control: max-age=116907
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Etag: "638aa421-1d7"
Expires: Mon, 05 Dec 2022 02:53:58 GMT
Last-Modified: Sat, 03 Dec 2022 01:19:29 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=UA-181121662-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-181121662-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 231cdba80e3870034e25807add463306
044bd3ff517cc184ad40ebcfe164237913d88353
c0884f0c817526175eb0d79bcb3a14d2d81357550e5d1b62a1d58fd3050468bb
GET /gtag/js?id=UA-181121662-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 18:25:31 GMT
expires: Sat, 03 Dec 2022 18:25:31 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43578
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4be8bdb5ee6f27027d0d35875265ca1a
18cea65a2a01b53d1e5425cf1c141b5a34e9742c
c273b899e938dd7c6adac5d8e860dfa93a93ea52dcc6b293f1c829cd15ea3516
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3521
Cache-Control: max-age=108952
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Etag: "638a8d72-116"
Expires: Mon, 05 Dec 2022 00:41:23 GMT
Last-Modified: Fri, 02 Dec 2022 23:42:42 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 420c360df039738ee7cfc3920cc93552
60e03fd1c972ff8540657a0749039f485a75f9be
76636238a645dc67a188a47420247d819d52f543075a39e81ac69cb4c244dab5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5376
Cache-Control: max-age=145020
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Etag: "638b1317-117"
Expires: Mon, 05 Dec 2022 10:42:31 GMT
Last-Modified: Sat, 03 Dec 2022 09:12:55 GMT
Server: ECS (amb/6B79)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2d-distribution-ardres.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2
51.91.236.193200 OK 936 B URL HTTP/2 2d-distribution-ardres.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2
IP 51.91.236.193:0
File type ASCII text, with very long lines (5992), with no line terminators
Hash a57a348e593978ca4dad7d2927ff983c
df00fa58d343098632bdb9525e6dfe7acc99ff6d
1e1cf17a9bde06b7e012c6334fe7f7803359b0b705f965b8ef82df63a68e86a7
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
content-length: 936
server: Apache
last-modified: Fri, 30 Sep 2022 08:23:49 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2022/09/mariage.png
51.91.236.193200 OK 214 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2022/09/mariage.png
IP 51.91.236.193:0
File type PNG image data, 380 x 254, 8-bit/color RGB, non-interlaced\012- data
Size 214 kB (213991 bytes)
Hash 269f07f5f884b8c8e90293d4a0dff5f3
5331334a0d4ff852af812c441b77ac5b15a79811
ad2726fb81457569d64a0a73c2230dcb8619b58cceac383fb27dea76b3a4437b
GET /wp-content/uploads/2022/09/mariage.png HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/wp-content/uploads/elementor/css/post-5333.css?ver=1668004408
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: image/png
content-length: 213991
server: Apache
last-modified: Fri, 30 Sep 2022 09:18:02 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/themes/astra/assets/fonts/astra.woff
51.91.236.193200 OK 3.3 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/themes/astra/assets/fonts/astra.woff
IP 51.91.236.193:0
File type Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Hash bfe0ed8503c926d68f58ed0408dfe0d0
0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/x-font-woff
content-length: 3304
server: Apache
last-modified: Fri, 30 Sep 2022 08:23:49 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2022/09/134657.jpg
51.91.236.193200 OK 653 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2022/09/134657.jpg
IP 51.91.236.193:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=samsung, model=SM-A202F, orientation=upper-left, xresolution=152, yresolution=160, resolutionunit=2, software=GIMP 2.10.30, datetime=2022:09:30 14:51:48], progressive, precision 8, 1500x1125, components 3\012- data
Size 653 kB (652903 bytes)
Hash 9e5fef2513082d9f891abdb985399111
f4b748c0ad840ea5f3e682cc827b553989306376
10b53b68b3b76fc4229c67208a7e1fda8dbddf44ef61e6b60868e9e81eaced57
GET /wp-content/uploads/2022/09/134657.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/wp-content/uploads/elementor/css/post-5333.css?ver=1668004408
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: image/jpeg
content-length: 652903
server: Apache
last-modified: Fri, 30 Sep 2022 13:23:55 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2021/07/Barnum-2019-fete-foire-Fiennes.jpg
51.91.236.193200 OK 431 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2021/07/Barnum-2019-fete-foire-Fiennes.jpg
IP 51.91.236.193:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 600x600, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=9], progressive, precision 8, 1500x978, components 3\012- data
Size 431 kB (431257 bytes)
Hash 36c4766e2df2644fcfb134db09000f2b
229c9c3f4f0493655d59dd0df68470310a54716d
b242008ca8721914d428ab24e5a7e4b6c7528b5ac8a4792a613b663574564ea5
GET /wp-content/uploads/2021/07/Barnum-2019-fete-foire-Fiennes.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/wp-content/uploads/elementor/css/post-5333.css?ver=1668004408
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: image/jpeg
content-length: 431257
server: Apache
last-modified: Tue, 31 May 2022 13:33:22 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2020/09/photo-portable-045-scaled.jpg
51.91.236.193200 OK 1.1 MB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2020/09/photo-portable-045-scaled.jpg
IP 51.91.236.193:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, manufacturer=samsung, model=SM-J330FN, orientation=upper-left, xresolution=2248, yresolution=2256, resolutionunit=2, software=J330FNXXU1AQF9, datetime=2017:10:31 11:21:46, GPS-Data], baseline, precision 8, 2560x1920, components 3\012- data
Size 1.1 MB (1119206 bytes)
Hash 372dad1bde93996b462ef76e3161f43e
5c379020ae6093f6973d2d742f7f95ef9352a700
6be6767585c1e13188482e0c0b03e3b02bdc2e7c25bd5b5adbfabece8686221c
GET /wp-content/uploads/2020/09/photo-portable-045-scaled.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/wp-content/uploads/elementor/css/post-5333.css?ver=1668004408
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: image/jpeg
content-length: 1119206
server: Apache
last-modified: Fri, 18 Sep 2020 14:30:09 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
51.91.236.193200 OK 13 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 51.91.236.193:0
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-length: 13276
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
51.91.236.193200 OK 78 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 51.91.236.193:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-length: 78196
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
51.91.236.193200 OK 93 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 51.91.236.193:0
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-length: 93372
server: Apache
last-modified: Fri, 30 Sep 2022 08:40:34 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2022/09/cropped-Logo-2D-Distribution-V3-150x138.jpg
51.91.236.193200 OK 2.7 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2022/09/cropped-Logo-2D-Distribution-V3-150x138.jpg
IP 51.91.236.193:0
File type PNG image data, 50 x 47, 8-bit/color RGB, non-interlaced\012- data
Hash 2dabb78bd7907c9314bb8494d3919530
535d10cb694acf12d45928aeb746c4cb8c19adc3
76ad7d42f68285aef911dc6c713e2b637d26c8034f2d84a625483aeee130e60c
GET /wp-content/uploads/2022/09/cropped-Logo-2D-Distribution-V3-150x138.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: image/jpeg
content-length: 685147
server: Apache
last-modified: Fri, 30 Sep 2022 13:52:19 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2021/07/135600.jpg
51.91.236.193200 OK 376 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2021/07/135600.jpg
IP 51.91.236.193:0
Size 376 kB (375853 bytes)
Hash 29e3d7c2baa58b8d1720f8692cbf38ac
dda54e5575d432cb33e5fce3106048984fec65f9
d4d15727528e235805f3929696c43678e0d62de0823a7827a3043ec47dd816c4
GET /wp-content/uploads/2021/07/135600.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: image/jpeg
content-length: 375852
server: Apache
last-modified: Tue, 31 May 2022 15:32:21 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2d-distribution-ardres.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 430370
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2022/09/135908-300x300.jpg
51.91.236.193200 OK 20 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2022/09/135908-300x300.jpg
IP 51.91.236.193:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, description=II*, manufacturer=samsung, model=SM-A202F, orientation=upper-left, xresolution=164, yresolution=172, resolutionunit=2, software=GIMP 2.10.30, datetime=2022:09:30 14:55:39], baseline, precision 8, 300x300, components 3\012- data
Hash 8ab94742e2d3f7a65a1e6d4a4f95ced0
6efe09ce477fda817f9766b6c13bcbb31bad81aa
6ee1471b4ab35fd1e32591179cf5ce66b4d91ba765db7414c7a60ae3e1b257d4
GET /wp-content/uploads/2022/09/135908-300x300.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: image/jpeg
content-length: 20407
server: Apache
last-modified: Fri, 30 Sep 2022 13:23:50 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2020/11/IMG_0843-300x300.jpg
51.91.236.193200 OK 12 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2020/11/IMG_0843-300x300.jpg
IP 51.91.236.193:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, manufacturer=Apple, model=iPhone 12, orientation=upper-left, xresolution=186, yresolution=194, resolutionunit=2, software=14.1, datetime=2020:11:07 15:11:01], baseline, precision 8, 300x300, components 3\012- data
Hash 1faf68aeeb7bfce6fa6bfdc033c854a8
b67e9e505cd62679c94e5b69ff69e23cacd10c8c
0801da31e7988af5b055100e4214e554049dfa9955153d2b70fd7a82fcf79822
GET /wp-content/uploads/2020/11/IMG_0843-300x300.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: image/jpeg
content-length: 12121
server: Apache
last-modified: Tue, 10 Nov 2020 10:59:58 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2d-distribution-ardres.com/wp-content/uploads/2020/09/140800-300x300.jpg
51.91.236.193200 OK 21 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2020/09/140800-300x300.jpg
IP 51.91.236.193:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "binary comment", Exif Standard: [TIFF image data, little-endian, direntries=11, description=binary comment, manufacturer=samsung, model=SM-A202F, orientation=upper-left, xresolution=180, yresolution=188, resolutionunit=2, software=GIMP 2.10.22, datetime=2021:01:25 11:02:20], baseline, precision 8, 300x300, components 3\012- data
Hash 201954b5a2ce2e744109c5371904ea8d
7da956649140c8557df699e067ad41cdce75de21
50fe97147d219d215fbe9c670517dc7a1bae0052392cf4968959434fc30e1931
GET /wp-content/uploads/2020/09/140800-300x300.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: image/jpeg
content-length: 20890
server: Apache
last-modified: Mon, 25 Jan 2021 10:16:39 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2020/09/140926-300x300.jpg
51.91.236.193200 OK 20 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2020/09/140926-300x300.jpg
IP 51.91.236.193:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "binary comment", Exif Standard: [TIFF image data, little-endian, direntries=11, description=binary comment, manufacturer=samsung, model=SM-A202F, orientation=upper-left, xresolution=180, yresolution=188, resolutionunit=2, software=GIMP 2.10.22, datetime=2021:01:25 11:03:48 DIY-Thermocam raw data\012- (Lepton 2.x), scale 771-771, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, maximum point enabled, calibration: offset 0.000000, slope 11.063752], baseline, precision 8, 300x300, components 3\012- data
Hash add1eadaed474b148c7d4106c55f0d7d
c84290c8963f44ec3890d8887248ac2977f2a1fa
243348c63baf0cd0f48dae5562fe3bcd3f9c37bcd4bba6358c4dce54913dd5e6
GET /wp-content/uploads/2020/09/140926-300x300.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: image/jpeg
content-length: 19712
server: Apache
last-modified: Mon, 25 Jan 2021 10:16:53 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
142.250.74.35200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Hash 101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2d-distribution-ardres.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:12:24 GMT
expires: Wed, 29 Nov 2023 17:12:24 GMT
cache-control: public, max-age=31536000
age: 349987
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.stripe.com/v3/?ver=1.4.6
151.101.128.176200 OK 99 kB URL HTTP/2 js.stripe.com/v3/?ver=1.4.6
IP 151.101.128.176:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6e5a6dd75007e3427b2d7ebbc796d8d5
f8d14655e32400ab0f30786bcf9eda48632f2a62
20aec94da8a26beabb8ba676492ebce2ce5c449b5e7d6b36e679536c8f266db8
GET /v3/?ver=1.4.6 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 21:51:09 GMT
etag: "3095c268dab7dd627cd11dfb810a7f24"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Sat, 03 Dec 2022 18:25:31 GMT
via: 1.1 varnish
age: 49
x-request-id: 2be0daf0-1898-435b-a5b5-1d7e0bb06763
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
timing-allow-origin: *
content-length: 98959
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2022/09/cropped-cropped-Logo-2D-Distribution-V3-32x32.jpg
51.91.236.193200 OK 677 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2022/09/cropped-cropped-Logo-2D-Distribution-V3-32x32.jpg
IP 51.91.236.193:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.2 (Windows), datetime=2022:03:24 10:58:35], baseline, precision 8, 32x32, components 4\012- data
Size 677 kB (676638 bytes)
Hash 5fbc5f2fbdfc8f21973ab411c57f5e6e
42962e3ae9a0c0189e441389cbaf23e081edb8ad
3be3566e362b608e6bd1f74965ce688a38a7667f966645d926773a989a1e1a4c
GET /wp-content/uploads/2022/09/cropped-cropped-Logo-2D-Distribution-V3-32x32.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:32 GMT
content-type: image/jpeg
content-length: 676638
server: Apache
last-modified: Fri, 30 Sep 2022 09:48:15 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:32 GMT
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-content/uploads/2022/09/cropped-cropped-Logo-2D-Distribution-V3-192x192.jpg
51.91.236.193200 OK 690 kB URL HTTP/2 2d-distribution-ardres.com/wp-content/uploads/2022/09/cropped-cropped-Logo-2D-Distribution-V3-192x192.jpg
IP 51.91.236.193:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.2 (Windows), datetime=2022:03:24 10:58:35], baseline, precision 8, 192x192, components 4\012- data
Size 690 kB (689491 bytes)
Hash caa30961a46559e47fa728c276e28131
187e3c2f790d2ed5c8173ca4cb6a8849a7d5e55e
1002daa1caada625faecbf6dc9292af57ef6c62b0b316ab59c6e15fa0fe79e32
GET /wp-content/uploads/2022/09/cropped-cropped-Logo-2D-Distribution-V3-192x192.jpg HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:32 GMT
content-type: image/jpeg
content-length: 689491
server: Apache
last-modified: Fri, 30 Sep 2022 09:48:14 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:32 GMT
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
151.101.128.176200 OK 122 B URL HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 151.101.128.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 0fb49bf445ceac1dcb1b6c5d284a57a1
8988f3ceef20a494a419e595e8d802a0dc663c7a
5e0d98b9fefc9f5ccf02b5ac4f4e4de3fe727a1ac97a4cd778efd58062afd5e8
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Sat, 03 Dec 2022 18:25:32 GMT
via: 1.1 varnish
age: 1722007
x-request-id: 2538de2f-9bd4-4cc4-ae40-df45ab6dc26f
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 28514
vary: Accept-Encoding
timing-allow-origin: *
content-length: 122
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 16:46:55 GMT
expires: Sat, 03 Dec 2022 18:46:55 GMT
cache-control: public, max-age=7200
age: 5917
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
151.101.128.176200 OK 332 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP 151.101.128.176:0
File type ASCII text, with very long lines (526)
Hash ada7d17b721f065b91d249c998f2967e
1c686ed2c2218a3889b7d9a9b1acdf851b0bf563
12125f2ad96bb800b475309dcc276eeddffd6db095e29fe1f8514b3f8c7e544a
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "f8f6a4584135f737b26927596ce6e0a7"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Sat, 03 Dec 2022 18:25:32 GMT
via: 1.1 varnish
age: 1722007
x-request-id: d5ecbf8e-cd31-4f07-82ce-313d3ddc4844
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 24319
vary: Accept-Encoding
timing-allow-origin: *
content-length: 332
X-Firefox-Spdy: h2
m.stripe.network/inner.html
151.101.128.176200 OK 527 B URL HTTP/2 m.stripe.network/inner.html
IP 151.101.128.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash e02352ef72e8a9563463c07174b0e50f
7a41613f7eae0819d1a4785eae3617fdbb33b9b3
2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 18:25:32 GMT
via: 1.1 varnish
age: 61
x-request-id: 03988337-4c8b-4f76-8579-c132fac65564
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 26
x-timer: S1670091933.621736,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
151.101.128.176200 OK 16 kB URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 151.101.128.176:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 0b880c6e7a381ef1f81263cf34c54e79
af46e0111cb22576b07084f4b49be7b41b5fc3ca
115ea79f002c0c2e3405178f66ce92ecb5173e7678f692ab65d6bbf526880b7b
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 18:25:32 GMT
via: 1.1 varnish
age: 123
x-request-id: 687a3bf4-6f4e-40cf-91a0-d60cb6345ccd
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 54
x-timer: S1670091933.653732,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 16031
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc8b2cd3de11edcd009fc9334ebf2007
a15fc7e8a3e5d094497a812ff5a902712608156a
c6cf47c29316de0dde85f90b6f8773f74d3c0c60f1755feb3f3aba59b7038fd8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4433
Cache-Control: max-age=99079
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:25:33 GMT
Etag: "638a6353-1d7"
Expires: Sun, 04 Dec 2022 21:56:52 GMT
Last-Modified: Fri, 02 Dec 2022 20:42:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
m.stripe.com/6
52.89.87.125200 OK 156 B IP 52.89.87.125:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 47d95c0c6dbc7bd6935eb9dee49f8e4e
6cbb427a81fd4617b33e00909eb66c55ae4bb986
b55b5a4c18a049d9667ba1a90a1bfacbf8cbf93b2a1bff96161b24f32f7dfff6
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2260
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:25:33 GMT
content-length: 156
set-cookie: m=cc44aed6-3043-4fd1-8b01-2ed5dba39ffde42ade;Expires=Mon, 02-Dec-2024 18:25:33 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
2d-distribution-ardres.com/wp-includes/css/dashicons.min.css?ver=6.1.1
51.91.236.193200 OK 0 B URL HTTP/2 2d-distribution-ardres.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 51.91.236.193:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/css
server: Apache
last-modified: Thu, 15 Apr 2021 13:43:24 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 03 Dec 2022 18:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
2d-distribution-ardres.com/?wc-ajax=get_refreshed_fragments
51.91.236.193200 OK 0 B URL HTTP/2 2d-distribution-ardres.com/?wc-ajax=get_refreshed_fragments
IP 51.91.236.193:0
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://2d-distribution-ardres.com
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:33 GMT
content-type: application/json; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4
access-control-allow-origin: https://2d-distribution-ardres.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
X-Firefox-Spdy: h2
2d-distribution-ardres.com/
51.91.236.193200 OK 0 B URL HTTP/2 2d-distribution-ardres.com/
IP 51.91.236.193:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 2d-distribution-ardres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:30 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4
link: <https://2d-distribution-ardres.com/wp-json/>; rel="https://api.w.org/", <https://2d-distribution-ardres.com/wp-json/wp/v2/pages/5333>; rel="alternate"; type="application/json", <https://2d-distribution-ardres.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
toolsmagick.com/ext/2252259d09bdba7f1b.js?sid=52646_8786_&title=qqq&blocks[]=31af2
188.114.97.1404 Not Found 0 B URL HTTP/2 toolsmagick.com/ext/2252259d09bdba7f1b.js?sid=52646_8786_&title=qqq&blocks[]=31af2
IP 188.114.97.1:0
GET /ext/2252259d09bdba7f1b.js?sid=52646_8786_&title=qqq&blocks[]=31af2 HTTP/1.1
Host: toolsmagick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: text/html; charset=UTF-8
x-node-name: front1
cache-control: max-age=14400
cf-cache-status: HIT
age: 113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jvw5lrupkRYmHJ4R9IltyEkOKB6d6euJZgWf%2FlTzBT0JiNLkk8J9a0rd2j5sNbp%2Fd9ofAod%2FzeIknZ5MdoGPPmswk1oJE2rD28jSgy6lDgEO0EptJVxIovw8kLG9obBE6D0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e586b8dad0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
toolsmagick.com/2252259d09bdba7f1b.js
188.114.97.1200 OK 0 B URL HTTP/2 toolsmagick.com/2252259d09bdba7f1b.js
IP 188.114.97.1:0
Analyzer Verdict Alert fortinet Malware
GET /2252259d09bdba7f1b.js HTTP/1.1
Host: toolsmagick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 12:47:34 GMT
etag: W/"63441466-32526"
expires: Sat, 03 Dec 2022 18:53:36 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSym3KuCneAzGP8ULrogZv2yKiy6iRCY76kodprg17aM8aKMwBkaaRs0nynoEb8ojzqhJUIk8Xk1WWkD81nIWRLrt%2B01JKaYBuwKZ4Pz70piO29LSENHa6eVnUVrIJAU6%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e586b8da70b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CMerriweather%3A700&display=fallback&ver=3.9.2
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CMerriweather%3A700&display=fallback&ver=3.9.2
IP 142.250.74.106:0
GET /css?family=Open+Sans%3A400%2C600%7CMerriweather%3A700&display=fallback&ver=3.9.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 18:25:31 GMT
date: Sat, 03 Dec 2022 18:25:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 18:25:31 GMT
date: Sat, 03 Dec 2022 18:25:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hublosk.com/js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8786x
188.114.96.1200 OK 0 B URL HTTP/2 hublosk.com/js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8786x
IP 188.114.96.1:0
GET /js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8786x HTTP/1.1
Host: hublosk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2d-distribution-ardres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:25:31 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 18:23:37 GMT
referrer-policy: no-referrer
cache-control: max-age=14400
cf-cache-status: HIT
age: 114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpVga%2BsqM9RE4V6PE0kprXECIf8rseQoRKIp5cYw%2BvTWGzSxYiT0%2B8ubN1bNkoqcP%2BU1ASGr0BMP18GWQcxHCVMyeWj1BOC62jYMTBCQmeZEkQa6lBv2netiJmqG4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e586b8dc5b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2