| fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php | 87.98.154.146 | 404 Not Found | 42 kB |
URL User Request GET HTTP/2fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php IP87.98.154.146:443
CertificateIssuerLet's Encrypt Subjectfleurusentransition.be Fingerprint1F:DA:26:73:C3:2E:85:79:42:6F:96:18:3D:A6:E2:EE:0C:99:30:15 ValidityFri, 05 Apr 2024 18:50:21 GMT - Thu, 04 Jul 2024 18:50:20 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9462) Hashe72d759548c9cbdfaaec675779cea829 6e3b541b4e4bbd91c3d4dec19288aa86f8f1e42b 41c615847cc2f7fa298b3d056304b65156b13698dbff633af346545d87b86b0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/crop/sg.fr/cc.php HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 00:05:15 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/8.0
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://fleurusentransition.be/wp-json/>; rel="https://api.w.org/"
X-Firefox-Spdy: h2
|
|
| fleurusentransition.be/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 87.98.154.146 | 200 OK | 15 kB |
URL GET HTTP/1.1fleurusentransition.be/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
File typeASCII text, with very long lines (59701) Hash51a8390b47aa0582cf2d9c96c5addee2 b16a640874025d085c38119a1a02a3460f83f2de 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: text/css
content-length: 14991
server: Apache
last-modified: Thu, 25 Apr 2024 11:47:07 GMT
accept-ranges: none
cache-control: max-age=900
expires: Fri, 26 Apr 2024 00:20:16 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:2D61_57629A92:0050_662AEFBC_21442:7005
x-iplb-instance: 52438
|
|
| fleurusentransition.be/wp-content/uploads/elementor/css/post-6.css?ver=1714046114 | 87.98.154.146 | 200 OK | 388 B |
URL GET HTTP/1.1fleurusentransition.be/wp-content/uploads/elementor/css/post-6.css?ver=1714046114 IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
File typeASCII text, with very long lines (1169), with no line terminators Hashd459e899c49d6d417c3b04f4a66a5a06 132bc40fbbdaf1423a6c1eb469876e7447448f86 b155b5e27516f6e313cc34824d9113b9cf0575bf08bcf28151a5177181c78e2d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/post-6.css?ver=1714046114 HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: text/css
content-length: 388
server: Apache
last-modified: Thu, 25 Apr 2024 11:55:14 GMT
accept-ranges: none
cache-control: max-age=900
expires: Fri, 26 Apr 2024 00:20:16 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:49C8_57629A92:0050_662AEFBC_2B339:18A1
x-iplb-instance: 52399
|
|
| fleurusentransition.be/wp-content/themes/hello-elementor/theme.min.css?ver=3.0.1 | 87.98.154.146 | 200 OK | 1.3 kB |
URL GET HTTP/1.1fleurusentransition.be/wp-content/themes/hello-elementor/theme.min.css?ver=3.0.1 IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
File typeUnicode text, UTF-8 text, with very long lines (5127), with no line terminators Hash08fae0e9f8ce7e1cc244d6957a0fc71c 958fbf4f8b318e39612dd25eefae43c006769883 30c2e510f9fac929eeab0ea915d80904a4e72b22eb8612dd8c83c7dfb71862e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/hello-elementor/theme.min.css?ver=3.0.1 HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: text/css
content-length: 1306
server: Apache
last-modified: Thu, 25 Apr 2024 11:53:21 GMT
accept-ranges: none
cache-control: max-age=900
expires: Fri, 26 Apr 2024 00:20:16 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:2D61_57629A92:0050_662AEFBC_2144F:7005
x-iplb-instance: 52438
|
|
| fleurusentransition.be/wp-content/themes/hello-elementor/style.min.css?ver=3.0.1 | 87.98.154.146 | 200 OK | 1.9 kB |
URL GET HTTP/1.1fleurusentransition.be/wp-content/themes/hello-elementor/style.min.css?ver=3.0.1 IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
File typeASCII text, with very long lines (5756), with no line terminators Hash5be56bc9e617084e1cbb84c994912fc3 a3adca593d4ec4afb41e32d073405610ae37eef7 3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/hello-elementor/style.min.css?ver=3.0.1 HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: text/css
content-length: 1873
server: Apache
last-modified: Thu, 25 Apr 2024 11:53:21 GMT
accept-ranges: none
cache-control: max-age=900
expires: Fri, 26 Apr 2024 00:20:16 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:2AAD_57629A92:0050_662AEFBC_17E06:6A2E
x-iplb-instance: 52462
|
|
| fleurusentransition.be/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=3.0.1 | 87.98.154.146 | 200 OK | 887 B |
URL GET HTTP/1.1fleurusentransition.be/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=3.0.1 IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
File typeJavaScript source, ASCII text Hash37a18cd57014e833a5c4a7bfa6eea9b3 bdaa4dc40b15d010d66959bfe7a40b10292d1763 fad3123058cce0346ee9998342ef09cfa766dc1393ee3b5c2b450a18936c7d1b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=3.0.1 HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: application/javascript
content-length: 887
server: Apache
last-modified: Thu, 25 Apr 2024 11:53:21 GMT
accept-ranges: none
cache-control: max-age=900
expires: Fri, 26 Apr 2024 00:20:16 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:C02C_57629A92:0050_662AEFBC_3273C:43C4
x-iplb-instance: 52479
|
|
| fleurusentransition.be/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.21.2 | 87.98.154.146 | 200 OK | 14 kB |
URL GET HTTP/1.1fleurusentransition.be/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.21.2 IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
File typeASCII text, with very long lines (65496) Hash9ba7daedf5fc3c754f0828b13857b95b 2e163446a6bd8d41636582c32c3c16c602c89994 7ce79386cb4116aa50ba5a7bde5b102cb42f5fb2f005bfb6b1bc41994b4d7969
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.21.2 HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: text/css
content-length: 13913
server: Apache
last-modified: Thu, 25 Apr 2024 11:52:31 GMT
accept-ranges: none
cache-control: max-age=900
expires: Fri, 26 Apr 2024 00:20:16 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:0D5D_57629A92:0050_662AEFBC_2B33B:18A1
x-iplb-instance: 52399
|
|
| fleurusentransition.be/wp-content/themes/hello-elementor/header-footer.min.css?ver=3.0.1 | 87.98.154.146 | 200 OK | 1.5 kB |
URL GET HTTP/1.1fleurusentransition.be/wp-content/themes/hello-elementor/header-footer.min.css?ver=3.0.1 IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
File typeUnicode text, UTF-8 text, with very long lines (7323), with no line terminators Hash4f6608672aae4899d264369dd0c580d9 c4b0007b7f9377cd9d7c6b8106dffedaa03d1610 97a09cb2af7d4406f6163874dad15c607d571749611d00890d47143495a0a617
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/hello-elementor/header-footer.min.css?ver=3.0.1 HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: text/css
content-length: 1454
server: Apache
last-modified: Thu, 25 Apr 2024 11:53:21 GMT
accept-ranges: none
cache-control: max-age=900
expires: Fri, 26 Apr 2024 00:20:16 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:58E1_57629A92:0050_662AEFBC_2144E:7005
x-iplb-instance: 52438
|
|
| fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.5.2 | 142.250.74.106 | 200 OK | 6.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.5.2 IP142.250.74.106:443
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (15430) Hash56e723176d8c5a4c881ac124ee08b32d eee9149eb582e323f0445e8b38e1f30caad67371 664f8536d28ac30ad755e41814f6403b08c0561fcb73692dbec1b3c2a1e2534a
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 00:05:16 GMT
date: Fri, 26 Apr 2024 00:05:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php | 87.98.154.146 | 301 Moved Permanently | 116 kB |
URL User Request GET HTTP/2www.fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php IP87.98.154.146:443
CertificateIssuerLet's Encrypt Subjectfleurusentransition.be Fingerprint1F:DA:26:73:C3:2E:85:79:42:6F:96:18:3D:A6:E2:EE:0C:99:30:15 ValidityFri, 05 Apr 2024 18:50:21 GMT - Thu, 04 Jul 2024 18:50:20 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x1536, components 3 Size116 kB (115788 bytes) Hash29a43bc443e93daf36a25665dc38821f 473067284aec082e644368a8d97cb7fcd4cafb56 ff7c7c9410ef1c11ce4aede8b866d98069ba4c6895cbf23ce7d2a225c02ea1b0
Analyzer | Verdict | Alert | OpenPhish | phishing | Societe Generale | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/crop/sg.fr/cc.php HTTP/1.1
Host: www.fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 26 Apr 2024 00:05:15 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/8.0
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.67:443
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fleurusentransition.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 13:20:56 GMT
expires: Fri, 25 Apr 2025 13:20:56 GMT
cache-control: public, max-age=31536000
age: 38660
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.67:443
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fleurusentransition.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 16:27:38 GMT
expires: Wed, 23 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 200258
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fleurusentransition.be/favicon.ico | 87.98.154.146 | 302 Found | 0 B |
URL GET HTTP/1.1fleurusentransition.be/favicon.ico IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/8.0
link: <http://fleurusentransition.be/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: http://fleurusentransition.be/wp-includes/images/w-logo-blue-white-bg.png
x-iplb-request-id: 5B5A2A9A:0D5D_57629A92:0050_662AEFBC_2B3B7:18A1
x-iplb-instance: 52399
|
|
| fleurusentransition.be/wp-includes/images/w-logo-blue-white-bg.png | 87.98.154.146 | 200 OK | 4.1 kB |
URL GET HTTP/1.1fleurusentransition.be/wp-includes/images/w-logo-blue-white-bg.png IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced Hash000bf649cc8f6bf27cfb04d1bcdcd3c7 d73d2f6d74ec6cdcbae07955592962e77d8ae814 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: image/png
content-length: 4119
server: Apache
last-modified: Thu, 25 Apr 2024 11:44:38 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 26 Apr 2024 00:20:16 GMT
x-iplb-request-id: 5B5A2A9A:0D5D_57629A92:0050_662AEFBC_2B3DB:18A1
x-iplb-instance: 52399
|
|
| fleurusentransition.be/wp-content/uploads/2024/04/FET_logo-1536x1536.jpg | 87.98.154.146 | 200 OK | 116 kB |
URL GET HTTP/1.1fleurusentransition.be/wp-content/uploads/2024/04/FET_logo-1536x1536.jpg IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x1536, components 3 Size116 kB (115788 bytes) Hash29a43bc443e93daf36a25665dc38821f 473067284aec082e644368a8d97cb7fcd4cafb56 ff7c7c9410ef1c11ce4aede8b866d98069ba4c6895cbf23ce7d2a225c02ea1b0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2024/04/FET_logo-1536x1536.jpg HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: image/jpeg
content-length: 115788
server: Apache
last-modified: Thu, 25 Apr 2024 11:54:11 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 26 Apr 2024 00:20:16 GMT
x-iplb-request-id: 5B5A2A9A:0D5D_57629A92:0050_662AEFBC_2B35C:18A1
x-iplb-instance: 52399
|
|
| fleurusentransition.be/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 87.98.154.146 | 200 OK | 19 kB |
URL GET HTTP/1.1fleurusentransition.be/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP87.98.154.146:80
Requested byhttp://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: fleurusentransition.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fleurusentransition.be/wp-includes/js/crop/sg.fr/cc.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 00:05:16 GMT
content-type: application/javascript
content-length: 5062
server: Apache
last-modified: Thu, 25 Apr 2024 11:44:47 GMT
accept-ranges: none
cache-control: max-age=900
expires: Fri, 26 Apr 2024 00:20:16 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:2AAD_57629A92:0050_662AEFBC_17E30:6A2E
x-iplb-instance: 52462
|
|