Report - crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe

Report Overview

Submitted URL
crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
IP
157.245.193.166
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2023-05-07 03:04:44
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
70

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.linearicons.com	39017	2013-12-10	2016-09-23	2023-05-05	961 B	25 kB	54.230.111.5
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-06	3.3 kB	7.0 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-06	5.6 kB	431 kB	216.58.207.227
client.relay.crisp.chat	17983	2017-06-09	2017-07-02	2023-05-06	1.2 kB	876 B	134.209.238.18
client.crisp.chat	19483	2017-06-09	2017-07-02	2023-05-06	2.8 kB	790 kB	104.18.29.91
www.youtube.com	90	2005-02-15	2013-04-13	2023-05-06	859 B	61 kB	172.217.21.174
crane.mn	unknown	2011-07-18	2017-01-19	2023-05-05	1.5 kB	275 kB	157.245.193.166
www.crane.mn	unknown	2011-07-18	2017-05-16	2023-05-05	28 kB	1.7 MB	157.245.193.166
maps.googleapis.com	33876	2005-01-25	2019-10-17	2023-05-06	1.8 kB	180 kB	142.250.74.106
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-06	1.5 kB	29 kB	142.250.74.106
use.fontawesome.com	942	2012-10-18	2017-01-30	2023-05-06	1.5 kB	136 kB	172.64.133.15

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-07 03:04:27	high	Client IP	157.245.193.166	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
2023-05-07 03:04:27	high	Client IP	157.245.193.166	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
2023-05-07 03:04:27	high	Client IP	157.245.193.166	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
2023-05-07 03:04:27	high	Client IP	157.245.193.166	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-07	medium	crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
2023-05-07	medium	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
2023-05-07	medium	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
2023-05-07	medium	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
2023-05-07	medium	www.crane.mn/wp-includes/css/dist/block-library/style.min.css?ver=6.2
2023-05-07	medium	www.crane.mn/wp-includes/css/classic-themes.min.css?ver=6.2
2023-05-07	medium	www.crane.mn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6
2023-05-07	medium	www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/css/themes/default/style.css?ver=3.1.6
2023-05-07	medium	www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.4.2
2023-05-07	medium	www.crane.mn/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.2
2023-05-07	medium	www.crane.mn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=5.1.0
2023-05-07	medium	www.crane.mn/wp-content/plugins/woocommerce/assets/css/select2.css?ver=5.4.2
2023-05-07	medium	www.crane.mn/wp-content/themes/backhoe/style.css?ver=6.2
2023-05-07	medium	www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
2023-05-07	medium	www.crane.mn/wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2
2023-05-07	medium	www.crane.mn/wp-content/themes/backhoe/css/icofont.min.css?ver=6.2
2023-05-07	medium	www.crane.mn/wp-content/plugins/checkout-field-editor-and-manager-for-woocommerce/assets/css/frontend.css?ver=2.2.12
2023-05-07	medium	www.crane.mn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
2023-05-07	medium	www.crane.mn/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
2023-05-07	medium	www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.4.2
2023-05-07	medium	www.crane.mn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.2
2023-05-07	medium	www.crane.mn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.2
2023-05-07	medium	www.crane.mn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
2023-05-07	medium	www.crane.mn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
2023-05-07	medium	www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.4.2
2023-05-07	medium	www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.4.2
2023-05-07	medium	www.crane.mn/wp-includes/js/hoverIntent.min.js?ver=1.10.2
2023-05-07	medium	www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.min.js?ver=3.3.11
2023-05-07	medium	www.crane.mn/wp-content/themes/backhoe/js/wd-script.min.js?ver=1.0.0
2023-05-07	medium	www.crane.mn/wp-content/themes/backhoe/css/webfonts/fa-brands-400.woff2
2023-05-07	medium	www.crane.mn/wp-content/themes/backhoe/images/icon/search-icon.svg
2023-05-07	medium	www.crane.mn/wp-content/themes/backhoe/css/webfonts/fa-solid-900.woff2
2023-05-07	medium	www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.4.2
2023-05-07	medium	www.crane.mn/wp-content/themes/backhoe/css/fonts/icofont.woff2
2023-05-07	medium	www.crane.mn/?wc-ajax=get_refreshed_fragments

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (39)

	URL	Size	First Seen	Last Seen
	www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/public.js?ver=3.1.6	70 B	2023-03-07	2024-06-03
Pretty URL www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/public.js?ver=3.1.6 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:00 Last Seen2024-06-03 03:56:49 Times Seen90 Hash 0eed9f60ef6db19e86ee4442d638288c 9f39bbd81968b3c0a006d11a0489fbc841915ca1 a916587d16d42bf8da553c8675b0f80ffbb596a48aaf18e17d3b2618c1074c00 Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	2.2 kB	2023-04-24	2023-05-10
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-24 10:51:22 Last Seen2023-05-10 11:05:16 Times Seen11 Hash 00daf24728174e505e85e7415072622a 4b24ec101b7b406087b401ca2c7e1d6df8c3657c d6f52f495d685060c740d5f81a0ce133f0c257f8202f1454611f061e707cf749 Loading...

	client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1648018704892	1.2 kB	2023-04-24	2024-02-01
Pretty URL client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1648018704892 IP 104.18.29.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-24 10:51:22 Last Seen2024-02-01 20:04:41 Times Seen17 Hash 8b01b3f2bedbccd9774515b66057a198 14ddd92ce9dad3b637e5da6d4ea30945547782f8 a1771b712c3220dec72932a2104e27fd2853f10817d166ca759282550be1c80b Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	328 B	2023-04-24	2024-02-01
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-24 10:51:22 Last Seen2024-02-01 20:04:40 Times Seen15 Hash a86cd72a49d1cf7ef801f691689058dd 0235476bc01207484fbc7a315482095ec748c20b 6beb13c1c5a2965488576c18291125b006ee24a79485f509b25c4310f1eabcbe Loading...

	www.crane.mn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0	992 B	2023-03-07	2024-07-26
Pretty URL www.crane.mn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-07-26 08:46:50 Times Seen7383 Hash 787fe4f547a6cb7f4ce4934641085910 c2dee88d5bdfef214ce9c56f71a1df51cda0f328 654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79 Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	238 B	2023-04-24	2024-02-01
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-24 10:51:22 Last Seen2024-02-01 20:04:40 Times Seen15 Hash 35475087746112955610380ddac3c82c 26b8a91e7314fe4941c746d2786fc27a563ebfea 3364aa22270f5f5274ca17038315697df6fc81c5b6b665de6f3589e84b4c3d88 Loading...

	www.crane.mn/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6	10 kB	2023-03-29	2024-07-27
Pretty URL www.crane.mn/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:17:20 Last Seen2024-07-27 00:50:03 Times Seen26872 Hash 7be65ac27024c7b5686f9d7c49690799 241ada4a86443adc5623d1a3a8018a96d9de6d5a 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84 Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	2.3 kB	2023-03-07	2024-07-27
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:18 Last Seen2024-07-27 00:50:32 Times Seen5145 Hash 6f740b956919fbaa673bb496be184ac1 fa7d2aef8069f1be31c655fb889c897eae36757a c8d83f1bd6a850a6f197b9bcce38828132ad627358b9c2c78e7c4bef4d22c304 Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	717 B	2023-04-24	2024-02-01
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-24 10:51:22 Last Seen2024-02-01 20:04:40 Times Seen15 Hash b8a50cb9787982918fa129125f0b58f7 84c4fca4cf7afea014fe755d29c6261bc64b26c7 fa313708fd6be5c9391c3f5e72c1a05c6d66adf3efeb340e6c477aa2de7d3205 Loading...

	www.crane.mn/wp-content/themes/backhoe/js/wd-script.min.js?ver=1.0.0	999 kB	2023-04-24	2024-02-01
Pretty URL www.crane.mn/wp-content/themes/backhoe/js/wd-script.min.js?ver=1.0.0 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-24 10:51:22 Last Seen2024-02-01 20:04:41 Times Seen30 Hash becddc38092e19b4fff2ffb7a4b1cadc 80d7d01fc23ea666ba7ac8f35b4284d0267110ef 3dd90f0a13492ea40e036f625f0262cba8f4d6a15aeccddc234a0d8bf587defb Loading...

	www.crane.mn/wp-includes/js/jquery/jquery.min.js?ver=3.6.3	90 kB	2023-03-29	2024-07-26
Pretty URL www.crane.mn/wp-includes/js/jquery/jquery.min.js?ver=3.6.3 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:52:25 Last Seen2024-07-26 23:27:21 Times Seen104449 Hash 0e850a69bc7fd0acc2e92ce6eee87959 8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a Loading...

	www.crane.mn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.2	124 kB	2023-03-07	2024-07-26
Pretty URL www.crane.mn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.2 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-07-26 05:09:23 Times Seen2449 Hash 04f0a5790668162c9241bfd598d6400c dd55a501364bbd8a0b43eca3cd681748cd89a03e 463f24ed151c0bc8775c09e92c3885fd96dc17f1e91ca64d70f3ba9600e0eb86 Loading...

	maps.googleapis.com/maps/api/js?key=AIzaSyAt5Tz4MjqnrWrh72b0077A1-F3YJ7RHWw&ver=4.4.2	192 kB	2023-05-07	2023-05-07
Pretty URL maps.googleapis.com/maps/api/js?key=AIzaSyAt5Tz4MjqnrWrh72b0077A1-F3YJ7RHWw&ver=4.4.2 IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-07 05:04:46 Last Seen2023-05-07 05:04:46 Times Seen2 Hash 641e30a1d1482eb76ea3237d32748f23 185965cce6c8c8768571d2bfd9048d61d0a931a9 adf6c3102e3cf87b866ba05d5a68ec889ff6e960b0551126e1799daa7a43dbf9 Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	152 B	2023-03-07	2024-07-27
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:09 Last Seen2024-07-27 01:54:35 Times Seen22285 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js	188 kB	2023-05-04	2023-05-10
Pretty URL www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-04 05:28:18 Last Seen2023-05-10 14:46:20 Times Seen1005 Hash c001d183b9ef1e183bbb963c2a236446 96ec745b88efb2d36a0b7678bed801b43db693bd 07c6733fdbc08bb75f154508d9414199f89121ff4f7b1347699b338fb01fa81b Loading...

	www.crane.mn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70	9.5 kB	2023-03-07	2024-07-27
Pretty URL www.crane.mn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-07-27 00:50:35 Times Seen1910 Hash 2e96f622673104a3fb67ab56f849c073 f4c17ae4709cad9bc997357581f4e30fc4bbee2c b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe Loading...

	www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.4.2	3.0 kB	2023-03-07	2024-07-27
Pretty URL www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.4.2 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-07-27 00:50:35 Times Seen6253 Hash 8bc2109ef48cabf7a26b73d7c3536c5f 0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b 8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8 Loading...

	client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-4-7-3-4	212 B	2023-04-24	2024-02-01
Pretty URL client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-4-7-3-4 IP 104.18.29.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-24 10:51:22 Last Seen2024-02-01 20:04:41 Times Seen17 Hash 52606d960decce3723579dcaa4583029 04186fda82a559468d05d8ce84794359a0db6b9f 5d63957c5beada61166e2eacdfdcc389fc81092486da77486d344acd089d9b4d Loading...

	maps.googleapis.com/maps-api-v3/api/js/53/2/util.js	168 kB	2023-05-03	2024-05-25
Pretty URL maps.googleapis.com/maps-api-v3/api/js/53/2/util.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 23:14:37 Last Seen2024-05-25 11:21:13 Times Seen4175 Hash 3feaa09fb04acf9f6da77be6041d401d 69d933586b4e303dd08deb4e22defdd1b46302aa 95f1569a878d15b1cbff84a4fa17273d7a1244228beb97071b227a308d4e92c8 Loading...

	www.crane.mn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4	1.8 kB	2023-03-07	2024-07-27
Pretty URL www.crane.mn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-07-27 00:50:35 Times Seen22517 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.4.2	2.9 kB	2023-03-07	2024-07-27
Pretty URL www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.4.2 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-07-27 00:50:35 Times Seen3225 Hash 51af5d767f0300f23ecec6298b707395 5eb2d3d937fe0392a974937125d0420666b9396c 9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	139 B	2023-04-24	2024-02-01
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-24 10:51:22 Last Seen2024-02-01 20:04:41 Times Seen14 Hash 59198e1f081c0bc081c25bc59769e7ba 1cf86a77c554bb1de9ae609d967bc31c2f87550f f241f30e9672cb4312be4addafe89884795e3aa99cace8452ce388f5c652bac2 Loading...

	www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.state.js?ver=3.3.11	4.6 kB	2023-03-10	2024-06-03
Pretty URL www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.state.js?ver=3.3.11 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:56:02 Last Seen2024-06-03 03:56:49 Times Seen84 Hash 3f1d73737bbb085881cd6cb0d6e55836 60edf484896f1ce5c8d7ee6e65013ef0cc139e37 2f09cb385f853a2405c94276901f80b33faaabd6ce6b50412a52d04168b9599c Loading...

	www.crane.mn/wp-includes/js/hoverIntent.min.js?ver=1.10.2	1.5 kB	2023-03-07	2024-07-27
Pretty URL www.crane.mn/wp-includes/js/hoverIntent.min.js?ver=1.10.2 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-07-27 01:35:57 Times Seen29137 Hash 8c0498e2f1f7a684a8d2a3feb934b64b 76099689ccaee466d4608da621c403b368dcae03 ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	135 B	2023-03-07	2024-07-27
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:50 Last Seen2024-07-27 01:35:56 Times Seen28279 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	294 B	2023-04-24	2024-02-01
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-24 10:51:22 Last Seen2024-02-01 20:04:41 Times Seen15 Hash 8b9fd90973815d2b493c2deb4370fb66 db2599710d0677495c6edc4b0055c1f31648cf62 a10119d5eed77be3d72b82280b5ce9f2ee9668ad1ada2489810de7c2e119e8c2 Loading...

	www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.4.2	2.1 kB	2023-03-07	2024-07-27
Pretty URL www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.4.2 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-07-27 00:50:35 Times Seen23278 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	client.crisp.chat/static/javascripts/client.js?d2149b0	411 kB	2023-04-05	2023-05-11
Pretty URL client.crisp.chat/static/javascripts/client.js?d2149b0 IP 104.18.29.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 11:06:23 Last Seen2023-05-11 15:03:09 Times Seen125 Hash ed3501b05f72489828df85c4e7312918 46c27eac4dea6384838aa50543b06d0609b78c78 9b42874ae84e98c2fe7770c32473b44f7cbf51de1d88ad9b50e7e17632d258b2 Loading...

	www.crane.mn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0	13 kB	2023-03-07	2024-07-27
Pretty URL www.crane.mn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2024-07-27 01:29:34 Times Seen77551 Hash 5cfa2b481de6e87c2190a0e3538515d8 0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3 Loading...

	www.crane.mn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6	13 kB	2023-03-29	2024-07-27
Pretty URL www.crane.mn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:17:20 Last Seen2024-07-27 00:50:03 Times Seen39558 Hash 5bc2b1fa970f9cecb3c30c0c92c98271 7c6bb87aaa24714b7b3b3c86dd932736a80270a9 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e Loading...

	www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.min.js?ver=3.3.11	140 kB	2023-03-10	2024-06-03
Pretty URL www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.min.js?ver=3.3.11 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:56:02 Last Seen2024-06-03 03:56:50 Times Seen106 Hash 3dccd3bc41733da4e8b5a838caaa01d1 553532bbbff45c91f4350cefeccb537c1bf21cb2 28a790b68f5cb79e5dcf19b499021e13e39e174b236fdcb4dc87be72d9acbd67 Loading...

	www.youtube.com/iframe_api	1.1 kB	2023-05-04	2023-05-10
Pretty URL www.youtube.com/iframe_api IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-04 05:28:18 Last Seen2023-05-10 14:46:20 Times Seen762 Hash bb0b03fdecd24b7e512de964e542e9ad b19c94762bef9d50ed07e3517ec35a20c293d36a d9fbd32212b5e1d8c88a8fa8215367e8f9c5679417529f9debfc3546834231bc Loading...

	maps.googleapis.com/maps-api-v3/api/js/53/2/common.js	278 kB	2023-05-03	2024-05-25
Pretty URL maps.googleapis.com/maps-api-v3/api/js/53/2/common.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 23:14:37 Last Seen2024-05-25 11:21:13 Times Seen4190 Hash 6b01fcc87e10dca2341d270bf33cc50f 4fd9422e876508c8a57b475de55030fea0c57044 5ef97ede8fb5768a69b62bbd9a4c3c560a6fdb8d45ca3f2ac95739e4565e52a4 Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	491 B	2023-03-07	2024-07-26
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:50 Last Seen2024-07-26 01:28:19 Times Seen2085 Hash eda0861d93eea53c3286b2fd93d2e42d 979767d815a8847b00fe1d45a5757fdf67b8ca1b 6e799f88d7836b96f8d81538a375039937e497b6a103bd1d259dfef980fdf926 Loading...

	client.crisp.chat/l.js?ver=6.2	8.4 kB	2023-04-05	2023-05-11
Pretty URL client.crisp.chat/l.js?ver=6.2 IP 104.18.29.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:47:46 Last Seen2023-05-11 15:03:09 Times Seen119 Hash 1ee3f3604fff7585a3c8531ef5b03632 a54968ae079389d1dca67460dfdab3bd5860f852 99607131ec05f0f953aad264fc55c203e31e2919f850c225120e7dd02ffa1c48 Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	274 B	2023-05-05	2023-05-10
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 18:22:34 Last Seen2023-05-10 11:05:16 Times Seen7 Hash 11a000813d9d7937a55f3a07f3aa75ba d23a660c1793d6b9d92be6e63102ee0c9fe65348 1c984552c4969f1d98ef5746d6d02ecd3a486a9628aeae765866b060ab46ab15 Loading...

	client.crisp.chat/static/javascripts/locales/mn.js?d2149b0	9.6 kB	2023-04-24	2023-05-10
Pretty URL client.crisp.chat/static/javascripts/locales/mn.js?d2149b0 IP 104.18.29.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-24 10:51:22 Last Seen2023-05-10 11:05:16 Times Seen11 Hash 6af9aa8a577e1918a66864fa7d0f8966 c6c8765c24f3733289c6dd16957856e2eb7f475b 789d5382eac67460e1c6d65cd964a1241f922ba20003269a7955d55101dfc424 Loading...

	www.crane.mn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.2	355 kB	2023-03-07	2024-07-26
Pretty URL www.crane.mn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.2 IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:41 Last Seen2024-07-26 05:09:23 Times Seen300 Hash 5d7ef8ed127a54955fa70c01e9e9d402 74ebade50757f313fe6d12c5e4c6286a4c5d5232 e81c22d1a77b671fbcf24f7df0989beff94e148f006ceac5273cc7a2e2adf9ca Loading...

	www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe	111 B	2023-04-24	2024-02-01
Pretty URL www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe IP 157.245.193.166 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-24 10:51:22 Last Seen2024-02-01 20:04:41 Times Seen15 Hash eb5e827dcc27fd1e0ae276521a7a10bf 3653a98b2736e6626ec56178465d5fc8754dc3ca f98a8a0c6b662668139b929cac54d20b476b5d230cdcb2f9c3202c50a4cceb82 Loading...

HTTP Transactions (98)

URL IP Response Size

crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe

157.245.193.166

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe HTTP/1.1
Host: crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sun, 07 May 2023 03:04:23 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe

157.245.193.166

404 Not Found

67 kB

URL User Request GET HTTP/1.1
www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9838), with CRLF, LF line terminators
Size
67 kB (66707 bytes)
Hash
40ad5f798059250e5cf49e161c386902
f4fe9f8db0c3040e473c6e5b5ff984f6bb22e4f5
4f5f05cdf31c98773ad6dd916ca143799c849661efffe9f0d89221ab69748195

Detections

Analyzer	Verdict	Alert
fortinet	Malware

NIDS	Severity	Alert
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious

HTTP Headers

GET /wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Sun, 07 May 2023 03:04:24 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.crane.mn/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe

157.245.193.166

404 Not Found

375 B

URL User Request GET HTTP/1.1
www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
375 B (375 bytes)
Hash
555388a71e6dace97bbd2d13bf329f52
75d65ab78dc983f80e31c5ea135473bd5390ba7a
62b595aeb143b3f9d16d4ec24c595e3e0b304c99d119242cc474fb8a8dae6076

Detections

Analyzer	Verdict	Alert
fortinet	Malware

NIDS	Severity	Alert
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious

HTTP Headers

GET /wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sun, 07 May 2023 03:04:25 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Content-Length: 375
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe

157.245.193.166

404 Not Found

67 kB

URL User Request GET HTTP/1.1
www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9838), with CRLF, LF line terminators
Size
67 kB (66707 bytes)
Hash
40ad5f798059250e5cf49e161c386902
f4fe9f8db0c3040e473c6e5b5ff984f6bb22e4f5
4f5f05cdf31c98773ad6dd916ca143799c849661efffe9f0d89221ab69748195

Detections

Analyzer	Verdict	Alert
fortinet	Malware

NIDS	Severity	Alert
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata	high	ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious

HTTP Headers

GET /wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Sun, 07 May 2023 03:04:25 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.crane.mn/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cdn.linearicons.com/free/1.0.0/icon-font.min.css

54.230.111.5

200 OK

1.7 kB

URL GET HTTP/2
cdn.linearicons.com/free/1.0.0/icon-font.min.css
IP
54.230.111.5:443
ASN
#16509 AMAZON-02

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerAmazon
Subjectcdn.linearicons.com
Fingerprint71:4D:78:8E:12:B7:39:86:3D:93:98:33:2A:BE:FB:38:B4:AC:25:0C
ValidityThu, 23 Feb 2023 00:00:00 GMT - Sat, 20 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7191)
Size
1.7 kB (1672 bytes)
Hash
0b704046d76bb4d3929be4f7f20472f5
564f70325044cf9834f70d9689463cbfb8a53b71
511ae4f5d6a1803848d68c82cd61d2ad1ed3a1c65037e2cbcf9a7edd2fa6fa5d

HTTP Headers

GET /free/1.0.0/icon-font.min.css HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 1672
date: Fri, 31 Mar 2023 06:49:04 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 27 May 2015 16:04:10 GMT
etag: "0b704046d76bb4d3929be4f7f20472f5"
cache-control: max-age=31000000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uAdGZmlAVBdybuiY_EW3F1AdKnH0AVo3c9cPglhgVMvh_YbGQ5UXhQ==
age: 3183323
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ee783513f226811bb582d061c5dc6b7
f526d3b264b774b96b53ba9d7d4143275d71f69e
996cd5321a8beec96cf1b446d2af4b91570dfae3e7db343f50e558a7d31923c3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
462340da696b65dbeedb3fdf127fcdac
3e3f4888b51705a4853adfc90eda90dccce84a7d
d4a862fbc916cf6e303be78e30901e6c576816834fd20f4f205827e3736aa6d1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
462340da696b65dbeedb3fdf127fcdac
3e3f4888b51705a4853adfc90eda90dccce84a7d
d4a862fbc916cf6e303be78e30901e6c576816834fd20f4f205827e3736aa6d1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
462340da696b65dbeedb3fdf127fcdac
3e3f4888b51705a4853adfc90eda90dccce84a7d
d4a862fbc916cf6e303be78e30901e6c576816834fd20f4f205827e3736aa6d1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.crane.mn/wp-includes/css/dist/block-library/style.min.css?ver=6.2

157.245.193.166

200 OK

13 kB

URL GET HTTP/1.1
www.crane.mn/wp-includes/css/dist/block-library/style.min.css?ver=6.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (48325)
Size
13 kB (12736 bytes)
Hash
9a2b024f6b051bf0c4093c3e52ec9546
47bf1cfe0f0ece10731cf807b51fba0097df17af
c1079d9f6a408084997c0d4d2aa53eaa46103c04caeac1ded17620ed600922ea

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 30 Mar 2023 04:09:06 GMT
ETag: "17ced-5f81640fafac7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12736
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

maps.googleapis.com/maps/api/js?key=AIzaSyAt5Tz4MjqnrWrh72b0077A1-F3YJ7RHWw&ver=4.4.2

142.250.74.106

200 OK

64 kB

URL GET HTTP/2
maps.googleapis.com/maps/api/js?key=AIzaSyAt5Tz4MjqnrWrh72b0077A1-F3YJ7RHWw&ver=4.4.2
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
ASCII text, with very long lines (2454)
Size
64 kB (63488 bytes)
Hash
a6789a632a114e67df3d0e8d69a65bef
0dd1fdf67ac98446d5c51ee63d0c589a5767ff83
aaaae79944c34bb3583e7c6c8bf4b73b49c8c616177eeaf1ee4376420f282911

HTTP Headers

GET /maps/api/js?key=AIzaSyAt5Tz4MjqnrWrh72b0077A1-F3YJ7RHWw&ver=4.4.2 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=1800
timing-allow-origin: *
vary: Accept-Language, Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 07 May 2023 03:04:26 GMT
server: scaffolding on HTTPServer2
content-length: 63488
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Yantramanav%3A100%2C300%2C400%2C500%2C700%2C900%2C&display=swap&subset=latin-ext&ver=1.0.0

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Yantramanav%3A100%2C300%2C400%2C500%2C700%2C900%2C&display=swap&subset=latin-ext&ver=1.0.0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
data
Size
1.1 kB (1059 bytes)
Hash
833f23be700902038d80e80298e97e13
f7447db66577ff883f846f6bbae957acabcfeea3
07a5148625c9b28702a586e0c5402ffd73ff8714f7f947900dc59205ea2201c6

HTTP Headers

GET /css?family=Yantramanav%3A100%2C300%2C400%2C500%2C700%2C900%2C&display=swap&subset=latin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 07 May 2023 03:04:26 GMT
date: Sun, 07 May 2023 03:04:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ee783513f226811bb582d061c5dc6b7
f526d3b264b774b96b53ba9d7d4143275d71f69e
996cd5321a8beec96cf1b446d2af4b91570dfae3e7db343f50e558a7d31923c3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.4.2

157.245.193.166

200 OK

2.6 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.4.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
Unicode text, UTF-8 text, with very long lines (17923), with no line terminators
Size
2.6 kB (2608 bytes)
Hash
75aec3230937232d78407c6d34c40e37
1c1cf008f97653babe9858d7e421cb0367fb005d
530e3994daba9da947db8dd17e58aab6a46927d85706b7647a091bbedaf2e26f

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "4605-5ef2a5ecda788-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2608
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=5.1.0

157.245.193.166

200 OK

1.1 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=5.1.0
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (3276), with no line terminators
Size
1.1 kB (1055 bytes)
Hash
5603ecd4345c0ac769bbead670d09243
16677c2ca4296e8b9ff6165e95e5ac868abec3bd
d20a08f62d6e99014c102bbaf24f13b4dbde4309ae99c71e5c0e30e6ba64b664

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=5.1.0 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "ccc-5ef2a5ed14166-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1055
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-includes/css/classic-themes.min.css?ver=6.2

157.245.193.166

200 OK

210 B

URL GET HTTP/1.1
www.crane.mn/wp-includes/css/classic-themes.min.css?ver=6.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text
Size
210 B (210 bytes)
Hash
a8f5adb01a17d608468beca934ff9e95
20303241ccbdbd180fd959cdf4c263c258870067
bcdca1820dc365b0a6c38b70739928ffb660a1cee9776ce5682a5feedd2824a3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 30 Mar 2023 04:09:06 GMT
ETag: "123-5f81640fb48e6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 210
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6

157.245.193.166

200 OK

1.0 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text
Size
1.0 kB (1004 bytes)
Hash
bc26fb4dff6889e438154a1c731b4d57
1315520d21518545b9a2d8c2f8fec08a4cab0cc0
39464f4a9d8984291bbce2d27f2b49a4cbb021a9e8f1cc7f39dacef7377f8239

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 23 Apr 2023 16:10:16 GMT
ETag: "b2b-5fa0320395c1e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1004
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/css/themes/default/style.css?ver=3.1.6

157.245.193.166

200 OK

4.1 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/css/themes/default/style.css?ver=3.1.6
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text
Size
4.1 kB (4096 bytes)
Hash
b4ea220cc39c5a00dee07aeec7e6aa06
4df5ca8c0a7cc8b6393144fd204442ce88b5462f
4533f272159bf155ffb2fbe6a8a85c3fa6e65a00516e324379b65704e835d987

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ns-category-widget/public/assets/css/themes/default/style.css?ver=3.1.6 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 19 Feb 2023 16:09:28 GMT
ETag: "6f99-5f50fc5603a57-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4096
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.4.2

157.245.193.166

200 OK

8.9 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.4.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
Unicode text, UTF-8 text, with very long lines (62789), with no line terminators
Size
8.9 kB (8907 bytes)
Hash
67b7fb7eeeea6e2bfb129f8e60939862
abff86594bd02cd6a6ffd1c3c6b52fba8fb74995
384784f9ee67a484b0fadddba8f3907cc32a43be5aa64031da70c6a4fc4b1ce9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "f553-5ef2a5ece2487-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8907
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.2

157.245.193.166

200 OK

13 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
13 kB (12959 bytes)
Hash
e7ed1df9a9ffe6960bfb16d051eb403f
1a1e1c0960e39bd9b64a78b16645f3e09107b008
a23ccf0c7067e4f3d11c40cc2a62c9e174b33bb8d2c12cbc86d14f1c75133977

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:22 GMT
ETag: "ef21-5ef2a5ed76b82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12959
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=5.1.0

157.245.193.166

200 OK

19 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=5.1.0
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
19 kB (19117 bytes)
Hash
2a5c34e6b75e7331c694864daf5c2172
009158f496571f5beb51d43c220059a7bc69ed68
7a4c75f610003973dc012ccfa606884b234564ca302cfb25201f3cc685fde78f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=5.1.0 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "2b9e9-5ef2a5ed14166-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19117
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/plugins/woocommerce/assets/css/select2.css?ver=5.4.2

157.245.193.166

200 OK

1.9 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/assets/css/select2.css?ver=5.4.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (15057), with no line terminators
Size
1.9 kB (1943 bytes)
Hash
552bf28494553799905d7e06bc5f1300
2e19fbd3048fbf748f091befc5baeaf202a04967
765ce6fbbd6783cc0ae07d9fc0bdfae2acf469a3d11aa37986dda540f335727a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/select2.css?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "3ad1-5ef2a5ecda788-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1943
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/themes/backhoe/css/vendor/animate-custom.css?ver=6.2

157.245.193.166

200 OK

933 B

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/vendor/animate-custom.css?ver=6.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with CRLF line terminators
Size
933 B (933 bytes)
Hash
f4849ba067b5820d022364c21d0b670a
1c3a7c4ca74a3c004b1c4c20f4f165b12a3b4a99
07ef712242d1cc802a62a24230e3c95421f202912516ae4ae0b5f8c8558ac058

HTTP Headers

GET /wp-content/themes/backhoe/css/vendor/animate-custom.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "16fc-5ef2a5f1cc158-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 933
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/themes/backhoe/style.css?ver=6.2

157.245.193.166

200 OK

779 B

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/style.css?ver=6.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with CRLF line terminators
Size
779 B (779 bytes)
Hash
e53e7c98ca316847d1c7ceaf86726c48
801e54f66d37888b8a44279589cf6a54dde6503a
57e5aea1d40eabdc0622ae623095a81e57964a5c33d197aeae8d89d5f498e796

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/backhoe/style.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "65d-5ef2a5f1e9617-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 779
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/themes/backhoe/css/vendor/foundation.min.css?ver=6.2

157.245.193.166

200 OK

11 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/vendor/foundation.min.css?ver=6.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
11 kB (11216 bytes)
Hash
539bfda21fdf87060349fc10a65bae4e
1b8e43b273f9fd8c4cdbbc70c95087bca9c7e950
d84f2dbe1682666106c97be3a2983fbb97daedc791daa72651a974e165603be6

HTTP Headers

GET /wp-content/themes/backhoe/css/vendor/foundation.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "16dd7-5ef2a5f1cc158-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11216
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2

157.245.193.166

200 OK

905 B

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (2608), with no line terminators
Size
905 B (905 bytes)
Hash
c2e6b77e34025f5b39a87f199df8f7ab
863797e06ab45b878f83688db9f28df00cae9647
5b61454277b24d02b1a69fe7a77a8e7f43d90e7f2fc1fc1586217098fd256eec

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "a30-5ef2a5f1cb1b8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 905
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2

157.245.193.166

200 OK

11 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (51030), with CRLF line terminators
Size
11 kB (11212 bytes)
Hash
9f45bb1e91a73d0f29bc259239c2ff4e
2f50c65f0826da061ececf30398ab8b9b5f8c5ce
e764a10420ebe6398fea3f9cafae61c80af2966901c76e38a66677935766e760

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "c813-5ef2a5f1ce098-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11212
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/themes/backhoe/css/icofont.min.css?ver=6.2

157.245.193.166

200 OK

17 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/icofont.min.css?ver=6.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (65358), with CRLF line terminators
Size
17 kB (16853 bytes)
Hash
6e4bd4ae4ed12735ffdef6fdc0d4e45a
c0136d2eb8de5f68e78e5a5018cf4f9d42faa90b
bf6a400f73132ea1d0d9c3ea51729c69a7c433f2781114b23ad0611af1777578

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/backhoe/css/icofont.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "16836-5ef2a5f1bb7b9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16853
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/plugins/woocommerce-product-category-selection-widget/assets/css/mtree.css?ver=6.2

157.245.193.166

200 OK

433 B

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce-product-category-selection-widget/assets/css/mtree.css?ver=6.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text
Size
433 B (433 bytes)
Hash
72a08ccdae1fe783a7443576ba818ba0
a54cd73ebbce2a05d49fb72b5fb741eadb99f360
2b99c624aad1452919bc14d2bcea43a99ab6aa41acc86b7c5e729214d694991f

HTTP Headers

GET /wp-content/plugins/woocommerce-product-category-selection-widget/assets/css/mtree.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "49e-5ef2a5ecc20e9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 433
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

157.245.193.166

200 OK

4.8 kB

URL GET HTTP/1.1
www.crane.mn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (13326)
Size
4.8 kB (4795 bytes)
Hash
0849b4504f3723cce44b1e3b969002f0
f79a867f709041487baf777ac4e2f9db752bedaf
19847c5a2db57a0c3770c2011b793e5a7789f551ea9b659c19ee33c2d83f0337

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 30 Mar 2023 04:09:07 GMT
ETag: "3470-5f81641017305-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4795
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-content/plugins/checkout-field-editor-and-manager-for-woocommerce/assets/css/frontend.css?ver=2.2.12

157.245.193.166

200 OK

454 B

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/checkout-field-editor-and-manager-for-woocommerce/assets/css/frontend.css?ver=2.2.12
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (1263), with no line terminators
Size
454 B (454 bytes)
Hash
013e52841569595dce94c947caada23d
57503d95918d0b2f1e1d0ab0cd6fb90952d133a9
fc9404e4df17a965acaf031d1acda6171001e18d6a2d090cd05135e046d818e2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/checkout-field-editor-and-manager-for-woocommerce/assets/css/frontend.css?ver=2.2.12 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 18 Apr 2023 16:10:41 GMT
ETag: "4ef-5f99e8c861ba8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 454
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70

157.245.193.166

200 OK

3.5 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (9151)
Size
3.5 kB (3491 bytes)
Hash
c64b3652b53918761c8b0d96491a486c
0561f3f180184980208fef24e98ee26c7d1214f4
eca3c4c3a295fb5f79c6e412db9d8ecbd59edcdb1b8585b523114cfbb78e5274

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "2549-5ef2a5ece91e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3491
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

157.245.193.166

200 OK

31 kB

URL GET HTTP/1.1
www.crane.mn/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (31049 bytes)
Hash
8e4c7c63a7bd9d169bd6ff591b3b8066
68bf52f27f14423e2364aeab255d76bc3d469470
7b480d44d4a9cce9f3f403809ad00a041abf3be16a4ceb44d33be002d69e80a1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.3 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 30 Mar 2023 04:09:07 GMT
ETag: "15ed7-5f81641017305-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 31049
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.4.2

157.245.193.166

200 OK

1.1 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.4.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
HTML document, ASCII text, with very long lines (3037), with no line terminators
Size
1.1 kB (1086 bytes)
Hash
f46e666160800ab91bb12cccc7555662
63b98922823c1f54ed1a96e1dcd0c227e3e51419
f5cc9892eb6b336791126838b53edfe9dc4b12b99aae085cadf52d8e734f5c68

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "bdd-5ef2a5ecec0c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1086
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.2

157.245.193.166

200 OK

47 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (42889)
Size
47 kB (46887 bytes)
Hash
ed3006e295545702dbb5fd6bab080857
42948583f6a1e5176e08a7eaa9696d4016db171b
c6e1844fc5c7d10b50605b31dd0542c07bb0eed5b778a5d2dfe96a12977aa99d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:22 GMT
ETag: "1e437-5ef2a5eda8860-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 46887
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.2

157.245.193.166

200 OK

93 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (64270)
Size
93 kB (92676 bytes)
Hash
d3300b05b78f558f53e123774348a9e5
b3005af34eda1835502a76356e54e2d4e01cee40
4d1d26867bf66c8d370744a52ddc49013b47b1794f1f71b238ec005452c1a102

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:22 GMT
ETag: "56bf3-5ef2a5eda9800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

www.crane.mn/wp-content/themes/backhoe/css/app.css?ver=6.2

157.245.193.166

200 OK

212 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/app.css?ver=6.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with CRLF line terminators
Size
212 kB (212028 bytes)
Hash
dbe6f0479e5bb1979aa8b2ff33b7fa30
4f2cea812be98dda96cea61f92eae2c52c4eeb0a
25fd8ce86b0ce9c630b1e63e751ce01bc0a42a5d5f4eab8d15f3e6b861d0d730

HTTP Headers

GET /wp-content/themes/backhoe/css/app.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "162b60-5ef2a5f1e28b7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

www.crane.mn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0

157.245.193.166

200 OK

374 B

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text
Size
374 B (374 bytes)
Hash
99f478aea66ce928c3dda9ab3a0dbbb3
29bb3e5ccb81defba6cf1749768f4c57533e261a
44b0fdb4d849dfa85411e2e814e8352a89f04fad8e65924f477368dad133955e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 09 Dec 2022 10:27:44 GMT
ETag: "3e0-5ef629aabc24f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 374
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6

157.245.193.166

200 OK

3.0 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (10241), with no line terminators
Size
3.0 kB (3010 bytes)
Hash
07d2468431c75e72b708c3f96d92c1dc
387ed8015963f0f25e80be2be13bd1f74f6547b4
a4d553762e02e774fb0cfe034755035b667fed306d4270f0f1f8dffc5f4960b0

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 23 Apr 2023 16:10:16 GMT
ETag: "2801-5fa0320396bbe-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3010
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4

157.245.193.166

200 OK

982 B

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (1668)
Size
982 B (982 bytes)
Hash
e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "72a-5ef2a5ece91e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 982
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6

157.245.193.166

200 OK

4.2 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
HTML document, ASCII text, with very long lines (12943), with no line terminators
Size
4.2 kB (4182 bytes)
Hash
783227bc3fa1c1fee9377b282ba21262
ad33a9fe892efcfec1ad240752ea2131cc38e352
23a63a1f3b51a17fea96e6b15962ba667d07887797fe366aa2b0d72f9584a64b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 23 Apr 2023 16:10:16 GMT
ETag: "328f-5fa0320395c1e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4182
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.4.2

157.245.193.166

200 OK

794 B

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.4.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (2139), with no line terminators
Size
794 B (794 bytes)
Hash
29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "85b-5ef2a5ecec0c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 794
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.4.2

157.245.193.166

200 OK

1.0 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.4.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (2938), with no line terminators
Size
1.0 kB (1039 bytes)
Hash
a16f467232a27bf9b62353174b52650c
0e27aaae6aaec510ba39751843af4b17ea0ec3a7
40b0815db13d339634fd2cd734fc77eb38ef59bad547d319b9ca4262273ca8eb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "b7a-5ef2a5ecec0c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1039
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

crane.mn/wp-content/uploads/2021/08/new-logo6.png

157.245.193.166

200 OK

8.0 kB

URL GET HTTP/1.1
crane.mn/wp-content/uploads/2021/08/new-logo6.png
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
PNG image data, 533 x 101, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8013 bytes)
Hash
9f18a4d0c93dc2a23e76dad563d86d71
62d6884c58c9fe4d43c6b8fe6e06c3a3204cb685
6e685d9977d326bc462773120a20691c05c80592795325c506df1ba558fa84d4

HTTP Headers

GET /wp-content/uploads/2021/08/new-logo6.png HTTP/1.1
Host: crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Aug 2022 09:18:36 GMT
ETag: "1f4d-5e70d4840051d"
Accept-Ranges: bytes
Content-Length: 8013
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.state.js?ver=3.3.11

157.245.193.166

200 OK

1.6 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.state.js?ver=3.3.11
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text
Size
1.6 kB (1591 bytes)
Hash
71edb12a4067374af3ad10e92b90ed54
f0e5763b2921fdfa8f0f59f085fbe7c9462c6e60
69dcdf35f73fd5eefcd22bf3cf7913f025cccbe9f8972bcaf921ce08dd2bb2ad

HTTP Headers

GET /wp-content/plugins/ns-category-widget/public/assets/js/jstree.state.js?ver=3.3.11 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 19 Feb 2023 16:09:28 GMT
ETag: "1204-5f50fc56049f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1591
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/public.js?ver=3.1.6

157.245.193.166

200 OK

77 B

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/public.js?ver=3.1.6
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text
Size
77 B (77 bytes)
Hash
3abc11724f92cb900d3cf479d3ccbc5d
f82ab6d99c25f9122c0deeaa8369f27fcf7cdd90
808989d89c1c00cf61888e46fe31c167f03d2770b881bfd1774313dd5f00b71f

HTTP Headers

GET /wp-content/plugins/ns-category-widget/public/assets/js/public.js?ver=3.1.6 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 19 Feb 2023 16:09:28 GMT
ETag: "46-5f50fc5603a57-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 77
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f8714882619fc507018eef3d005f16fc
9294e0edaa04b9e3868dcc1261309c3bf7fab717
39b2129e2247e7ef258a08c28ef1d473c6e385ef919913133f92de9c1c4b1d34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f8714882619fc507018eef3d005f16fc
9294e0edaa04b9e3868dcc1261309c3bf7fab717
39b2129e2247e7ef258a08c28ef1d473c6e385ef919913133f92de9c1c4b1d34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.crane.mn/wp-includes/js/hoverIntent.min.js?ver=1.10.2

157.245.193.166

200 OK

706 B

URL GET HTTP/1.1
www.crane.mn/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (1464)
Size
706 B (706 bytes)
Hash
e26e2ba5d82da6211e981bf0e962fe00
ca7358efdb6852cfb78ec32383eaef15ac6cb61b
400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 16:37:14 GMT
ETag: "5db-5ef2b6a9ac199-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 706
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 May 2023 11:49:35 GMT
expires: Fri, 03 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
age: 227693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26616, version 1.0\012- data
Size
27 kB (26616 bytes)
Hash
a91884dde05099b030787565e5def49d
036a2f70043f893c5c2598380128d10a7b8d565d
600130a0fc244c82240330b3d0e4d9a592ca6523cf0509f16e3e1a3da0eebbab

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26616
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 20:18:32 GMT
expires: Thu, 02 May 2024 20:18:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:14 GMT
content-type: font/woff2
age: 283556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2

216.58.207.227

200 OK

50 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
Web Open Font Format (Version 2), TrueType, length 49588, version 1.0\012- data
Size
50 kB (49588 bytes)
Hash
be82908cb9829fc6ff9f701edafd6c99
62ca8f4f8d076ff6c8f51e16dcdba022bd9429be
e684793a09b55092bb67d757c85b6ddfcc974ed4b10b84c4e98dfbbf27317f59

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 49588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 19:27:15 GMT
expires: Thu, 02 May 2024 19:27:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:27:26 GMT
content-type: font/woff2
age: 286633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 May 2023 11:49:35 GMT
expires: Fri, 03 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
age: 227693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2

216.58.207.227

200 OK

50 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
Web Open Font Format (Version 2), TrueType, length 49588, version 1.0\012- data
Size
50 kB (49588 bytes)
Hash
be82908cb9829fc6ff9f701edafd6c99
62ca8f4f8d076ff6c8f51e16dcdba022bd9429be
e684793a09b55092bb67d757c85b6ddfcc974ed4b10b84c4e98dfbbf27317f59

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 49588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 19:27:15 GMT
expires: Thu, 02 May 2024 19:27:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:27:26 GMT
content-type: font/woff2
age: 286633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 May 2023 11:49:35 GMT
expires: Fri, 03 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
age: 227693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26616, version 1.0\012- data
Size
27 kB (26616 bytes)
Hash
a91884dde05099b030787565e5def49d
036a2f70043f893c5c2598380128d10a7b8d565d
600130a0fc244c82240330b3d0e4d9a592ca6523cf0509f16e3e1a3da0eebbab

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26616
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 20:18:32 GMT
expires: Thu, 02 May 2024 20:18:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:14 GMT
content-type: font/woff2
age: 283556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26616, version 1.0\012- data
Size
27 kB (26616 bytes)
Hash
a91884dde05099b030787565e5def49d
036a2f70043f893c5c2598380128d10a7b8d565d
600130a0fc244c82240330b3d0e4d9a592ca6523cf0509f16e3e1a3da0eebbab

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26616
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 20:18:32 GMT
expires: Thu, 02 May 2024 20:18:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:14 GMT
content-type: font/woff2
age: 283556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 May 2023 11:49:35 GMT
expires: Fri, 03 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
age: 227693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.linearicons.com/free/1.0.0/Linearicons-Free.woff2

54.230.111.5

200 OK

22 kB

URL GET HTTP/2
cdn.linearicons.com/free/1.0.0/Linearicons-Free.woff2
IP
54.230.111.5:443
ASN
#16509 AMAZON-02

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerAmazon
Subjectcdn.linearicons.com
Fingerprint71:4D:78:8E:12:B7:39:86:3D:93:98:33:2A:BE:FB:38:B4:AC:25:0C
ValidityThu, 23 Feb 2023 00:00:00 GMT - Sat, 20 Jan 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21780, version 1.0\012- data
Size
22 kB (21780 bytes)
Hash
03e91f122aa5fd425abbe23c85546eb0
c87a3db06c5db4e75e639382f174eafa439aeb27
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33

HTTP Headers

GET /free/1.0.0/Linearicons-Free.woff2 HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://cdn.linearicons.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff2
content-length: 21780
date: Thu, 23 Mar 2023 06:55:55 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Thu, 18 Jun 2015 09:10:36 GMT
etag: "03e91f122aa5fd425abbe23c85546eb0"
cache-control: max-age=31000000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XOjPC9vGKKRRe1Kcu3KQkCwUtenLVOd1JBdvPhFMkz5sSuOuRhJsNA==
age: 3874114
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2

216.58.207.227

200 OK

50 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
Web Open Font Format (Version 2), TrueType, length 49588, version 1.0\012- data
Size
50 kB (49588 bytes)
Hash
be82908cb9829fc6ff9f701edafd6c99
62ca8f4f8d076ff6c8f51e16dcdba022bd9429be
e684793a09b55092bb67d757c85b6ddfcc974ed4b10b84c4e98dfbbf27317f59

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 49588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 19:27:15 GMT
expires: Thu, 02 May 2024 19:27:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:27:26 GMT
content-type: font/woff2
age: 286633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.min.js?ver=3.3.11

157.245.193.166

200 OK

33 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.min.js?ver=3.3.11
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (32075)
Size
33 kB (32882 bytes)
Hash
a24d1290cff24360abb0c70d1e4e5f5a
f5fc6c8fd94ff7dc691a2b19ca3d55a60fc56825
f2ed21327ff46a57ade23776b4632b6a1b2b0e046596b077d79b9699f690395a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ns-category-widget/public/assets/js/jstree.min.js?ver=3.3.11 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 19 Feb 2023 16:09:28 GMT
ETag: "223b7-5f50fc56049f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32882
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d3454e1b68c1c2a44dd9624b283b3945
406b597540f09f2a82205e83a391f91e864c5532
19b2aacd9ee6f9cfff0e08b8350d97afc75e255916d9c26fa7bfee664bd09cac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.crane.mn/wp-content/themes/backhoe/js/wd-script.min.js?ver=1.0.0

157.245.193.166

200 OK

270 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/js/wd-script.min.js?ver=1.0.0
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (31995), with CRLF line terminators
Size
270 kB (270094 bytes)
Hash
7c190cbefc49dc0a6115bc379213f868
1f1ae48a5d194cb18299fd055679ec4c6773f28e
c6f3ed5521711a982617696c98ce6abf5abea349fdc4ea67598d51d32f2f183c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/backhoe/js/wd-script.min.js?ver=1.0.0 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "f3d5c-5ef2a5f202c56-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

www.crane.mn/wp-content/themes/backhoe/css/webfonts/fa-brands-400.woff2

157.245.193.166

200 OK

70 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/webfonts/fa-brands-400.woff2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 69608, version 1.0\012- data
Size
70 kB (69608 bytes)
Hash
659c4d58b00226541ef95c3a76e169c5
333b0d6bb7e10601f4bd99e048608d5581be2a98
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/backhoe/css/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "10fe8-5ef2a5f1dcaf7"
Accept-Ranges: bytes
Content-Length: 69608
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2

www.crane.mn/wp-content/themes/backhoe/images/pattern_dashed.png

157.245.193.166

200 OK

112 B

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/images/pattern_dashed.png
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
PNG image data, 14 x 14, 8-bit/color RGB, non-interlaced\012- data
Size
112 B (112 bytes)
Hash
6067a2f9be8b6717e4417798c7e7b4e1
9f247c675a19ac6ccea53e330ff31568572b1e26
0d700745568a42b15454dfb2499a71ae07dcb6ac1105d4e194604a801d74b626

HTTP Headers

GET /wp-content/themes/backhoe/images/pattern_dashed.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/app.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "70-5ef2a5f1f8076"
Accept-Ranges: bytes
Content-Length: 112
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

www.crane.mn/wp-content/themes/backhoe/images/icon/search-icon.svg

157.245.193.166

200 OK

791 B

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/images/icon/search-icon.svg
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
791 B (791 bytes)
Hash
e29d804b0a896bebc028b9672a169661
7f29913a8218bc263ea15af894247bfda3da4fd7
d77383a4c27a81cbddba31ea9dd8db61b8257d97b8a29e01b6fb2eccbaf57b7f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/backhoe/images/icon/search-icon.svg HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/app.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "317-5ef2a5f1f8076"
Accept-Ranges: bytes
Content-Length: 791
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml

www.crane.mn/wp-content/themes/backhoe/css/webfonts/fa-solid-900.woff2

157.245.193.166

200 OK

74 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/webfonts/fa-solid-900.woff2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 73852, version 1.0\012- data
Size
74 kB (73852 bytes)
Hash
fb493903265cad425ccdf8e04fc2de61
fef2f08d60e907750df0bc41ce64a7139642ddf0
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/backhoe/css/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "1207c-5ef2a5f1dea37"
Accept-Ranges: bytes
Content-Length: 73852
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2

www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.4.2

157.245.193.166

200 OK

1.2 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.4.2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
ASCII text, with very long lines (7043), with no line terminators
Size
1.2 kB (1177 bytes)
Hash
7a01d757cd8aced5af866e83a6d0ce76
f352b0e25c2a3ca7af84f93c9bc1fd700db3586f
da5327f259e09fafac875160fbcd3fe934f48359e751e42b802f5577310b014c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "1b83-5ef2a5ecda788-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1177
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

www.crane.mn/wp-content/uploads/2021/06/old-logo-7-300x57.png

157.245.193.166

200 OK

5.2 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/uploads/2021/06/old-logo-7-300x57.png
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
PNG image data, 300 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5164 bytes)
Hash
09a2dc8d8d789614008bbec523c1a937
26733e3175c7281298ed319833a0be869649285f
7e13d19abe57a3473a13250ae35b0b91a9804d87e4efb2c686525ce18eb49ca2

HTTP Headers

GET /wp-content/uploads/2021/06/old-logo-7-300x57.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Aug 2022 09:18:31 GMT
ETag: "142c-5e70d47fb2c31"
Accept-Ranges: bytes
Content-Length: 5164
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

www.crane.mn/wp-content/themes/backhoe/css/fonts/icofont.woff2

157.245.193.166

200 OK

538 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/fonts/icofont.woff2
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 537868, version 1.0\012- data
Size
538 kB (537868 bytes)
Hash
50a4ab76e700a83e649be213f820fbbd
28ad9e9ac82f86c50eb4dd3d713a0698473bdbb3
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/backhoe/css/fonts/icofont.woff2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/icofont.min.css?ver=6.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "8350c-5ef2a5f1c2518"
Accept-Ranges: bytes
Content-Length: 537868
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/woff2

www.crane.mn/wp-content/themes/backhoe/css/images/next.png

157.245.193.166

200 OK

1.4 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/images/next.png
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1350 bytes)
Hash
31f15875975aab69085470aabbfec802
777e92c050f600b4519299c3d786b8f2f459fea4
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

HTTP Headers

GET /wp-content/themes/backhoe/css/images/next.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "546-5ef2a5f1ce098"
Accept-Ranges: bytes
Content-Length: 1350
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

www.crane.mn/wp-content/themes/backhoe/css/images/prev.png

157.245.193.166

200 OK

1.4 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/images/prev.png
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1360 bytes)
Hash
84b76dee6b27b795e89e3649078a11c2
6640a3432f7ba7aea6129cdf7a5d3eabd47c295c
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

HTTP Headers

GET /wp-content/themes/backhoe/css/images/prev.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "550-5ef2a5f1ce098"
Accept-Ranges: bytes
Content-Length: 1360
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

www.crane.mn/wp-content/themes/backhoe/css/images/loading.gif

157.245.193.166

200 OK

8.5 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/images/loading.gif
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
GIF image data, version 89a, 32 x 32\012- data
Size
8.5 kB (8476 bytes)
Hash
2299ad0b3f63413f026dfec20c205b8f
cf720b50cf8dde0e1a84ce1c6a77788bfc5882d5
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

HTTP Headers

GET /wp-content/themes/backhoe/css/images/loading.gif HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "211c-5ef2a5f1ce098"
Accept-Ranges: bytes
Content-Length: 8476
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif

use.fontawesome.com/releases/v5.1.0/css/all.css

172.64.133.15

200 OK

10 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.1.0/css/all.css
IP
172.64.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT

File type
ASCII text, with very long lines (45507)
Size
10 kB (10198 bytes)
Hash
2ccf9db65fbfa1eb727db91ef1f67e7c
6071f6fa98ea1b0bd1bc4f2a4b16cd37e4b61a3d
c7df04c59887aa7cadc022742092cb27bcf5c06e84f43f16f04d714efca322f8

HTTP Headers

GET /releases/v5.1.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 07 May 2023 03:04:28 GMT
content-type: text/css
x-amz-id-2: CaS+mdZoUq71+fR1hPOIlxbcmgMvTyAnNT05yULWJRIPfua1i6XZ5HKin041pKCEP716LBT5xb8=
x-amz-request-id: KJ55YNQEQKB6M6GE
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 568337
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q52IwBXF%2BpxtU7TZUNM6IOHtcX6hWjmva5en43G5j9FuUJTLqksCi63Aj4xuRWdO07FrjvijMIruRSGvYxNiTeSGdHUVConS3iGxtMIir7ptortuKKm2AuC7NaVnWWJWpQPYjEH6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c363c58bccd7495-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2

172.64.133.15

200 OK

63 kB

URL GET HTTP/3
use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
IP
172.64.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63376, version 1.0\012- data
Size
63 kB (63376 bytes)
Hash
f319eac1c755f9929fd856720ce1695e
0a885a5dbd97bd9f4fb1821eb82f2135471faff9
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

HTTP Headers

GET /releases/v5.1.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:28 GMT
content-type: font/woff2
content-length: 63376
x-amz-id-2: +eUKWB7bWLqCJngJ1DURcYjxUOn62B92bQtTBEDPXhz7TnZfnoxq1zMtvqTWGAfsXeJew2Yyagg=
x-amz-request-id: S8QDEZV7B270WH2J
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
etag: "f319eac1c755f9929fd856720ce1695e"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLTbffO8uwk3W5QSGCbJezuETGm1EWyAJXSVj4Z%2BzTYdL5M5NkVY6uhLaEYekmIt4%2FmLe07Cg9vtjbzVQ63c%2FGBzMOWV7uX6N6ADgryAMH%2BuRuagYwoAUbOrFug3DgD3A1R1zKtB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c363c5aebe724e9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2

172.64.133.15

200 OK

60 kB

URL GET HTTP/3
use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
IP
172.64.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT

File type
Web Open Font Format (Version 2), TrueType, length 59572, version 1.0\012- data
Size
60 kB (59572 bytes)
Hash
18d2347ab2a9f40ca2247cdb03303d84
8aba5b59c5aa7f548a1fa663f02f3cdd3757bb52
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

HTTP Headers

GET /releases/v5.1.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:28 GMT
content-type: font/woff2
content-length: 59572
x-amz-id-2: dFxDH9ZddZZc06tIMJxXn48+eWXcIDq2qex02H8lsIJFcC4BYs54acMPxndZwGFFHc4C4gQGGOo=
x-amz-request-id: S8QD4Y94YBQKRYQD
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
etag: "18d2347ab2a9f40ca2247cdb03303d84"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc0dsZNa96fChBBnl1yTCt13fBVMlvvCXV7BODYrM2KHaG9S5Im7oY27TL2Hz8bS2gh%2F85oxpwq%2F%2BQ4T6llfGDmlvpPbAuatXtxM%2BNucuqJ5%2F%2BhEq4FpPxS6Fyi8clYrv2JhcZcA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c363c5aebe624e9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.crane.mn/?wc-ajax=get_refreshed_fragments

157.245.193.166

200 OK

684 B

URL POST HTTP/1.1
www.crane.mn/?wc-ajax=get_refreshed_fragments
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
JSON data\012- , ASCII text, with very long lines (684), with no line terminators
Size
684 B (684 bytes)
Hash
a1e90820e0a60d5699a621b317e2e7ce
cdbef82a434f6372611b16f2a8e4f83e48070714
756a224896afeee69727f620b6b556b1874760a342e57675ac73a9489aeed04c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding,Cookie
Access-Control-Allow-Origin: https://www.crane.mn
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Content-Length: 684
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8

crane.mn/wp-content/uploads/2021/05/cropped-lifting-equipment-chains-exhibition-store-133539818-e1621512295666.jpg

157.245.193.166

200 OK

266 kB

URL GET HTTP/1.1
crane.mn/wp-content/uploads/2021/05/cropped-lifting-equipment-chains-exhibition-store-133539818-e1621512295666.jpg
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x470, components 3\012- data
Size
266 kB (266171 bytes)
Hash
464d6d5a0e1db88ff11f24c8740e6d88
4e7f0aca257514b5e6d9fa12e68d6680488f7b17
0dd2194245c4b4553505a8c6db0a001eb7203ad52383b545cf39746d3520fa2b

HTTP Headers

GET /wp-content/uploads/2021/05/cropped-lifting-equipment-chains-exhibition-store-133539818-e1621512295666.jpg HTTP/1.1
Host: crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Aug 2022 09:18:35 GMT
ETag: "40fbb-5e70d4834ba80"
Accept-Ranges: bytes
Content-Length: 266171
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bf34384a7fd9e62b9045178ff81864df
732744c22cd182dac8ab80666ef2d8985a47d3a9
89f580bee129d929f610dcbb61af775e59ebd60acf584cf274346ecf638816f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

client.relay.crisp.chat/w/5d/?EIO=4&transport=websocket

134.209.238.18

0 B

URL
client.relay.crisp.chat/w/5d/?EIO=4&transport=websocket
IP
134.209.238.18:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /w/5d/?EIO=4&transport=websocket HTTP/1.1
Host: client.relay.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.crane.mn
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7Ho8jAlqsXwc99Jq4H7fQg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 07 May 2023 03:04:29 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5hDBT8dD+UpVEBs3x4+Xv3porX8=
X-Crisp-Ray: website w:5d 10.133.35.18:3000
Access-Control-Allow-Headers: Content-Type, Origin, Upgrade
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Credentials: false
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300

maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

142.250.74.138

200 OK

23 B

URL GET HTTP/3
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
JSON data\012- , ASCII text
Size
23 B (23 bytes)
Hash
e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9

HTTP Headers

GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 07 May 2023 03:04:29 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.crane.mn
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bf34384a7fd9e62b9045178ff81864df
732744c22cd182dac8ab80666ef2d8985a47d3a9
89f580bee129d929f610dcbb61af775e59ebd60acf584cf274346ecf638816f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.crane.mn/wp-content/uploads/2021/08/cropped-icon-32x32.png

157.245.193.166

200 OK

958 B

URL GET HTTP/1.1
www.crane.mn/wp-content/uploads/2021/08/cropped-icon-32x32.png
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
958 B (958 bytes)
Hash
08741d5d8e1cffdf7ef30e4a99ed4fad
52c36d863ae403b12114ad595ddd0edffeecc9c2
9a5e6786bd4f35c7e93c06a00d51397d1bd9ff665c549c8e593cd25a1359725b

HTTP Headers

GET /wp-content/uploads/2021/08/cropped-icon-32x32.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:29 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Aug 2022 09:18:36 GMT
ETag: "3be-5e70d48469c9b"
Accept-Ranges: bytes
Content-Length: 958
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js

172.217.21.174

200 OK

58 kB

URL GET HTTP/2
www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js
IP
172.217.21.174:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintA3:4E:A3:86:10:DA:6C:D1:8C:73:54:AB:E6:8F:7D:21:72:2C:B4:D5
ValidityMon, 17 Apr 2023 08:16:32 GMT - Mon, 10 Jul 2023 08:16:31 GMT

File type
ASCII text, with very long lines (580)
Size
58 kB (57768 bytes)
Hash
694cab1993900ba45b4992bbb6cc1360
7d1b9ab11bf714387cfa05957289281d6df9ee9c
a571b15bb1df3056c7b5cb196d02a3ca4f6a2f93ef596f45af3a3fccea57c7f9

HTTP Headers

GET /s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 57768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 14:50:19 GMT
expires: Thu, 02 May 2024 14:50:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 03 May 2023 00:18:30 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 303250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.crane.mn/wp-content/uploads/2021/08/cropped-icon-192x192.png

157.245.193.166

200 OK

7.6 kB

URL GET HTTP/1.1
www.crane.mn/wp-content/uploads/2021/08/cropped-icon-192x192.png
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
7.6 kB (7642 bytes)
Hash
985d0bac729b9a4ca33e83e5862d2925
30e09d7bea7cde9b096091cd69edd43be984540c
56ffda7f235cc31a555ad0867389c12bbe113501502527b7861418af51faa44d

HTTP Headers

GET /wp-content/uploads/2021/08/cropped-icon-192x192.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:29 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Aug 2022 09:18:36 GMT
ETag: "1dda-5e70d483bde9e"
Accept-Ranges: bytes
Content-Length: 7642
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

maps.googleapis.com/maps-api-v3/api/js/53/2/common.js

142.250.74.106

200 OK

61 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/53/2/common.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
ASCII text, with very long lines (580)
Size
61 kB (61370 bytes)
Hash
13c76fe986212ce382d6aa7c67dd64b1
99c64735f4e8a329135ecc17a72b93d8114f38ee
32ae690f06198da2d513579c9414735912e23e0ab42f05be6a64c6d0b278abf8

HTTP Headers

GET /maps-api-v3/api/js/53/2/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 61370
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 20:31:31 GMT
expires: Thu, 02 May 2024 20:31:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 03 May 2023 01:13:11 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 282782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/53/2/util.js

142.250.74.106

200 OK

53 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/53/2/util.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
ASCII text, with very long lines (564)
Size
53 kB (52844 bytes)
Hash
e03338f1ffcb4d78d0b79d41080e2e38
9fafce8a70d820cd56833d09b463829b335497ca
414ed205b878a3ffb8d5def1ea4b1b1e56cb57a869d855fdaf744bbd538ed716

HTTP Headers

GET /maps-api-v3/api/js/53/2/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 52844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 20:31:31 GMT
expires: Thu, 02 May 2024 20:31:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 03 May 2023 01:13:11 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 282782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

client.relay.crisp.chat/w/5d/?EIO=4&transport=websocket

134.209.238.18

101 Switching Protocols

0 B

URL GET HTTP/1.1
client.relay.crisp.chat/w/5d/?EIO=4&transport=websocket
IP
134.209.238.18:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerSectigo Limited
Subjectclient.relay.crisp.chat
FingerprintDE:C1:D0:92:2F:AB:BF:30:B3:AB:23:6A:61:3D:EB:7F:F0:5E:2E:EC
ValidityTue, 07 Jun 2022 00:00:00 GMT - Sat, 08 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /w/5d/?EIO=4&transport=websocket HTTP/1.1
Host: client.relay.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.crane.mn
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7Ho8jAlqsXwc99Jq4H7fQg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 07 May 2023 03:04:29 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5hDBT8dD+UpVEBs3x4+Xv3porX8=
X-Crisp-Ray: website w:5d 10.133.35.18:3000
Access-Control-Allow-Headers: Content-Type, Origin, Upgrade
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Credentials: false
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300

fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C&display=swap&subset=latin&ver=1.0.0

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C&display=swap&subset=latin&ver=1.0.0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
ASCII text
Size
12 kB (11712 bytes)
Hash
7a26e77a3d4b5fd0ace13150c24d9f3d
28b8c3469e2bcf6e941aa8bffdd51f7bdb8fdea3
1888959b5858af3cd658a6aa00118d4db9656ee9d2dec1eb0d0bc68a6c4cc670

HTTP Headers

GET /css?family=Open+Sans%3A300%2C400%2C600%2C700%2C&display=swap&subset=latin&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 07 May 2023 03:04:26 GMT
date: Sun, 07 May 2023 03:04:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-4-7-3-4

104.18.29.91

200 OK

212 B

URL GET HTTP/3
client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-4-7-3-4
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
212 B (212 bytes)
Hash
afba1585728a00d3e95cfac087c2199f
457c91086989cbb894b52c6b345634657d4fedf0
2c7b8c260f7193e1f83a54b4ab85bdf0c6b29a0dd6c21064d58fd7d118fe4f67

HTTP Headers

GET /settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-4-7-3-4 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:29 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
expires: Sun, 07 May 2023 07:04:29 GMT
vary: Accept-Encoding
last-modified: Sun, 07 May 2023 03:04:29 GMT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c5ca8adb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.youtube.com/iframe_api

172.217.21.174

200 OK

1.1 kB

URL GET HTTP/2
www.youtube.com/iframe_api
IP
172.217.21.174:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintA3:4E:A3:86:10:DA:6C:D1:8C:73:54:AB:E6:8F:7D:21:72:2C:B4:D5
ValidityMon, 17 Apr 2023 08:16:32 GMT - Mon, 10 Jul 2023 08:16:31 GMT

File type
ASCII text, with very long lines (1085), with no line terminators
Size
1.1 kB (1053 bytes)
Hash
9ba8bd4c67dd2bd39e369f9fad5fd900
08425a8a15b9c1b05a56b193bc4a4a73a1c879b8
8a9950e993b880193e55d5be09b08047f9c99e492236bf10d90bd1213af9ff66

HTTP Headers

GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sun, 07 May 2023 03:04:29 GMT
date: Sun, 07 May 2023 03:04:29 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=wwC2t0pQf1o; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=7kBILDTu4h0; Domain=.youtube.com; Expires=Fri, 03-Nov-2023 03:04:29 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+133; expires=Tue, 06-May-2025 03:04:29 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

client.crisp.chat/static/stylesheets/client_default.css?d2149b0

104.18.29.91

200 OK

355 kB

URL GET HTTP/3
client.crisp.chat/static/stylesheets/client_default.css?d2149b0
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type

Size
355 kB (355067 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/stylesheets/client_default.css?d2149b0 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:28 GMT
content-type: text/css
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"642ad5e4-56afb"
expires: Wed, 04 May 2033 03:04:28 GMT
last-modified: Mon, 03 Apr 2023 13:34:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 48419
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c5a3f61b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

client.crisp.chat/l.js?ver=6.2

104.18.29.91

200 OK

8.4 kB

URL GET HTTP/2
client.crisp.chat/l.js?ver=6.2
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (8670), with no line terminators
Size
8.4 kB (8401 bytes)
Hash
6049cd4f090c2bc329364e4946a823f1
0825603db1dec50b9e4bd10c05af697baa08d51e
13abb9d031815d62bad706693babad7fae836ddf58cae3a99191d9844b3e484e

HTTP Headers

GET /l.js?ver=6.2 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 07 May 2023 03:04:26 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
etag: W/"622f402b-20d1"
expires: Mon, 08 May 2023 03:04:26 GMT
last-modified: Mon, 14 Mar 2022 13:16:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 48096
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c4dea96fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

client.crisp.chat/static/javascripts/locales/mn.js?d2149b0

104.18.29.91

200 OK

9.6 kB

URL GET HTTP/3
client.crisp.chat/static/javascripts/locales/mn.js?d2149b0
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (7408), with no line terminators
Size
9.6 kB (9613 bytes)
Hash
89d31af1f52b660a13e0418de3e85dde
823a3df35db7eb6053b40ace518444b8e1a3d1bb
35fdf689c8dd5adadaa5e98e1623b13ec27e8ae1911c8dc133ede19d3abd1ab0

HTTP Headers

GET /static/javascripts/locales/mn.js?d2149b0 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:29 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"62a737a2-258d"
expires: Wed, 04 May 2033 03:04:29 GMT
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c619b26b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800%2C&display=swap&subset=latin-ext&ver=1.0.0

142.250.74.106

200 OK

15 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800%2C&display=swap&subset=latin-ext&ver=1.0.0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT

File type
ASCII text
Size
15 kB (14640 bytes)
Hash
194fabcd0a3f7a1909cdf561ccc79775
d1a6a2e2b255d8a578035611d918423b71c3d930
d11f6ac62c5e0e2c0955a79615e06f561c5622f4d4598b3e7b853055c7b5643e

HTTP Headers

GET /css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800%2C&display=swap&subset=latin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 07 May 2023 03:04:26 GMT
date: Sun, 07 May 2023 03:04:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

client.crisp.chat/static/javascripts/client.js?d2149b0

104.18.29.91

200 OK

411 kB

URL GET HTTP/3
client.crisp.chat/static/javascripts/client.js?d2149b0
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type

Size
411 kB (411268 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/javascripts/client.js?d2149b0 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:28 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"62a737a2-64684"
expires: Wed, 04 May 2033 03:04:28 GMT
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 48419
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c5a3f62b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.crane.mn/wp-content/themes/backhoe/css/images/close.png

157.245.193.166

200 OK

280 B

URL GET HTTP/1.1
www.crane.mn/wp-content/themes/backhoe/css/images/close.png
IP
157.245.193.166:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT

File type
PNG image data, 27 x 27, 8-bit colormap, non-interlaced\012- data
Size
280 B (280 bytes)
Hash
d9d2d0b1308cb694aa8116915592e2a9
3ca48361cfe0e41163023d03c26296f375bb3eac
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

HTTP Headers

GET /wp-content/themes/backhoe/css/images/close.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "118-5ef2a5f1ce098"
Accept-Ranges: bytes
Content-Length: 280
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1648018704892

104.18.29.91

200 OK

1.2 kB

URL GET HTTP/3
client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1648018704892
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (1261), with no line terminators
Size
1.2 kB (1155 bytes)
Hash
2c94a55165fa38e7ddeb086506c447cd
12ca0816b61f436aaa7191a5e472dbca7733db6b
c6453b212cc4cc742b0eaa359416dbdfb228374e9e6154d449886586ab3b8129

HTTP Headers

GET /settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1648018704892 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:29 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
expires: Sun, 07 May 2023 07:04:29 GMT
vary: Accept-Encoding
last-modified: Sat, 06 May 2023 11:16:29 GMT
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c60eae4b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML