crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
157.245.193.166301 Moved Permanently 0 B URL User Request GET HTTP/1.1 crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe HTTP/1.1
Host: crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 07 May 2023 03:04:23 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
157.245.193.166404 Not Found 67 kB URL User Request GET HTTP/1.1 www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9838), with CRLF, LF line terminators
Hash 40ad5f798059250e5cf49e161c386902
f4fe9f8db0c3040e473c6e5b5ff984f6bb22e4f5
4f5f05cdf31c98773ad6dd916ca143799c849661efffe9f0d89221ab69748195
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
GET /wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sun, 07 May 2023 03:04:24 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.crane.mn/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
157.245.193.166404 Not Found 375 B URL User Request GET HTTP/1.1 www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 555388a71e6dace97bbd2d13bf329f52
75d65ab78dc983f80e31c5ea135473bd5390ba7a
62b595aeb143b3f9d16d4ec24c595e3e0b304c99d119242cc474fb8a8dae6076
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
GET /wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 07 May 2023 03:04:25 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Content-Length: 375
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
157.245.193.166404 Not Found 67 kB URL User Request GET HTTP/1.1 www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9838), with CRLF, LF line terminators
Hash 40ad5f798059250e5cf49e161c386902
f4fe9f8db0c3040e473c6e5b5ff984f6bb22e4f5
4f5f05cdf31c98773ad6dd916ca143799c849661efffe9f0d89221ab69748195
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
GET /wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sun, 07 May 2023 03:04:25 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.crane.mn/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
cdn.linearicons.com/free/1.0.0/icon-font.min.css
54.230.111.5200 OK 1.7 kB URL GET HTTP/2 cdn.linearicons.com/free/1.0.0/icon-font.min.css
IP 54.230.111.5:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerAmazon
Subjectcdn.linearicons.com
Fingerprint71:4D:78:8E:12:B7:39:86:3D:93:98:33:2A:BE:FB:38:B4:AC:25:0C
ValidityThu, 23 Feb 2023 00:00:00 GMT - Sat, 20 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (7191)
Hash 0b704046d76bb4d3929be4f7f20472f5
564f70325044cf9834f70d9689463cbfb8a53b71
511ae4f5d6a1803848d68c82cd61d2ad1ed3a1c65037e2cbcf9a7edd2fa6fa5d
GET /free/1.0.0/icon-font.min.css HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 1672
date: Fri, 31 Mar 2023 06:49:04 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 27 May 2015 16:04:10 GMT
etag: "0b704046d76bb4d3929be4f7f20472f5"
cache-control: max-age=31000000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uAdGZmlAVBdybuiY_EW3F1AdKnH0AVo3c9cPglhgVMvh_YbGQ5UXhQ==
age: 3183323
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5ee783513f226811bb582d061c5dc6b7
f526d3b264b774b96b53ba9d7d4143275d71f69e
996cd5321a8beec96cf1b446d2af4b91570dfae3e7db343f50e558a7d31923c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 462340da696b65dbeedb3fdf127fcdac
3e3f4888b51705a4853adfc90eda90dccce84a7d
d4a862fbc916cf6e303be78e30901e6c576816834fd20f4f205827e3736aa6d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 462340da696b65dbeedb3fdf127fcdac
3e3f4888b51705a4853adfc90eda90dccce84a7d
d4a862fbc916cf6e303be78e30901e6c576816834fd20f4f205827e3736aa6d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 462340da696b65dbeedb3fdf127fcdac
3e3f4888b51705a4853adfc90eda90dccce84a7d
d4a862fbc916cf6e303be78e30901e6c576816834fd20f4f205827e3736aa6d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.crane.mn/wp-includes/css/dist/block-library/style.min.css?ver=6.2
157.245.193.166200 OK 13 kB URL GET HTTP/1.1 www.crane.mn/wp-includes/css/dist/block-library/style.min.css?ver=6.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (48325)
Hash 9a2b024f6b051bf0c4093c3e52ec9546
47bf1cfe0f0ece10731cf807b51fba0097df17af
c1079d9f6a408084997c0d4d2aa53eaa46103c04caeac1ded17620ed600922ea
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 30 Mar 2023 04:09:06 GMT
ETag: "17ced-5f81640fafac7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12736
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
maps.googleapis.com/maps/api/js?key=AIzaSyAt5Tz4MjqnrWrh72b0077A1-F3YJ7RHWw&ver=4.4.2
142.250.74.106200 OK 64 kB URL GET HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyAt5Tz4MjqnrWrh72b0077A1-F3YJ7RHWw&ver=4.4.2
IP 142.250.74.106:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type ASCII text, with very long lines (2454)
Hash a6789a632a114e67df3d0e8d69a65bef
0dd1fdf67ac98446d5c51ee63d0c589a5767ff83
aaaae79944c34bb3583e7c6c8bf4b73b49c8c616177eeaf1ee4376420f282911
GET /maps/api/js?key=AIzaSyAt5Tz4MjqnrWrh72b0077A1-F3YJ7RHWw&ver=4.4.2 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=1800
timing-allow-origin: *
vary: Accept-Language, Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 07 May 2023 03:04:26 GMT
server: scaffolding on HTTPServer2
content-length: 63488
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Yantramanav%3A100%2C300%2C400%2C500%2C700%2C900%2C&display=swap&subset=latin-ext&ver=1.0.0
142.250.74.106200 OK 1.1 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Yantramanav%3A100%2C300%2C400%2C500%2C700%2C900%2C&display=swap&subset=latin-ext&ver=1.0.0
IP 142.250.74.106:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
Hash 833f23be700902038d80e80298e97e13
f7447db66577ff883f846f6bbae957acabcfeea3
07a5148625c9b28702a586e0c5402ffd73ff8714f7f947900dc59205ea2201c6
GET /css?family=Yantramanav%3A100%2C300%2C400%2C500%2C700%2C900%2C&display=swap&subset=latin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 07 May 2023 03:04:26 GMT
date: Sun, 07 May 2023 03:04:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5ee783513f226811bb582d061c5dc6b7
f526d3b264b774b96b53ba9d7d4143275d71f69e
996cd5321a8beec96cf1b446d2af4b91570dfae3e7db343f50e558a7d31923c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.4.2
157.245.193.166200 OK 2.6 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.4.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type Unicode text, UTF-8 text, with very long lines (17923), with no line terminators
Hash 75aec3230937232d78407c6d34c40e37
1c1cf008f97653babe9858d7e421cb0367fb005d
530e3994daba9da947db8dd17e58aab6a46927d85706b7647a091bbedaf2e26f
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "4605-5ef2a5ecda788-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2608
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=5.1.0
157.245.193.166200 OK 1.1 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=5.1.0
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (3276), with no line terminators
Hash 5603ecd4345c0ac769bbead670d09243
16677c2ca4296e8b9ff6165e95e5ac868abec3bd
d20a08f62d6e99014c102bbaf24f13b4dbde4309ae99c71e5c0e30e6ba64b664
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=5.1.0 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "ccc-5ef2a5ed14166-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1055
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-includes/css/classic-themes.min.css?ver=6.2
157.245.193.166200 OK 210 B URL GET HTTP/1.1 www.crane.mn/wp-includes/css/classic-themes.min.css?ver=6.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
Hash a8f5adb01a17d608468beca934ff9e95
20303241ccbdbd180fd959cdf4c263c258870067
bcdca1820dc365b0a6c38b70739928ffb660a1cee9776ce5682a5feedd2824a3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 30 Mar 2023 04:09:06 GMT
ETag: "123-5f81640fb48e6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 210
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6
157.245.193.166200 OK 1.0 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
Hash bc26fb4dff6889e438154a1c731b4d57
1315520d21518545b9a2d8c2f8fec08a4cab0cc0
39464f4a9d8984291bbce2d27f2b49a4cbb021a9e8f1cc7f39dacef7377f8239
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 23 Apr 2023 16:10:16 GMT
ETag: "b2b-5fa0320395c1e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1004
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/css/themes/default/style.css?ver=3.1.6
157.245.193.166200 OK 4.1 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/css/themes/default/style.css?ver=3.1.6
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
Hash b4ea220cc39c5a00dee07aeec7e6aa06
4df5ca8c0a7cc8b6393144fd204442ce88b5462f
4533f272159bf155ffb2fbe6a8a85c3fa6e65a00516e324379b65704e835d987
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ns-category-widget/public/assets/css/themes/default/style.css?ver=3.1.6 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 19 Feb 2023 16:09:28 GMT
ETag: "6f99-5f50fc5603a57-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4096
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.4.2
157.245.193.166200 OK 8.9 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.4.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type Unicode text, UTF-8 text, with very long lines (62789), with no line terminators
Hash 67b7fb7eeeea6e2bfb129f8e60939862
abff86594bd02cd6a6ffd1c3c6b52fba8fb74995
384784f9ee67a484b0fadddba8f3907cc32a43be5aa64031da70c6a4fc4b1ce9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "f553-5ef2a5ece2487-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8907
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.2
157.245.193.166200 OK 13 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash e7ed1df9a9ffe6960bfb16d051eb403f
1a1e1c0960e39bd9b64a78b16645f3e09107b008
a23ccf0c7067e4f3d11c40cc2a62c9e174b33bb8d2c12cbc86d14f1c75133977
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:22 GMT
ETag: "ef21-5ef2a5ed76b82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12959
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=5.1.0
157.245.193.166200 OK 19 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=5.1.0
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 2a5c34e6b75e7331c694864daf5c2172
009158f496571f5beb51d43c220059a7bc69ed68
7a4c75f610003973dc012ccfa606884b234564ca302cfb25201f3cc685fde78f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=5.1.0 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "2b9e9-5ef2a5ed14166-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19117
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/plugins/woocommerce/assets/css/select2.css?ver=5.4.2
157.245.193.166200 OK 1.9 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/assets/css/select2.css?ver=5.4.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (15057), with no line terminators
Hash 552bf28494553799905d7e06bc5f1300
2e19fbd3048fbf748f091befc5baeaf202a04967
765ce6fbbd6783cc0ae07d9fc0bdfae2acf469a3d11aa37986dda540f335727a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/select2.css?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "3ad1-5ef2a5ecda788-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1943
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/themes/backhoe/css/vendor/animate-custom.css?ver=6.2
157.245.193.166200 OK 933 B URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/vendor/animate-custom.css?ver=6.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with CRLF line terminators
Hash f4849ba067b5820d022364c21d0b670a
1c3a7c4ca74a3c004b1c4c20f4f165b12a3b4a99
07ef712242d1cc802a62a24230e3c95421f202912516ae4ae0b5f8c8558ac058
GET /wp-content/themes/backhoe/css/vendor/animate-custom.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "16fc-5ef2a5f1cc158-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 933
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/themes/backhoe/style.css?ver=6.2
157.245.193.166200 OK 779 B URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/style.css?ver=6.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with CRLF line terminators
Hash e53e7c98ca316847d1c7ceaf86726c48
801e54f66d37888b8a44279589cf6a54dde6503a
57e5aea1d40eabdc0622ae623095a81e57964a5c33d197aeae8d89d5f498e796
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/backhoe/style.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "65d-5ef2a5f1e9617-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 779
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/themes/backhoe/css/vendor/foundation.min.css?ver=6.2
157.245.193.166200 OK 11 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/vendor/foundation.min.css?ver=6.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 539bfda21fdf87060349fc10a65bae4e
1b8e43b273f9fd8c4cdbbc70c95087bca9c7e950
d84f2dbe1682666106c97be3a2983fbb97daedc791daa72651a974e165603be6
GET /wp-content/themes/backhoe/css/vendor/foundation.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "16dd7-5ef2a5f1cc158-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11216
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
157.245.193.166200 OK 905 B URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (2608), with no line terminators
Hash c2e6b77e34025f5b39a87f199df8f7ab
863797e06ab45b878f83688db9f28df00cae9647
5b61454277b24d02b1a69fe7a77a8e7f43d90e7f2fc1fc1586217098fd256eec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "a30-5ef2a5f1cb1b8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 905
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2
157.245.193.166200 OK 11 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (51030), with CRLF line terminators
Hash 9f45bb1e91a73d0f29bc259239c2ff4e
2f50c65f0826da061ececf30398ab8b9b5f8c5ce
e764a10420ebe6398fea3f9cafae61c80af2966901c76e38a66677935766e760
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "c813-5ef2a5f1ce098-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11212
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/themes/backhoe/css/icofont.min.css?ver=6.2
157.245.193.166200 OK 17 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/icofont.min.css?ver=6.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (65358), with CRLF line terminators
Hash 6e4bd4ae4ed12735ffdef6fdc0d4e45a
c0136d2eb8de5f68e78e5a5018cf4f9d42faa90b
bf6a400f73132ea1d0d9c3ea51729c69a7c433f2781114b23ad0611af1777578
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/backhoe/css/icofont.min.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "16836-5ef2a5f1bb7b9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16853
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/plugins/woocommerce-product-category-selection-widget/assets/css/mtree.css?ver=6.2
157.245.193.166200 OK 433 B URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce-product-category-selection-widget/assets/css/mtree.css?ver=6.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
Hash 72a08ccdae1fe783a7443576ba818ba0
a54cd73ebbce2a05d49fb72b5fb741eadb99f360
2b99c624aad1452919bc14d2bcea43a99ab6aa41acc86b7c5e729214d694991f
GET /wp-content/plugins/woocommerce-product-category-selection-widget/assets/css/mtree.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "49e-5ef2a5ecc20e9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 433
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
157.245.193.166200 OK 4.8 kB URL GET HTTP/1.1 www.crane.mn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (13326)
Hash 0849b4504f3723cce44b1e3b969002f0
f79a867f709041487baf777ac4e2f9db752bedaf
19847c5a2db57a0c3770c2011b793e5a7789f551ea9b659c19ee33c2d83f0337
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 30 Mar 2023 04:09:07 GMT
ETag: "3470-5f81641017305-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4795
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-content/plugins/checkout-field-editor-and-manager-for-woocommerce/assets/css/frontend.css?ver=2.2.12
157.245.193.166200 OK 454 B URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/checkout-field-editor-and-manager-for-woocommerce/assets/css/frontend.css?ver=2.2.12
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (1263), with no line terminators
Hash 013e52841569595dce94c947caada23d
57503d95918d0b2f1e1d0ab0cd6fb90952d133a9
fc9404e4df17a965acaf031d1acda6171001e18d6a2d090cd05135e046d818e2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/checkout-field-editor-and-manager-for-woocommerce/assets/css/frontend.css?ver=2.2.12 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 18 Apr 2023 16:10:41 GMT
ETag: "4ef-5f99e8c861ba8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 454
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
157.245.193.166200 OK 3.5 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (9151)
Hash c64b3652b53918761c8b0d96491a486c
0561f3f180184980208fef24e98ee26c7d1214f4
eca3c4c3a295fb5f79c6e412db9d8ecbd59edcdb1b8585b523114cfbb78e5274
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "2549-5ef2a5ece91e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3491
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
157.245.193.166200 OK 31 kB URL GET HTTP/1.1 www.crane.mn/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (65447)
Hash 8e4c7c63a7bd9d169bd6ff591b3b8066
68bf52f27f14423e2364aeab255d76bc3d469470
7b480d44d4a9cce9f3f403809ad00a041abf3be16a4ceb44d33be002d69e80a1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.3 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 30 Mar 2023 04:09:07 GMT
ETag: "15ed7-5f81641017305-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 31049
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.4.2
157.245.193.166200 OK 1.1 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.4.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash f46e666160800ab91bb12cccc7555662
63b98922823c1f54ed1a96e1dcd0c227e3e51419
f5cc9892eb6b336791126838b53edfe9dc4b12b99aae085cadf52d8e734f5c68
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "bdd-5ef2a5ecec0c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1086
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.2
157.245.193.166200 OK 47 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (42889)
Hash ed3006e295545702dbb5fd6bab080857
42948583f6a1e5176e08a7eaa9696d4016db171b
c6e1844fc5c7d10b50605b31dd0542c07bb0eed5b778a5d2dfe96a12977aa99d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:22 GMT
ETag: "1e437-5ef2a5eda8860-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 46887
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.2
157.245.193.166200 OK 93 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (64270)
Hash d3300b05b78f558f53e123774348a9e5
b3005af34eda1835502a76356e54e2d4e01cee40
4d1d26867bf66c8d370744a52ddc49013b47b1794f1f71b238ec005452c1a102
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:22 GMT
ETag: "56bf3-5ef2a5eda9800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.crane.mn/wp-content/themes/backhoe/css/app.css?ver=6.2
157.245.193.166200 OK 212 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/app.css?ver=6.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with CRLF line terminators
Size 212 kB (212028 bytes)
Hash dbe6f0479e5bb1979aa8b2ff33b7fa30
4f2cea812be98dda96cea61f92eae2c52c4eeb0a
25fd8ce86b0ce9c630b1e63e751ce01bc0a42a5d5f4eab8d15f3e6b861d0d730
GET /wp-content/themes/backhoe/css/app.css?ver=6.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "162b60-5ef2a5f1e28b7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.crane.mn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
157.245.193.166200 OK 374 B URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
Hash 99f478aea66ce928c3dda9ab3a0dbbb3
29bb3e5ccb81defba6cf1749768f4c57533e261a
44b0fdb4d849dfa85411e2e814e8352a89f04fad8e65924f477368dad133955e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 09 Dec 2022 10:27:44 GMT
ETag: "3e0-5ef629aabc24f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 374
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6
157.245.193.166200 OK 3.0 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (10241), with no line terminators
Hash 07d2468431c75e72b708c3f96d92c1dc
387ed8015963f0f25e80be2be13bd1f74f6547b4
a4d553762e02e774fb0cfe034755035b667fed306d4270f0f1f8dffc5f4960b0
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 23 Apr 2023 16:10:16 GMT
ETag: "2801-5fa0320396bbe-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3010
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
157.245.193.166200 OK 982 B URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "72a-5ef2a5ece91e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 982
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
157.245.193.166200 OK 4.2 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type HTML document, ASCII text, with very long lines (12943), with no line terminators
Hash 783227bc3fa1c1fee9377b282ba21262
ad33a9fe892efcfec1ad240752ea2131cc38e352
23a63a1f3b51a17fea96e6b15962ba667d07887797fe366aa2b0d72f9584a64b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 23 Apr 2023 16:10:16 GMT
ETag: "328f-5fa0320395c1e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4182
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.4.2
157.245.193.166200 OK 794 B URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.4.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "85b-5ef2a5ecec0c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 794
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.4.2
157.245.193.166200 OK 1.0 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.4.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (2938), with no line terminators
Hash a16f467232a27bf9b62353174b52650c
0e27aaae6aaec510ba39751843af4b17ea0ec3a7
40b0815db13d339634fd2cd734fc77eb38ef59bad547d319b9ca4262273ca8eb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "b7a-5ef2a5ecec0c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1039
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
crane.mn/wp-content/uploads/2021/08/new-logo6.png
157.245.193.166200 OK 8.0 kB URL GET HTTP/1.1 crane.mn/wp-content/uploads/2021/08/new-logo6.png
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type PNG image data, 533 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f18a4d0c93dc2a23e76dad563d86d71
62d6884c58c9fe4d43c6b8fe6e06c3a3204cb685
6e685d9977d326bc462773120a20691c05c80592795325c506df1ba558fa84d4
GET /wp-content/uploads/2021/08/new-logo6.png HTTP/1.1
Host: crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Aug 2022 09:18:36 GMT
ETag: "1f4d-5e70d4840051d"
Accept-Ranges: bytes
Content-Length: 8013
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.state.js?ver=3.3.11
157.245.193.166200 OK 1.6 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.state.js?ver=3.3.11
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
Hash 71edb12a4067374af3ad10e92b90ed54
f0e5763b2921fdfa8f0f59f085fbe7c9462c6e60
69dcdf35f73fd5eefcd22bf3cf7913f025cccbe9f8972bcaf921ce08dd2bb2ad
GET /wp-content/plugins/ns-category-widget/public/assets/js/jstree.state.js?ver=3.3.11 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 19 Feb 2023 16:09:28 GMT
ETag: "1204-5f50fc56049f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1591
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/public.js?ver=3.1.6
157.245.193.166200 OK 77 B URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/public.js?ver=3.1.6
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
Hash 3abc11724f92cb900d3cf479d3ccbc5d
f82ab6d99c25f9122c0deeaa8369f27fcf7cdd90
808989d89c1c00cf61888e46fe31c167f03d2770b881bfd1774313dd5f00b71f
GET /wp-content/plugins/ns-category-widget/public/assets/js/public.js?ver=3.1.6 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 19 Feb 2023 16:09:28 GMT
ETag: "46-5f50fc5603a57-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 77
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f8714882619fc507018eef3d005f16fc
9294e0edaa04b9e3868dcc1261309c3bf7fab717
39b2129e2247e7ef258a08c28ef1d473c6e385ef919913133f92de9c1c4b1d34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f8714882619fc507018eef3d005f16fc
9294e0edaa04b9e3868dcc1261309c3bf7fab717
39b2129e2247e7ef258a08c28ef1d473c6e385ef919913133f92de9c1c4b1d34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.crane.mn/wp-includes/js/hoverIntent.min.js?ver=1.10.2
157.245.193.166200 OK 706 B URL GET HTTP/1.1 www.crane.mn/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (1464)
Hash e26e2ba5d82da6211e981bf0e962fe00
ca7358efdb6852cfb78ec32383eaef15ac6cb61b
400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 16:37:14 GMT
ETag: "5db-5ef2b6a9ac199-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 706
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Hash 31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 May 2023 11:49:35 GMT
expires: Fri, 03 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
age: 227693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
216.58.207.227200 OK 27 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP 216.58.207.227:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 26616, version 1.0\012- data
Hash a91884dde05099b030787565e5def49d
036a2f70043f893c5c2598380128d10a7b8d565d
600130a0fc244c82240330b3d0e4d9a592ca6523cf0509f16e3e1a3da0eebbab
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26616
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 20:18:32 GMT
expires: Thu, 02 May 2024 20:18:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:14 GMT
content-type: font/woff2
age: 283556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2
216.58.207.227200 OK 50 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2
IP 216.58.207.227:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 49588, version 1.0\012- data
Hash be82908cb9829fc6ff9f701edafd6c99
62ca8f4f8d076ff6c8f51e16dcdba022bd9429be
e684793a09b55092bb67d757c85b6ddfcc974ed4b10b84c4e98dfbbf27317f59
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 49588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 19:27:15 GMT
expires: Thu, 02 May 2024 19:27:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:27:26 GMT
content-type: font/woff2
age: 286633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Hash 31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 May 2023 11:49:35 GMT
expires: Fri, 03 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
age: 227693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2
216.58.207.227200 OK 50 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2
IP 216.58.207.227:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 49588, version 1.0\012- data
Hash be82908cb9829fc6ff9f701edafd6c99
62ca8f4f8d076ff6c8f51e16dcdba022bd9429be
e684793a09b55092bb67d757c85b6ddfcc974ed4b10b84c4e98dfbbf27317f59
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 49588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 19:27:15 GMT
expires: Thu, 02 May 2024 19:27:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:27:26 GMT
content-type: font/woff2
age: 286633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Hash 31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 May 2023 11:49:35 GMT
expires: Fri, 03 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
age: 227693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
216.58.207.227200 OK 27 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP 216.58.207.227:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 26616, version 1.0\012- data
Hash a91884dde05099b030787565e5def49d
036a2f70043f893c5c2598380128d10a7b8d565d
600130a0fc244c82240330b3d0e4d9a592ca6523cf0509f16e3e1a3da0eebbab
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26616
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 20:18:32 GMT
expires: Thu, 02 May 2024 20:18:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:14 GMT
content-type: font/woff2
age: 283556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
216.58.207.227200 OK 27 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP 216.58.207.227:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 26616, version 1.0\012- data
Hash a91884dde05099b030787565e5def49d
036a2f70043f893c5c2598380128d10a7b8d565d
600130a0fc244c82240330b3d0e4d9a592ca6523cf0509f16e3e1a3da0eebbab
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26616
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 20:18:32 GMT
expires: Thu, 02 May 2024 20:18:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:14 GMT
content-type: font/woff2
age: 283556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Hash 31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 May 2023 11:49:35 GMT
expires: Fri, 03 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
age: 227693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.linearicons.com/free/1.0.0/Linearicons-Free.woff2
54.230.111.5200 OK 22 kB URL GET HTTP/2 cdn.linearicons.com/free/1.0.0/Linearicons-Free.woff2
IP 54.230.111.5:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerAmazon
Subjectcdn.linearicons.com
Fingerprint71:4D:78:8E:12:B7:39:86:3D:93:98:33:2A:BE:FB:38:B4:AC:25:0C
ValidityThu, 23 Feb 2023 00:00:00 GMT - Sat, 20 Jan 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21780, version 1.0\012- data
Hash 03e91f122aa5fd425abbe23c85546eb0
c87a3db06c5db4e75e639382f174eafa439aeb27
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
GET /free/1.0.0/Linearicons-Free.woff2 HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://cdn.linearicons.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 21780
date: Thu, 23 Mar 2023 06:55:55 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Thu, 18 Jun 2015 09:10:36 GMT
etag: "03e91f122aa5fd425abbe23c85546eb0"
cache-control: max-age=31000000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XOjPC9vGKKRRe1Kcu3KQkCwUtenLVOd1JBdvPhFMkz5sSuOuRhJsNA==
age: 3874114
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2
216.58.207.227200 OK 50 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2
IP 216.58.207.227:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 49588, version 1.0\012- data
Hash be82908cb9829fc6ff9f701edafd6c99
62ca8f4f8d076ff6c8f51e16dcdba022bd9429be
e684793a09b55092bb67d757c85b6ddfcc974ed4b10b84c4e98dfbbf27317f59
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 49588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 19:27:15 GMT
expires: Thu, 02 May 2024 19:27:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:27:26 GMT
content-type: font/woff2
age: 286633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.min.js?ver=3.3.11
157.245.193.166200 OK 33 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/ns-category-widget/public/assets/js/jstree.min.js?ver=3.3.11
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (32075)
Hash a24d1290cff24360abb0c70d1e4e5f5a
f5fc6c8fd94ff7dc691a2b19ca3d55a60fc56825
f2ed21327ff46a57ade23776b4632b6a1b2b0e046596b077d79b9699f690395a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ns-category-widget/public/assets/js/jstree.min.js?ver=3.3.11 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 19 Feb 2023 16:09:28 GMT
ETag: "223b7-5f50fc56049f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32882
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash d3454e1b68c1c2a44dd9624b283b3945
406b597540f09f2a82205e83a391f91e864c5532
19b2aacd9ee6f9cfff0e08b8350d97afc75e255916d9c26fa7bfee664bd09cac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.crane.mn/wp-content/themes/backhoe/js/wd-script.min.js?ver=1.0.0
157.245.193.166200 OK 270 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/js/wd-script.min.js?ver=1.0.0
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (31995), with CRLF line terminators
Size 270 kB (270094 bytes)
Hash 7c190cbefc49dc0a6115bc379213f868
1f1ae48a5d194cb18299fd055679ec4c6773f28e
c6f3ed5521711a982617696c98ce6abf5abea349fdc4ea67598d51d32f2f183c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/backhoe/js/wd-script.min.js?ver=1.0.0 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "f3d5c-5ef2a5f202c56-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.crane.mn/wp-content/themes/backhoe/css/webfonts/fa-brands-400.woff2
157.245.193.166200 OK 70 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/webfonts/fa-brands-400.woff2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type Web Open Font Format (Version 2), TrueType, length 69608, version 1.0\012- data
Hash 659c4d58b00226541ef95c3a76e169c5
333b0d6bb7e10601f4bd99e048608d5581be2a98
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/backhoe/css/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "10fe8-5ef2a5f1dcaf7"
Accept-Ranges: bytes
Content-Length: 69608
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
www.crane.mn/wp-content/themes/backhoe/images/pattern_dashed.png
157.245.193.166200 OK 112 B URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/images/pattern_dashed.png
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type PNG image data, 14 x 14, 8-bit/color RGB, non-interlaced\012- data
Hash 6067a2f9be8b6717e4417798c7e7b4e1
9f247c675a19ac6ccea53e330ff31568572b1e26
0d700745568a42b15454dfb2499a71ae07dcb6ac1105d4e194604a801d74b626
GET /wp-content/themes/backhoe/images/pattern_dashed.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/app.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "70-5ef2a5f1f8076"
Accept-Ranges: bytes
Content-Length: 112
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.crane.mn/wp-content/themes/backhoe/images/icon/search-icon.svg
157.245.193.166200 OK 791 B URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/images/icon/search-icon.svg
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash e29d804b0a896bebc028b9672a169661
7f29913a8218bc263ea15af894247bfda3da4fd7
d77383a4c27a81cbddba31ea9dd8db61b8257d97b8a29e01b6fb2eccbaf57b7f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/backhoe/images/icon/search-icon.svg HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/app.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "317-5ef2a5f1f8076"
Accept-Ranges: bytes
Content-Length: 791
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
www.crane.mn/wp-content/themes/backhoe/css/webfonts/fa-solid-900.woff2
157.245.193.166200 OK 74 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/webfonts/fa-solid-900.woff2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type Web Open Font Format (Version 2), TrueType, length 73852, version 1.0\012- data
Hash fb493903265cad425ccdf8e04fc2de61
fef2f08d60e907750df0bc41ce64a7139642ddf0
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/backhoe/css/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/all.min.css?ver=6.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:27 GMT
ETag: "1207c-5ef2a5f1dea37"
Accept-Ranges: bytes
Content-Length: 73852
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2
www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.4.2
157.245.193.166200 OK 1.2 kB URL GET HTTP/1.1 www.crane.mn/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.4.2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type ASCII text, with very long lines (7043), with no line terminators
Hash 7a01d757cd8aced5af866e83a6d0ce76
f352b0e25c2a3ca7af84f93c9bc1fd700db3586f
da5327f259e09fafac875160fbcd3fe934f48359e751e42b802f5577310b014c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.4.2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:21 GMT
ETag: "1b83-5ef2a5ecda788-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1177
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.crane.mn/wp-content/uploads/2021/06/old-logo-7-300x57.png
157.245.193.166200 OK 5.2 kB URL GET HTTP/1.1 www.crane.mn/wp-content/uploads/2021/06/old-logo-7-300x57.png
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type PNG image data, 300 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 09a2dc8d8d789614008bbec523c1a937
26733e3175c7281298ed319833a0be869649285f
7e13d19abe57a3473a13250ae35b0b91a9804d87e4efb2c686525ce18eb49ca2
GET /wp-content/uploads/2021/06/old-logo-7-300x57.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Aug 2022 09:18:31 GMT
ETag: "142c-5e70d47fb2c31"
Accept-Ranges: bytes
Content-Length: 5164
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.crane.mn/wp-content/themes/backhoe/css/fonts/icofont.woff2
157.245.193.166200 OK 538 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/fonts/icofont.woff2
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type Web Open Font Format (Version 2), TrueType, length 537868, version 1.0\012- data
Size 538 kB (537868 bytes)
Hash 50a4ab76e700a83e649be213f820fbbd
28ad9e9ac82f86c50eb4dd3d713a0698473bdbb3
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/backhoe/css/fonts/icofont.woff2 HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/icofont.min.css?ver=6.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "8350c-5ef2a5f1c2518"
Accept-Ranges: bytes
Content-Length: 537868
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/woff2
www.crane.mn/wp-content/themes/backhoe/css/images/next.png
157.245.193.166200 OK 1.4 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/images/next.png
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f15875975aab69085470aabbfec802
777e92c050f600b4519299c3d786b8f2f459fea4
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
GET /wp-content/themes/backhoe/css/images/next.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "546-5ef2a5f1ce098"
Accept-Ranges: bytes
Content-Length: 1350
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
www.crane.mn/wp-content/themes/backhoe/css/images/prev.png
157.245.193.166200 OK 1.4 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/images/prev.png
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 84b76dee6b27b795e89e3649078a11c2
6640a3432f7ba7aea6129cdf7a5d3eabd47c295c
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
GET /wp-content/themes/backhoe/css/images/prev.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "550-5ef2a5f1ce098"
Accept-Ranges: bytes
Content-Length: 1360
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.crane.mn/wp-content/themes/backhoe/css/images/loading.gif
157.245.193.166200 OK 8.5 kB URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/images/loading.gif
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type GIF image data, version 89a, 32 x 32\012- data
Hash 2299ad0b3f63413f026dfec20c205b8f
cf720b50cf8dde0e1a84ce1c6a77788bfc5882d5
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
GET /wp-content/themes/backhoe/css/images/loading.gif HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "211c-5ef2a5f1ce098"
Accept-Ranges: bytes
Content-Length: 8476
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
use.fontawesome.com/releases/v5.1.0/css/all.css
172.64.133.15200 OK 10 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.1.0/css/all.css
IP 172.64.133.15:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type ASCII text, with very long lines (45507)
Hash 2ccf9db65fbfa1eb727db91ef1f67e7c
6071f6fa98ea1b0bd1bc4f2a4b16cd37e4b61a3d
c7df04c59887aa7cadc022742092cb27bcf5c06e84f43f16f04d714efca322f8
GET /releases/v5.1.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 03:04:28 GMT
content-type: text/css
x-amz-id-2: CaS+mdZoUq71+fR1hPOIlxbcmgMvTyAnNT05yULWJRIPfua1i6XZ5HKin041pKCEP716LBT5xb8=
x-amz-request-id: KJ55YNQEQKB6M6GE
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 568337
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q52IwBXF%2BpxtU7TZUNM6IOHtcX6hWjmva5en43G5j9FuUJTLqksCi63Aj4xuRWdO07FrjvijMIruRSGvYxNiTeSGdHUVConS3iGxtMIir7ptortuKKm2AuC7NaVnWWJWpQPYjEH6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c363c58bccd7495-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
172.64.133.15200 OK 63 kB URL GET HTTP/3 use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
IP 172.64.133.15:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 63376, version 1.0\012- data
Hash f319eac1c755f9929fd856720ce1695e
0a885a5dbd97bd9f4fb1821eb82f2135471faff9
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
GET /releases/v5.1.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:28 GMT
content-type: font/woff2
content-length: 63376
x-amz-id-2: +eUKWB7bWLqCJngJ1DURcYjxUOn62B92bQtTBEDPXhz7TnZfnoxq1zMtvqTWGAfsXeJew2Yyagg=
x-amz-request-id: S8QDEZV7B270WH2J
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
etag: "f319eac1c755f9929fd856720ce1695e"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLTbffO8uwk3W5QSGCbJezuETGm1EWyAJXSVj4Z%2BzTYdL5M5NkVY6uhLaEYekmIt4%2FmLe07Cg9vtjbzVQ63c%2FGBzMOWV7uX6N6ADgryAMH%2BuRuagYwoAUbOrFug3DgD3A1R1zKtB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c363c5aebe724e9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 60 kB URL GET HTTP/3 use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
IP 172.64.133.15:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 59572, version 1.0\012- data
Hash 18d2347ab2a9f40ca2247cdb03303d84
8aba5b59c5aa7f548a1fa663f02f3cdd3757bb52
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
GET /releases/v5.1.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:28 GMT
content-type: font/woff2
content-length: 59572
x-amz-id-2: dFxDH9ZddZZc06tIMJxXn48+eWXcIDq2qex02H8lsIJFcC4BYs54acMPxndZwGFFHc4C4gQGGOo=
x-amz-request-id: S8QD4Y94YBQKRYQD
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
etag: "18d2347ab2a9f40ca2247cdb03303d84"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc0dsZNa96fChBBnl1yTCt13fBVMlvvCXV7BODYrM2KHaG9S5Im7oY27TL2Hz8bS2gh%2F85oxpwq%2F%2BQ4T6llfGDmlvpPbAuatXtxM%2BNucuqJ5%2F%2BhEq4FpPxS6Fyi8clYrv2JhcZcA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c363c5aebe624e9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.crane.mn/?wc-ajax=get_refreshed_fragments
157.245.193.166200 OK 684 B URL POST HTTP/1.1 www.crane.mn/?wc-ajax=get_refreshed_fragments
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type JSON data\012- , ASCII text, with very long lines (684), with no line terminators
Hash a1e90820e0a60d5699a621b317e2e7ce
cdbef82a434f6372611b16f2a8e4f83e48070714
756a224896afeee69727f620b6b556b1874760a342e57675ac73a9489aeed04c
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding,Cookie
Access-Control-Allow-Origin: https://www.crane.mn
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Content-Length: 684
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
crane.mn/wp-content/uploads/2021/05/cropped-lifting-equipment-chains-exhibition-store-133539818-e1621512295666.jpg
157.245.193.166200 OK 266 kB URL GET HTTP/1.1 crane.mn/wp-content/uploads/2021/05/cropped-lifting-equipment-chains-exhibition-store-133539818-e1621512295666.jpg
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x470, components 3\012- data
Size 266 kB (266171 bytes)
Hash 464d6d5a0e1db88ff11f24c8740e6d88
4e7f0aca257514b5e6d9fa12e68d6680488f7b17
0dd2194245c4b4553505a8c6db0a001eb7203ad52383b545cf39746d3520fa2b
GET /wp-content/uploads/2021/05/cropped-lifting-equipment-chains-exhibition-store-133539818-e1621512295666.jpg HTTP/1.1
Host: crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Aug 2022 09:18:35 GMT
ETag: "40fbb-5e70d4834ba80"
Accept-Ranges: bytes
Content-Length: 266171
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash bf34384a7fd9e62b9045178ff81864df
732744c22cd182dac8ab80666ef2d8985a47d3a9
89f580bee129d929f610dcbb61af775e59ebd60acf584cf274346ecf638816f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
client.relay.crisp.chat/w/5d/?EIO=4&transport=websocket
134.209.238.18 0 B URL client.relay.crisp.chat/w/5d/?EIO=4&transport=websocket
IP 134.209.238.18:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w/5d/?EIO=4&transport=websocket HTTP/1.1
Host: client.relay.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.crane.mn
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7Ho8jAlqsXwc99Jq4H7fQg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 07 May 2023 03:04:29 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5hDBT8dD+UpVEBs3x4+Xv3porX8=
X-Crisp-Ray: website w:5d 10.133.35.18:3000
Access-Control-Allow-Headers: Content-Type, Origin, Upgrade
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Credentials: false
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.138200 OK 23 B URL GET HTTP/3 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.138:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.crane.mn
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 07 May 2023 03:04:29 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.crane.mn
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash bf34384a7fd9e62b9045178ff81864df
732744c22cd182dac8ab80666ef2d8985a47d3a9
89f580bee129d929f610dcbb61af775e59ebd60acf584cf274346ecf638816f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 03:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.crane.mn/wp-content/uploads/2021/08/cropped-icon-32x32.png
157.245.193.166200 OK 958 B URL GET HTTP/1.1 www.crane.mn/wp-content/uploads/2021/08/cropped-icon-32x32.png
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 08741d5d8e1cffdf7ef30e4a99ed4fad
52c36d863ae403b12114ad595ddd0edffeecc9c2
9a5e6786bd4f35c7e93c06a00d51397d1bd9ff665c549c8e593cd25a1359725b
GET /wp-content/uploads/2021/08/cropped-icon-32x32.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:29 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Aug 2022 09:18:36 GMT
ETag: "3be-5e70d48469c9b"
Accept-Ranges: bytes
Content-Length: 958
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js
172.217.21.174200 OK 58 kB URL GET HTTP/2 www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js
IP 172.217.21.174:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintA3:4E:A3:86:10:DA:6C:D1:8C:73:54:AB:E6:8F:7D:21:72:2C:B4:D5
ValidityMon, 17 Apr 2023 08:16:32 GMT - Mon, 10 Jul 2023 08:16:31 GMT
File type ASCII text, with very long lines (580)
Hash 694cab1993900ba45b4992bbb6cc1360
7d1b9ab11bf714387cfa05957289281d6df9ee9c
a571b15bb1df3056c7b5cb196d02a3ca4f6a2f93ef596f45af3a3fccea57c7f9
GET /s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 57768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 14:50:19 GMT
expires: Thu, 02 May 2024 14:50:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 03 May 2023 00:18:30 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 303250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.crane.mn/wp-content/uploads/2021/08/cropped-icon-192x192.png
157.245.193.166200 OK 7.6 kB URL GET HTTP/1.1 www.crane.mn/wp-content/uploads/2021/08/cropped-icon-192x192.png
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 985d0bac729b9a4ca33e83e5862d2925
30e09d7bea7cde9b096091cd69edd43be984540c
56ffda7f235cc31a555ad0867389c12bbe113501502527b7861418af51faa44d
GET /wp-content/uploads/2021/08/cropped-icon-192x192.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:29 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Aug 2022 09:18:36 GMT
ETag: "1dda-5e70d483bde9e"
Accept-Ranges: bytes
Content-Length: 7642
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
maps.googleapis.com/maps-api-v3/api/js/53/2/common.js
142.250.74.106200 OK 61 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/53/2/common.js
IP 142.250.74.106:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type ASCII text, with very long lines (580)
Hash 13c76fe986212ce382d6aa7c67dd64b1
99c64735f4e8a329135ecc17a72b93d8114f38ee
32ae690f06198da2d513579c9414735912e23e0ab42f05be6a64c6d0b278abf8
GET /maps-api-v3/api/js/53/2/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 61370
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 20:31:31 GMT
expires: Thu, 02 May 2024 20:31:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 03 May 2023 01:13:11 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 282782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps-api-v3/api/js/53/2/util.js
142.250.74.106200 OK 53 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/53/2/util.js
IP 142.250.74.106:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type ASCII text, with very long lines (564)
Hash e03338f1ffcb4d78d0b79d41080e2e38
9fafce8a70d820cd56833d09b463829b335497ca
414ed205b878a3ffb8d5def1ea4b1b1e56cb57a869d855fdaf744bbd538ed716
GET /maps-api-v3/api/js/53/2/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 52844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 May 2023 20:31:31 GMT
expires: Thu, 02 May 2024 20:31:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 03 May 2023 01:13:11 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 282782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
client.relay.crisp.chat/w/5d/?EIO=4&transport=websocket
134.209.238.18101 Switching Protocols 0 B URL GET HTTP/1.1 client.relay.crisp.chat/w/5d/?EIO=4&transport=websocket
IP 134.209.238.18:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerSectigo Limited
Subjectclient.relay.crisp.chat
FingerprintDE:C1:D0:92:2F:AB:BF:30:B3:AB:23:6A:61:3D:EB:7F:F0:5E:2E:EC
ValidityTue, 07 Jun 2022 00:00:00 GMT - Sat, 08 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w/5d/?EIO=4&transport=websocket HTTP/1.1
Host: client.relay.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.crane.mn
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7Ho8jAlqsXwc99Jq4H7fQg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 07 May 2023 03:04:29 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5hDBT8dD+UpVEBs3x4+Xv3porX8=
X-Crisp-Ray: website w:5d 10.133.35.18:3000
Access-Control-Allow-Headers: Content-Type, Origin, Upgrade
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Credentials: false
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C&display=swap&subset=latin&ver=1.0.0
142.250.74.106200 OK 12 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C&display=swap&subset=latin&ver=1.0.0
IP 142.250.74.106:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
Hash 7a26e77a3d4b5fd0ace13150c24d9f3d
28b8c3469e2bcf6e941aa8bffdd51f7bdb8fdea3
1888959b5858af3cd658a6aa00118d4db9656ee9d2dec1eb0d0bc68a6c4cc670
GET /css?family=Open+Sans%3A300%2C400%2C600%2C700%2C&display=swap&subset=latin&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 07 May 2023 03:04:26 GMT
date: Sun, 07 May 2023 03:04:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-4-7-3-4
104.18.29.91200 OK 212 B URL GET HTTP/3 client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-4-7-3-4
IP 104.18.29.91:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash afba1585728a00d3e95cfac087c2199f
457c91086989cbb894b52c6b345634657d4fedf0
2c7b8c260f7193e1f83a54b4ab85bdf0c6b29a0dd6c21064d58fd7d118fe4f67
GET /settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-4-7-3-4 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:29 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
expires: Sun, 07 May 2023 07:04:29 GMT
vary: Accept-Encoding
last-modified: Sun, 07 May 2023 03:04:29 GMT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c5ca8adb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.youtube.com/iframe_api
172.217.21.174200 OK 1.1 kB URL GET HTTP/2 www.youtube.com/iframe_api
IP 172.217.21.174:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintA3:4E:A3:86:10:DA:6C:D1:8C:73:54:AB:E6:8F:7D:21:72:2C:B4:D5
ValidityMon, 17 Apr 2023 08:16:32 GMT - Mon, 10 Jul 2023 08:16:31 GMT
File type ASCII text, with very long lines (1085), with no line terminators
Hash 9ba8bd4c67dd2bd39e369f9fad5fd900
08425a8a15b9c1b05a56b193bc4a4a73a1c879b8
8a9950e993b880193e55d5be09b08047f9c99e492236bf10d90bd1213af9ff66
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sun, 07 May 2023 03:04:29 GMT
date: Sun, 07 May 2023 03:04:29 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=wwC2t0pQf1o; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=7kBILDTu4h0; Domain=.youtube.com; Expires=Fri, 03-Nov-2023 03:04:29 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+133; expires=Tue, 06-May-2025 03:04:29 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
client.crisp.chat/static/stylesheets/client_default.css?d2149b0
104.18.29.91200 OK 355 kB URL GET HTTP/3 client.crisp.chat/static/stylesheets/client_default.css?d2149b0
IP 104.18.29.91:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT
Size 355 kB (355067 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/stylesheets/client_default.css?d2149b0 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:28 GMT
content-type: text/css
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"642ad5e4-56afb"
expires: Wed, 04 May 2033 03:04:28 GMT
last-modified: Mon, 03 Apr 2023 13:34:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 48419
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c5a3f61b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
client.crisp.chat/l.js?ver=6.2
104.18.29.91200 OK 8.4 kB URL GET HTTP/2 client.crisp.chat/l.js?ver=6.2
IP 104.18.29.91:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (8670), with no line terminators
Hash 6049cd4f090c2bc329364e4946a823f1
0825603db1dec50b9e4bd10c05af697baa08d51e
13abb9d031815d62bad706693babad7fae836ddf58cae3a99191d9844b3e484e
GET /l.js?ver=6.2 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 03:04:26 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
etag: W/"622f402b-20d1"
expires: Mon, 08 May 2023 03:04:26 GMT
last-modified: Mon, 14 Mar 2022 13:16:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 48096
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c4dea96fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
client.crisp.chat/static/javascripts/locales/mn.js?d2149b0
104.18.29.91200 OK 9.6 kB URL GET HTTP/3 client.crisp.chat/static/javascripts/locales/mn.js?d2149b0
IP 104.18.29.91:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (7408), with no line terminators
Hash 89d31af1f52b660a13e0418de3e85dde
823a3df35db7eb6053b40ace518444b8e1a3d1bb
35fdf689c8dd5adadaa5e98e1623b13ec27e8ae1911c8dc133ede19d3abd1ab0
GET /static/javascripts/locales/mn.js?d2149b0 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:29 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"62a737a2-258d"
expires: Wed, 04 May 2033 03:04:29 GMT
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c619b26b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800%2C&display=swap&subset=latin-ext&ver=1.0.0
142.250.74.106200 OK 15 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800%2C&display=swap&subset=latin-ext&ver=1.0.0
IP 142.250.74.106:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
Hash 194fabcd0a3f7a1909cdf561ccc79775
d1a6a2e2b255d8a578035611d918423b71c3d930
d11f6ac62c5e0e2c0955a79615e06f561c5622f4d4598b3e7b853055c7b5643e
GET /css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800%2C&display=swap&subset=latin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 07 May 2023 03:04:26 GMT
date: Sun, 07 May 2023 03:04:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
client.crisp.chat/static/javascripts/client.js?d2149b0
104.18.29.91200 OK 411 kB URL GET HTTP/3 client.crisp.chat/static/javascripts/client.js?d2149b0
IP 104.18.29.91:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT
Size 411 kB (411268 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/javascripts/client.js?d2149b0 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:28 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"62a737a2-64684"
expires: Wed, 04 May 2033 03:04:28 GMT
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 48419
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c5a3f62b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.crane.mn/wp-content/themes/backhoe/css/images/close.png
157.245.193.166200 OK 280 B URL GET HTTP/1.1 www.crane.mn/wp-content/themes/backhoe/css/images/close.png
IP 157.245.193.166:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerLet's Encrypt
Subjectcrane.mn
FingerprintE8:34:36:29:69:66:D6:19:C0:53:B3:FB:C5:FC:75:05:35:1E:47:AA
ValiditySat, 25 Mar 2023 03:50:21 GMT - Fri, 23 Jun 2023 03:50:20 GMT
File type PNG image data, 27 x 27, 8-bit colormap, non-interlaced\012- data
Hash d9d2d0b1308cb694aa8116915592e2a9
3ca48361cfe0e41163023d03c26296f375bb3eac
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
GET /wp-content/themes/backhoe/css/images/close.png HTTP/1.1
Host: www.crane.mn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/wp-content/themes/backhoe/css/vendor/lightbox.min.css?ver=6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 03:04:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Dec 2022 15:22:26 GMT
ETag: "118-5ef2a5f1ce098"
Accept-Ranges: bytes
Content-Length: 280
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1648018704892
104.18.29.91200 OK 1.2 kB URL GET HTTP/3 client.crisp.chat/settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1648018704892
IP 104.18.29.91:443
Requested by https://www.crane.mn/wp-content/plugins/jetpack/modules/photon-cdn/EpsonDeviceControl.exe
Certificate IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1261), with no line terminators
Hash 2c94a55165fa38e7ddeb086506c447cd
12ca0816b61f436aaa7191a5e472dbca7733db6b
c6453b212cc4cc742b0eaa359416dbdfb228374e9e6154d449886586ab3b8129
GET /settings/website/9ca12910-c2a4-4abe-a2e8-42b2833e0d30/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1648018704892 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crane.mn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 07 May 2023 03:04:29 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
expires: Sun, 07 May 2023 07:04:29 GMT
vary: Accept-Encoding
last-modified: Sat, 06 May 2023 11:16:29 GMT
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c363c60eae4b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400