r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3343
Expires: Sat, 03 Dec 2022 23:50:37 GMT
Date: Sat, 03 Dec 2022 22:54:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2569
Cache-Control: max-age=130747
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:54:54 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:14:01 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 22:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2094
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11052
Expires: Sun, 04 Dec 2022 01:59:06 GMT
Date: Sat, 03 Dec 2022 22:54:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FWpCDFrzonQr4BBs829YlX+dWQExS0WbEjpjebfOAgTgetPkO/gliC+atkDCopj2GDvxJ1Ti7yI=
x-amz-request-id: 7Y3JGG0D3PH3XM8X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 22:46:44 GMT
age: 490
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 22:54:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 22:08:58 GMT
cache-control: public,max-age=3600
age: 2757
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2565
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:54:55 GMT
Etag: "638b11ab-1d7"
Last-Modified: Sat, 03 Dec 2022 22:12:10 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
galadiversite.com/?pharmacie=30172
198.187.29.77200 OK 14 kB URL HTTP/1.1 galadiversite.com/?pharmacie=30172
IP 198.187.29.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Hash 1a0e2096331a1aa410e9fa84e8bf355d
d635be70b37ca577a1caa62a05d8f58b68528d3c
cece375599c349515b7dea7c119371db871e00a01511ba76df67fc120a8b74fa
Analyzer Verdict Alert fortinet Malware
GET /?pharmacie=30172 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:54 GMT
server: Apache
link: <http://galadiversite.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 14354
content-type: text/html; charset=UTF-8
galadiversite.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
198.187.29.77200 OK 12 kB URL HTTP/1.1 galadiversite.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Sat, 12 Nov 2022 01:26:46 GMT
etag: "172a9-5ed3be649c180-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 12518
content-type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
galadiversite.com/wp-content/themes/broadnews/assets/sidr/css/jquery.sidr.dark.css?ver=6.1.1
198.187.29.77200 OK 424 B URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/sidr/css/jquery.sidr.dark.css?ver=6.1.1
IP 198.187.29.77:0
Hash 47d8d4fbb591cb0114c4a8bdbe2b6fe5
33aa571cb52739d91f2bb3240d0e51acd98ef4a3
ca4f5172f1cbbdcf9ec9a3fa6e9767f3336081631f8811d3f2c2de25f8c40c83
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/sidr/css/jquery.sidr.dark.css?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "3e6-5ee251a1ac39d-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 424
content-type: text/css
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7n6W2AOUyVdnLwUdD2oCzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N3m9KWttUEbZSP+4fQncZBbDjm4=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
galadiversite.com/wp-content/themes/broadnews/assets/magnific-popup/magnific-popup.css?ver=6.1.1
198.187.29.77200 OK 1.8 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/magnific-popup/magnific-popup.css?ver=6.1.1
IP 198.187.29.77:0
Hash 24d43b806e85342a40e2da6970fdfaa0
b365e6daf45244233ffac6681aa3dad08a26f2c5
dcf879e6dd283fcbef1dc4a0392fbd2ec5ea512b31a97f64ea3076fc392d784e
GET /wp-content/themes/broadnews/assets/magnific-popup/magnific-popup.css?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "1b27-5ee251a19a673-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1816
content-type: text/css
galadiversite.com/wp-content/themes/broadnews/assets/jquery.cookie.js?ver=6.1.1
198.187.29.77200 OK 1.4 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/jquery.cookie.js?ver=6.1.1
IP 198.187.29.77:0
Hash 6dd3cde18a3b5a9dde1b2b766137afa5
b5d2c2d5e6d9317c5f7bb97227d30e334e8f3b03
d32265fc59a99736a3bfeacb73fa40ed34d672cd396a6d8c95ef38af59343a89
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/jquery.cookie.js?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "c43-5ee251a19834b-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1395
content-type: application/x-javascript
galadiversite.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
198.187.29.77200 OK 4.2 kB URL HTTP/1.1 galadiversite.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 198.187.29.77:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
etag: "2bd8-5b466b8f0b580-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 4169
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/assets/toggle-script.js?ver=20221215
198.187.29.77200 OK 459 B URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/toggle-script.js?ver=20221215
IP 198.187.29.77:0
Hash 11b4efe5bfdf167015db4bd0442a43ec
37a4f9c46185757e74972339fb7e3328e57dbb09
58bfb56e420bcd67a2d623b673037b7e95bfdc10f7c5910d81a236f1945e2855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/toggle-script.js?ver=20221215 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "620-5ee251a1acb6d-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 459
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/js/skip-link-focus-fix.js?ver=20151215
198.187.29.77200 OK 417 B URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/js/skip-link-focus-fix.js?ver=20151215
IP 198.187.29.77:0
Hash 73f7704398d8f6be9748d30791950984
3231f3786c364c7665cd7123d8fae0f42bbfd836
c1d9b23aff05fb52e5d6e68aff86d808097185c6dbaac6c3fc3ec6e5bea31ef4
GET /wp-content/themes/broadnews/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "2ad-5ee251a195853-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 417
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/assets/slick/js/slick.min.js?ver=6.1.1
198.187.29.77200 OK 10 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/slick/js/slick.min.js?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (32076)
Hash 7a6b74fb1418a5e7a5518d5a9fe2bb06
aef7197c8eeedcb350e55e20d07d203cc1891ad9
30d505b8d798cdf8fc55db71deb5b5e51453a33868c362886942066d6e2ab33c
GET /wp-content/themes/broadnews/assets/slick/js/slick.min.js?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "a3e1-5ee251a1992eb-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 10170
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/assets/bootstrap/js/bootstrap.min.js?ver=6.1.1
198.187.29.77200 OK 15 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/bootstrap/js/bootstrap.min.js?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (57791)
Hash 8bb3945227e1ceccd93c18a630645a56
28b4d3aa5f151f69b07a18473c573a2497b78b40
e1f775a895f5a67ac1e639ef6375bdfb8692649fa33f0c2f1ef182e534f46119
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/bootstrap/js/bootstrap.min.js?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "e2af-5ee251a196bdb-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 15406
content-type: application/x-javascript
galadiversite.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
198.187.29.77200 OK 31 kB URL HTTP/1.1 galadiversite.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Mon, 19 Sep 2022 23:46:24 GMT
etag: "15e54-5e91051c27400-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 30995
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/assets/sidr/js/jquery.sidr.min.js?ver=6.1.1
198.187.29.77200 OK 2.6 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/sidr/js/jquery.sidr.min.js?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (6911)
Hash 607e2ec47e0820ea409fb9bcd26412f0
cce67536de15e4e1659749c9f8614e4308254d9d
319c3d7255565c5846e8bad209d3662be6051750029b7f9f1ce566ea92fdcf30
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/sidr/js/jquery.sidr.min.js?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "1b7a-5ee251a1abfb5-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 2624
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1
198.187.29.77200 OK 7.3 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (20089)
Hash ca3216a12e89a478953f9c77b4fc4d0e
4bf4f7f3be4d5d58c40749c05f72ba1e58e470f6
62dde86e38e270dbb8a28e6b60a45fa72ca90b7e5f8a6ff7e9c3b1bb75369cd2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "4efa-5ee251a19a28b-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 7349
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=6.1.1
198.187.29.77200 OK 1.4 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (521)
Hash 6854ce63cc086200aa71576b39853b9e
730966815d508402656927acbe9cec04ade5653d
aa723b8c98664c269cce42764cb97dc72e0c76b21565532a68767f6f11c4c5ce
GET /wp-content/themes/broadnews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "d34-5ee251a199ea3-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1383
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/style.css?ver=6.1.1
198.187.29.77200 OK 50 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/style.css?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (1023)
Hash a2a2a761d8ddfa8451b72ea90d4c82c3
798130447b327fe63221ee52a4fdeb3425dc0a66
b4c344951d0908610fbed66e9bc19b6f2974bf6b4958256fbb6fa71d26c0ad36
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/style.css?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "5d133-5ee251a19546b-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 50101
content-type: text/css
galadiversite.com/wp-content/themes/broadnews/assets/marquee/jquery.marquee.js?ver=6.1.1
198.187.29.77200 OK 4.6 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/marquee/jquery.marquee.js?ver=6.1.1
IP 198.187.29.77:0
Hash 07af940acc15897ad24dc2b2fe736284
950539f6bd9b156749ff8a974afa4d9f22177c65
4c5ffc82b8b920fe2081d670da1b3296d7eba9f8baa2644f63c308d0966eedb2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/marquee/jquery.marquee.js?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "5947-5ee251a197b7b-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 4569
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/assets/theiaStickySidebar/theia-sticky-sidebar.min.js?ver=6.1.1
198.187.29.77200 OK 1.7 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/theiaStickySidebar/theia-sticky-sidebar.min.js?ver=6.1.1
IP 198.187.29.77:0
File type HTML document, ASCII text, with very long lines (5370)
Hash 530e24738e50b6239389ec591c9888c2
daeb9775792c67a977f20a0e2f741f52f2ff7ba8
87cae8baa1ea6875e78a6b01cb9100d725c4df0adffa2eaa24c384bc2383afdb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/theiaStickySidebar/theia-sticky-sidebar.min.js?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "14fc-5ee251a198733-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1742
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/assets/script.js?ver=6.1.1
198.187.29.77200 OK 4.5 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/script.js?ver=6.1.1
IP 198.187.29.77:0
Hash 3f797b366ba443d918b3c2a6e403d638
93c8aa538017bc9715aef2bbcddc561c34b57d69
d679b5720ae00f326d3c44588e7d3b9ab51268d9ca77e1efd839f87ee7af2490
GET /wp-content/themes/broadnews/assets/script.js?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "9dc6-5ee251a197f63-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 4494
content-type: application/x-javascript
galadiversite.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
198.187.29.77200 OK 5.0 kB URL HTTP/1.1 galadiversite.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
etag: "48b9-5dc76af02c800-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 5009
content-type: application/x-javascript
galadiversite.com/wp-includes/css/classic-themes.min.css?ver=1
198.187.29.77200 OK 189 B URL HTTP/1.1 galadiversite.com/wp-includes/css/classic-themes.min.css?ver=1
IP 198.187.29.77:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
etag: "d9-5ebe414b48900-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 189
content-type: text/css
galadiversite.com/wp-content/themes/broadnews/assets/slick/css/slick.min.css?ver=6.1.1
198.187.29.77200 OK 479 B URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/slick/css/slick.min.css?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (1297), with no line terminators
Hash dccd4582f989e4502f589bbee430768b
74a54c10b7d3de27d692bf8cbbe93199c91c75f6
5548bf564e1afd4c6600b1fbdca874aee07e965a24dcaf6ce673624114e5bb3f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/slick/css/slick.min.css?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "511-5ee251a199abb-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 479
content-type: text/css
galadiversite.com/wp-content/themes/broadnews/js/navigation.js?ver=20151215
198.187.29.77200 OK 1.1 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/js/navigation.js?ver=20151215
IP 198.187.29.77:0
Hash 7eec6995203e3994a2714c41a388df66
99c08555971c9962b5ade2806e05ed29d0f00258
040c47ba29f4c8eefa8d359cd715eadc0888aa080ce6187a23b8eb8852bc54b9
GET /wp-content/themes/broadnews/js/navigation.js?ver=20151215 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:55 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "b97-5ee251a195853-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:55 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1094
content-type: application/x-javascript
galadiversite.com/wp-content/themes/broadnews/assets/font-awesome/css/all.min.css?ver=6.1.1
198.187.29.77200 OK 13 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/font-awesome/css/all.min.css?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (59158)
Hash d7913fc87c4606f82b4ee77a8d47fc2f
62a54acf7535ae53425b44dadfe5fdabf3d8300a
bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/font-awesome/css/all.min.css?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "e7d0-5ee251a1ab3fd-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 12869
content-type: text/css
galadiversite.com/wp-content/themes/broadnews/assets/bootstrap/css/bootstrap.min.css?ver=6.1.1
198.187.29.77200 OK 20 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/bootstrap/css/bootstrap.min.css?ver=6.1.1
IP 198.187.29.77:0
File type ASCII text, with very long lines (65371)
Hash 42aef8e180629527d041e40f121c4c8c
568bee596958a02cf212cd71c5df2e57377f1d90
636df2f015831dce0d981ec734550cb5b8e3a8c5cac034d1fba67615110b17f8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/bootstrap/css/bootstrap.min.css?ver=6.1.1 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "1d988-5ee251a1973ab-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 19702
content-type: text/css
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16034
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sat, 03 Dec 2022 22:54:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16034
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sat, 03 Dec 2022 22:54:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16034
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sat, 03 Dec 2022 22:54:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16034
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sat, 03 Dec 2022 22:54:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 3129
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:26:43 GMT
age: 55693
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16034
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sat, 03 Dec 2022 22:54:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1521243a6fc065bb631bfbde22886fa2
527220e4e8cd1065ce05fcd0694d0d703d817e2e
b83ebf768bbfb34f49d5467f3dfb43ceb3ca3d30d3454e6f37db9aef72d7689a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t1vmY4fBoLpFjqHbLyMewgUrpvRjqG4QTAuA4BeB4Gl2jqbxI0gYQA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:08 GMT
age: 3888
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 3738
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bdd9e42d71307b201929c3a38c745c6
8d3a7f830e57e936a1da8a001f3e78108b20c038
6e1063a755d64c8102867cd9b347eb83fca2c69af558f111abc46f523a8294da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4377
x-amzn-requestid: 33abcd00-02ec-47ba-9302-312453291913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb29cG53IAMFkGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d1ef-317a802f0f84d73949236b9f;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:58:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I6rq82k7xO6aUJRsx-cb9j-_qk4p9L1WmMIoYyxAxXq6LQ1FlF_kdA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:56:23 GMT
age: 53913
etag: "8d3a7f830e57e936a1da8a001f3e78108b20c038"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba55fcdd-99de-4263-a327-f32d949e3f4c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba55fcdd-99de-4263-a327-f32d949e3f4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cefedc4583864e81ce91d9ac4344010
cdbd2e1c3c3afe7de3da0173747e0e31f799d8aa
0547a7d9ae068c4455301bb22115951a0801afc39b5ac3365603718f15ac2c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba55fcdd-99de-4263-a327-f32d949e3f4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10946
x-amzn-requestid: 682432f3-e895-4853-a4db-b0b632f42271
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNF4DoAMF1Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-3d4c1d6365f0435f271debd4;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: q3jVo8FqiJAPSqb0VSknzQ6B40cTR3NRm2Uah17_Y4bbntAYY7jl3g==
via: 1.1 fc9b6e8f934a073c1a1983c7599b93ba.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:01:06 GMT
age: 3230
etag: "cdbd2e1c3c3afe7de3da0173747e0e31f799d8aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
142.250.74.35200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://galadiversite.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:17:08 GMT
expires: Tue, 28 Nov 2023 21:17:08 GMT
cache-control: public, max-age=31536000
age: 437868
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://galadiversite.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 271241
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://galadiversite.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 271262
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
galadiversite.com/wp-content/themes/broadnews/assets/font-awesome/webfonts/fa-regular-400.woff2
198.187.29.77200 OK 13 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/font-awesome/webfonts/fa-regular-400.woff2
IP 198.187.29.77:0
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://galadiversite.com/wp-content/themes/broadnews/assets/font-awesome/css/all.min.css?ver=6.1.1
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "33dc-5ee251a19c5b4"
accept-ranges: bytes
content-length: 13276
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
content-type: application/font-woff2
galadiversite.com/wp-content/uploads/2022/11/Micro-Gaming.png
198.187.29.77200 OK 3.5 kB URL HTTP/1.1 galadiversite.com/wp-content/uploads/2022/11/Micro-Gaming.png
IP 198.187.29.77:0
File type PNG image data, 301 x 167, 8-bit colormap, non-interlaced\012- data
Hash 6652d4be9f4fdcbfa4b616e80c6b1425
0deebafd3e403b7d5e262ecfa674dbcede5f5282
ae151e557998dce398ac50d36b0dd57d10541367a968a4466d72514768b56afe
GET /wp-content/uploads/2022/11/Micro-Gaming.png HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Fri, 25 Nov 2022 07:54:01 GMT
etag: "dda-5ee46d330852a"
accept-ranges: bytes
content-length: 3546
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/png
galadiversite.com/wp-content/uploads/2022/11/Cara-Daftar-Sbobet-Situs-Judi-Online-Terbaik-No.-1-di-Indonesia-300x156.jpeg
198.187.29.77200 OK 9.0 kB URL HTTP/1.1 galadiversite.com/wp-content/uploads/2022/11/Cara-Daftar-Sbobet-Situs-Judi-Online-Terbaik-No.-1-di-Indonesia-300x156.jpeg
IP 198.187.29.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x156, components 3\012- data
Hash d8173d2ea3173a88c6be6c6a3749709b
04390efc2c5c0b3348c1abd4ad2fc70c4b5d18fd
b0016ab93fdc677606fc116c31ab051b35bcf61f9f5dd53875924fafb6d20943
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/11/Cara-Daftar-Sbobet-Situs-Judi-Online-Terbaik-No.-1-di-Indonesia-300x156.jpeg HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Fri, 25 Nov 2022 08:01:42 GMT
etag: "2301-5ee46eea619a1"
accept-ranges: bytes
content-length: 8961
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
galadiversite.com/wp-content/uploads/2022/11/Slot88.jpeg
198.187.29.77200 OK 21 kB URL HTTP/1.1 galadiversite.com/wp-content/uploads/2022/11/Slot88.jpeg
IP 198.187.29.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 277x182, components 3\012- data
Hash cf3f511bec87b728431942c681895bb9
9afd96914be74e57c2dbd88a8ec93815e0cc3691
25bb9a56382dc3a26e34f4d05de1d628af95837b78edaff697ca5453755268d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/11/Slot88.jpeg HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Fri, 25 Nov 2022 06:37:31 GMT
etag: "506c-5ee45c19c1633"
accept-ranges: bytes
content-length: 20588
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
galadiversite.com/wp-content/uploads/2022/12/Judi-Deposit-OVO-Banyak-Untungnya-300x200.jpeg
198.187.29.77200 OK 19 kB URL HTTP/1.1 galadiversite.com/wp-content/uploads/2022/12/Judi-Deposit-OVO-Banyak-Untungnya-300x200.jpeg
IP 198.187.29.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x200, components 3\012- data
Hash e1dd6acd924b3a4481672c22e5c63144
6f0a5cc50ae22438e13eb0cf86708cc5e1358bf2
5d09c54cb6ab1cead9e0447bf3a7587f274093b62f6410ff109689497e7bded6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/12/Judi-Deposit-OVO-Banyak-Untungnya-300x200.jpeg HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:51:07 GMT
etag: "4a1e-5eec4834b9f91"
accept-ranges: bytes
content-length: 18974
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
galadiversite.com/wp-content/uploads/2022/11/cropped-WKWKWK-ICON-32x32.jpeg
198.187.29.77200 OK 1.2 kB URL HTTP/1.1 galadiversite.com/wp-content/uploads/2022/11/cropped-WKWKWK-ICON-32x32.jpeg
IP 198.187.29.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash 63b084563d9e009b989c5e6b94837092
a31cf0cdb4b24de3071f86687c5552e4e0b10c97
8d916e713ab8bb23af0c9ae6bfa1a6494f95e7630855b28ae2284970c344fdec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/11/cropped-WKWKWK-ICON-32x32.jpeg HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:57 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:47 GMT
etag: "484-5ee251cc89277"
accept-ranges: bytes
content-length: 1156
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:57 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
galadiversite.com/wp-content/uploads/2022/11/cropped-WKWKWK-ICON-192x192.jpeg
198.187.29.77200 OK 7.5 kB URL HTTP/1.1 galadiversite.com/wp-content/uploads/2022/11/cropped-WKWKWK-ICON-192x192.jpeg
IP 198.187.29.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash fcdc683b9d9d22ac2307699a2c334a45
55732a5fbe579c465b703385c1fdb444d07e9a41
0df66ab60cd1c46ed9a69caafbe70e0ffebd90f82521c0e7f5eda9fd9b30dcaf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/11/cropped-WKWKWK-ICON-192x192.jpeg HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:57 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:47 GMT
etag: "1d20-5ee251cc82ce6"
accept-ranges: bytes
content-length: 7456
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:57 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
galadiversite.com/wp-content/themes/broadnews/assets/font-awesome/webfonts/fa-solid-900.woff2
198.187.29.77200 OK 78 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/font-awesome/webfonts/fa-solid-900.woff2
IP 198.187.29.77:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://galadiversite.com/wp-content/themes/broadnews/assets/font-awesome/css/all.min.css?ver=6.1.1
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:56 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "13174-5ee251a19c1cc"
accept-ranges: bytes
content-length: 78196
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:56 GMT
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
content-type: application/font-woff2
galadiversite.com/wp-content/themes/broadnews/assets/img/default-header-image.jpeg
198.187.29.77200 OK 187 kB URL HTTP/1.1 galadiversite.com/wp-content/themes/broadnews/assets/img/default-header-image.jpeg
IP 198.187.29.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1500x399, components 3\012- data
Size 187 kB (187003 bytes)
Hash 1cb0d1dba49d6eaf2dede5192e4e2b7f
0b358d86424988131b7d0669f1f9ae75405ea871
4a50bae87f9ff60eccd6c3e182707d60f0e9a6985b4686b005f21b524366fdeb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/broadnews/assets/img/default-header-image.jpeg HTTP/1.1
Host: galadiversite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://galadiversite.com/?pharmacie=30172
Connection: keep-alive
HTTP/1.1 200 OK
date: Sat, 03 Dec 2022 22:54:57 GMT
server: Apache
last-modified: Wed, 23 Nov 2022 15:40:02 GMT
etag: "2da7b-5ee251a198b1b"
accept-ranges: bytes
content-length: 187003
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 22:54:57 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
fonts.googleapis.com/css?family=Oswald:300,400,700|Roboto:100,300,400,500,700|Oswald:300,400,700&subset=latin,latin-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:300,400,700|Roboto:100,300,400,500,700|Oswald:300,400,700&subset=latin,latin-ext
IP 142.250.74.106:0
GET /css?family=Oswald:300,400,700|Roboto:100,300,400,500,700|Oswald:300,400,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://galadiversite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 22:54:55 GMT
date: Sat, 03 Dec 2022 22:54:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2