firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 04:52:20 GMT
Expires: Fri, 21 Oct 2022 04:52:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rElvo5U_w45Z7FgTf4_Wkdv-qfHHNMsTZ1YhjnoR9yCsWTbPD41X_Q==
Age: 1858
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 24a97183f836954e0f05c4dc794ff4d1
52778bbe39b9f736c16b5798575d1d96607ce9d0
01f6721f2674f54662fff590fdf7247cc8c58a3f84906cae75527fb7b6dd2436
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01F6721F2674F54662FFF590FDF7247CC8C58A3F84906CAE75527FB7B6DD2436"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5529
Expires: Fri, 21 Oct 2022 06:55:27 GMT
Date: Fri, 21 Oct 2022 05:23:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5464
Expires: Fri, 21 Oct 2022 06:54:22 GMT
Date: Fri, 21 Oct 2022 05:23:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aQqY9ftamkoCU1WRxbNqMg4Xz24kBOv6KS1jIW+UEY7XCbUciNICzEKTpICkcYDett3WdXF/cJs=
x-amz-request-id: MQKMX39TSV6BWZK5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 04:37:02 GMT
age: 2776
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
uppercrustng.com/
301 Moved Permanently 707 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 21 Oct 2022 05:23:18 GMT
server: LiteSpeed
location: https://uppercrustng.com/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 05:23:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 21 Oct 2022 04:43:40 GMT
Expires: Fri, 21 Oct 2022 04:46:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S1t5aBUQJfNKta8oMazjPV-BuzlT2pprBtI-MoN_e0aOu7sJ0oMTWg==
Age: 2379
ocsp.digicert.com/
200 OK 471 B IP
Hash a5dd4f71f4ddd5be9201466ed7a6c423
1d0832fb6e227d42137d319f728c8bc1414c816f
1edffa6a320210fccbd0e5fa6dbdaa45561678a75a66639985f02791c8283b40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2547
Cache-Control: max-age=98754
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 05:23:19 GMT
Etag: "63510196-1d7"
Expires: Sat, 22 Oct 2022 08:49:13 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:46 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4e0a6da8bce9ae32a8630030dc4d3f72
4492a144f8ae8f9ba52b69d7e7885a29d343b8de
511ed684fd6fa4df6a12c89c6d28b586b633c6ae99617e1c9c240c1ca676dcb9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 05:23:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 08:33:29 GMT
Expires: Thu, 27 Oct 2022 08:33:28 GMT
Etag: "4492a144f8ae8f9ba52b69d7e7885a29d343b8de"
Cache-Control: max-age=529208,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d78f7d6a93b523-OSL
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NXu27R4jF1AWM5eiU29B+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pT6cuB+NNDKImC/KQuzcI7Paqt8=
cdn.datatables.net/1.10.20/css/jquery.dataTables.min.css?ver=5.8.1
200 OK 2.1 kB URL HTTP/2 cdn.datatables.net/1.10.20/css/jquery.dataTables.min.css?ver=5.8.1
IP
File type ASCII text, with very long lines (13899)
Hash f1c730cb36b02ff6f5f79035d08514d2
3cf50dcd231f50143037d15c2d26d6a3ef2ce428
2c4bdf8fbeadffec85b8aee8f45d5942836a04ea6b1c5ede435db7f607379f24
GET /1.10.20/css/jquery.dataTables.min.css?ver=5.8.1 HTTP/1.1
Host: cdn.datatables.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uppercrustng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 05:23:20 GMT
content-type: text/css; charset=utf-8
content-length: 2109
x-frame-options: SAMEORIGIN
last-modified: Wed, 12 Oct 2022 15:00:16 GMT
etag: "1120a3f-364c-5ead7a68470ad-gzip"
cache-control: max-age=31536000
expires: Thu, 19 Oct 2023 17:12:23 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cf-cache-status: HIT
age: 130257
accept-ranges: bytes
server: cloudflare
cf-ray: 75d78f823d66b51d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uppercrustng.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
200 OK 824 B URL HTTP/2 uppercrustng.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
IP
Hash 269ed2215d4adf9265132f4135d49185
2e1bf415040627ed8041c1444de11034efe66f89
dad114286e260217aae476d3c4f7da41e7356438bb63a4e742787c6463e19963
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 824
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uppercrustng.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.5.1
200 OK 18 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.5.1
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash c1b46a70d8bf244ab632ac940e8d2406
72791fcd33f7b57ea1a1690e8bb032097a5afe5e
f19372c9b6acb00748064bfc36ac54c5a3a0cf200718abea579d21f505de0a6d
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.5.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18026
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
200 OK 10 kB URL HTTP/2 uppercrustng.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
IP
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash cf64bd69df964ad7baacebb5f165288e
3b43b33729294f0378142606559dac91d56919f8
f8d581c3f1abb40a8a24d79f47abe7b7b4ea24207160d0e260d06ca0cdebcb19
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Mon, 19 Jul 2021 10:26:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9960
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
200 OK 791 B URL HTTP/2 uppercrustng.com/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
IP
Hash 70803413c9597ee8c0d1014c24614132
ebcf83176e785a74666e9a6f6237509f11e6dcca
fd2994ae20595548eaaf7b3071ced4b3ed29db6d87940a6a1c9672a10ae399e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 791
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.5.1
200 OK 911 B URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.5.1
IP
File type ASCII text, with very long lines (3276), with no line terminators
Hash 5d670b5def8387bbd5e614f9d309a592
586928ec81bdc4f13d851e7a5c7915ec9f343512
f45ed68d669ede39822d665dbfbe36381eb01bf9e3c38f1ac40e9fb50098973c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.5.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 911
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.5.83
200 OK 6.7 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.5.83
IP
File type ASCII text, with very long lines (44235), with no line terminators
Hash 80daabbd234200081528fac535e2bde1
ef333348a88444b3113b19b5903bf6fb769e27f6
7bc9bd3320f24e9cb0de2fd2e069224ab5b9032f382f654dcba12caa004bf117
GET /wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.5.83 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6683
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.6.0
200 OK 2.4 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.6.0
IP
File type Unicode text, UTF-8 text, with very long lines (17923), with no line terminators
Hash ec41958d4b8e3f562fd97efea3e9a63e
550251108c88e60743ce55b0938aaf41f62c29bd
54bcac6e842100dfe2b97bdbebd393f71d934adc136eba5ddcc8174804b4fc5a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2373
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
200 OK 3.8 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
IP
File type ASCII text, with very long lines (42839), with no line terminators
Hash 0f2a1830a2eb3452fe698134828443d4
4d04d53d82c38785c13e1aa7cf012cb9dbf3db28
a037316b9cce9cab96056fd1797693e625fda9cfcd5337f5412b9aa8b6aae3ad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3806
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.3.24
200 OK 1.7 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.3.24
IP
File type ASCII text, with very long lines (6794)
Hash 9bb930afefcd08578e40d87e6cf74366
c2a096ebbc4a5e7400bb4d4294d5c011eb975a27
5c85203c7d95fbc0a76522a933408c07fe6e362c8094e514ec3c0bcb9e6bbd34
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.3.24 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1660
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.6.0
200 OK 8.4 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.6.0
IP
File type Unicode text, UTF-8 text, with very long lines (62789), with no line terminators
Hash 9834791a56176f4340f5a795e699c0f4
efd08256f0b0c0add6b6759f29b20087c47a7eb6
264b381ca91c85d7ce5b9863f439be26c19c2d6fa75a2c7a6b486cb3f24892d5
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8444
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/css/fontawesome.css?ver=5.8.1
200 OK 12 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/css/fontawesome.css?ver=5.8.1
IP
Hash e5a8bbc26ff3eeb9cd0eb7271935571c
b1bba2e26ef68882979b44e5946546ae4af52010
52873e4a2da27ff86005af313a67cb20e5f31d460c6791a785b427435d3e8416
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/css/fontawesome.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11872
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/css/magnific-popup.css?ver=5.8.1
200 OK 1.7 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/css/magnific-popup.css?ver=5.8.1
IP
Hash 03b0f3835745934343c47a2156262fe1
e99d28783482b3944d07ff3c68e18355c7887ff9
0ebf9903106fcf5bf718fa026aedb96decc0a48a7a9ec2e0dc1cad43119ad9ff
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/css/magnific-popup.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1660
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/css/bootstrap.min.css?ver=5.8.1
200 OK 20 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/css/bootstrap.min.css?ver=5.8.1
IP
File type ASCII text, with very long lines (65324)
Hash 661d0d3450fe6c5a0037d5a8ddeda61c
ef94f64b3e215c262a4d411fb175225a00912f8e
468838d000f29d7d0ec1666a54cde04a9fbf29627cc436c12032cadda1e44c79
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/css/bootstrap.min.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20530
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/css/slick.css?ver=5.8.1
200 OK 483 B URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/css/slick.css?ver=5.8.1
IP
Hash 1e4f6b1a5456c5cefdd025118bf4e6b5
5713171df86af73933ccb408bd352ae4267fd196
80a0639fa558bbfef356bcdbf900c4586b7b51834efcec690384317ec52c7676
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/css/slick.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 483
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/css/materialize.css?ver=5.8.1
200 OK 549 B URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/css/materialize.css?ver=5.8.1
IP
File type ASCII text, with CRLF line terminators
Hash b465e3220f454940af5d1a817cd6ed3f
4590208fc6c338ae0708b83f8734b5007a1fc7ce
9da6eb7a2411b6a3dd4ea02d7e9b713f22b9eaa799fe70742082e726f8794216
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/css/materialize.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 549
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/css/slick-theme.css?ver=5.8.1
200 OK 763 B URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/css/slick-theme.css?ver=5.8.1
IP
Hash d6f2830ecb135277156131d90a58d732
2db0bc4184c178e588ce179d50a158cb72e5ce9d
cf78bb54c39c27a1e00e02bdb887183541c86d2259728473895a930f06b98796
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/css/slick-theme.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 763
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/css/brands.css?ver=5.8.1
200 OK 289 B URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/css/brands.css?ver=5.8.1
IP
File type ASCII text, with very long lines (312)
Hash 1366d1c18f0f9cdbcb480a64141a15d4
7cf0e31d9b49ea34084900e4572d742ed2a99d31
c5e2ff7e15753e68e97c44ca1edfa73c100e30b9c27177baafb6798569fbcce1
GET /wp-content/plugins/rselements/assets/css/brands.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 289
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/css/solid.css?ver=5.8.1
200 OK 295 B URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/css/solid.css?ver=5.8.1
IP
File type ASCII text, with very long lines (307)
Hash c9178204c2322065cac9e25baca2f21b
bb75240ce692d6a324655b69ff78a329e93aa4ac
ffa7214e8ef8502dc9f55797914c33b222a2751fb1caff90f07e75c67002a121
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/css/solid.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 295
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6154
Expires: Fri, 21 Oct 2022 07:05:54 GMT
Date: Fri, 21 Oct 2022 05:23:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6154
Expires: Fri, 21 Oct 2022 07:05:54 GMT
Date: Fri, 21 Oct 2022 05:23:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6154
Expires: Fri, 21 Oct 2022 07:05:54 GMT
Date: Fri, 21 Oct 2022 05:23:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6154
Expires: Fri, 21 Oct 2022 07:05:54 GMT
Date: Fri, 21 Oct 2022 05:23:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe88fd32b-e32c-4e05-ba5d-ff09e2d25456.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe88fd32b-e32c-4e05-ba5d-ff09e2d25456.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a13890c0ba208ebf4d34e326985b04ed
3fb08432bde3f01162ba0ca8b83680ad5f9b3af0
a83d2360a7a62f466c373b4d848acbd257473ae24dd5deb6dadac1368973995b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe88fd32b-e32c-4e05-ba5d-ff09e2d25456.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11885
x-amzn-requestid: 7ea21866-c9b7-4e5e-897a-03bd6937e014
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqHBWIAMFfyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-4791bb044f3149e814c30161;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rSzRDw7IE4vOY43eAuWGOY7FaPjpXsi4SjAf9fKx41vxhxWX85zeCw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 22:38:01 GMT
age: 24319
etag: "3fb08432bde3f01162ba0ca8b83680ad5f9b3af0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98b8db42-7c94-466e-b74a-050e96c7ba27.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98b8db42-7c94-466e-b74a-050e96c7ba27.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65594d1dc13761dcc4674f03b629141f
440b895d33ade533ab57689cccfc533871958559
76eb16523cde78e0a7bc34e2a2d2a073b4569cd4b9ee5c28213497b1ea2893d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98b8db42-7c94-466e-b74a-050e96c7ba27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5029
x-amzn-requestid: 63037ba8-bfa6-4087-9486-d583348d79bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVCNwGl1IAMFuvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351e3f1-4fa2d43240e5f45624553bd3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 00:12:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XMtaqkFsfMBVLVpUxpPan5ED2X1hyfc0CLhPuZ_2GVWZfW7e68NOBg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 00:23:25 GMT
age: 17995
etag: "440b895d33ade533ab57689cccfc533871958559"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic
200 OK 9.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic
IP
Hash 308891747f0239afac6f25718d3f6497
4e35c8726e956d05735dc7b6665d60f3a8baea93
ffe138191cb4f49de08d2f140c7e0aca3623c8bfca31a09b6829b0a7a9e477ca
GET /css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uppercrustng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 05:23:20 GMT
date: Fri, 21 Oct 2022 05:23:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe33f18c8-1681-4562-bd4e-6faf533351cf.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe33f18c8-1681-4562-bd4e-6faf533351cf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2604d057684fe42da19cfdc7aa6bf745
8d51d5db808059d2d937e5838d60d72b6979f6b8
6b965eb976fab7c3682123c7c23abf05d7673d1db421c115b76a72a1e351b5ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe33f18c8-1681-4562-bd4e-6faf533351cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10019
x-amzn-requestid: d38ff377-3d5b-46ea-8313-94a4de6a51ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVBuAG6xoAMF8NA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351e326-76191f3b0c52beac36c6e588;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 00:09:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pk7tSL5hqd1gF8G1V5x9MvtblK3OoFupQ7jkckTxsijXwdn6AvzG9g==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 00:23:28 GMT
etag: "8d51d5db808059d2d937e5838d60d72b6979f6b8"
content-type: image/jpeg
age: 17992
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75287f5f-8525-4258-bd5c-f7b2726ca608.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75287f5f-8525-4258-bd5c-f7b2726ca608.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01b09d9fb8bc36958ca73e2107200455
bc413d3d727a9a93adf17ec4c875cd929e09b4ec
fd63b40801efb7ec96f10ef972f69f45c8c44947a3dda4bd9db66d8d11efc039
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75287f5f-8525-4258-bd5c-f7b2726ca608.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10392
x-amzn-requestid: 6a35f696-7923-4a34-84f8-e40be1500e24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aO1dUGakIAMF6Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f6921-5af8ef6d0fe202dc74528142;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 03:04:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3MKmaR5ZXUwy8bAVsulOKrRYYFSkNRY3T0fw8SXvShCRxeAFucwx7A==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 03:43:08 GMT
age: 6012
etag: "bc413d3d727a9a93adf17ec4c875cd929e09b4ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F736d4923-26b7-4909-9553-d576c206bd33.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F736d4923-26b7-4909-9553-d576c206bd33.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5006761dc43470b6b3c97dad6b755c2
d8a42f57f06c1de46d781ed2de3cceba2ee2f967
358130b2c3af00a0aca24cd7cd540037f7ab57a83efe98d5cbd331231909b916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F736d4923-26b7-4909-9553-d576c206bd33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7512
x-amzn-requestid: a2aa868b-32a8-4464-98f7-4e07ff540759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsOkH_DIAMF2Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0c3-531142322f9737d663f36630;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:42:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2FLa6n7AlyWkRYShW4zrV6nKj0CHS2DZEBgpvcO5VDe38ZdolUlcSg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:47:01 GMT
age: 27379
etag: "d8a42f57f06c1de46d781ed2de3cceba2ee2f967"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/css/bootstrap.min.css?ver=5.8.1
200 OK 19 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/css/bootstrap.min.css?ver=5.8.1
IP
File type ASCII text, with very long lines (65325)
Hash 470bcd9fa4c668677c793a8a5bef2833
201452d2217df2133b31b5124b50f4ad5458e7d4
382730f80001a105bca8c05571f0fd299a3c236e711603740613d03279c905ac
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dabble/assets/css/bootstrap.min.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Mon, 03 May 2021 12:28:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18586
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/css/headding-title.css?ver=5.8.1
200 OK 2.4 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/css/headding-title.css?ver=5.8.1
IP
Hash 39a8e2aedd5ff2d3efd6ed4c616b7bbe
a99e9724b84bf25244d0ccc13d690d78af066479
aef9fb905f6d3533411fe1f6a5f5fc366e3adf481ebebda88a7a19e4c3fa9be9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/css/headding-title.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2412
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/css/font-awesome.min.all.css?ver=5.8.1
200 OK 12 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/css/font-awesome.min.all.css?ver=5.8.1
IP
File type ASCII text, with very long lines (56581)
Hash 5642d99df31ab6e55a1b7e2752a50377
0773f4a545d49f7fe27d0fd58be457e7926898f9
fc78b65926b9780cf5af033de0ab06f8a330e3aa4cce4ab5161586a13c222a0d
GET /wp-content/themes/dabble/assets/css/font-awesome.min.all.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Mon, 12 Jul 2021 20:14:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11840
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/css/owl.carousel.css?ver=5.8.1
200 OK 727 B URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/css/owl.carousel.css?ver=5.8.1
IP
File type ASCII text, with very long lines (2880), with no line terminators
Hash dd7e65335069d55fa5dd7bb6b48a19a7
b237cfdc83637087530fe68c79d21ba0d44861e9
3d7e71edd71fded5780148263e6139d717a9fe0bbba3b2f56b87b26e45948502
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dabble/assets/css/owl.carousel.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Mon, 12 Jul 2021 20:15:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 727
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/fonts/flaticon.css?ver=5.8.1
200 OK 718 B URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/fonts/flaticon.css?ver=5.8.1
IP
Hash 6c7887c1a84b6cc6eba7fbe38a1fcbfd
2ba3ec686ee82751ad3a67996517260df2f97f97
d8e9236947bc4f05899497dffa055970b69fbf23861df58cc498f1e01ccad0ad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/fonts/flaticon.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 718
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/css/flaticon.css?ver=5.8.1
200 OK 686 B URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/css/flaticon.css?ver=5.8.1
IP
Hash 88c2093b4cea8c22c372b0f22fc1bc95
570b896c76b429323158d78d5c52276f0a6d27c4
101fda1d5739a41b6ca7ae71eb2782266274c90b287ba15839b4a7181b6189eb
GET /wp-content/themes/dabble/assets/css/flaticon.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Mon, 03 May 2021 12:28:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 686
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
200 OK 6.7 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
File type ASCII text, with very long lines (30837)
Hash 5dbbe85d6a3308dceb97d91b740b0f11
3f70abf9963371962665167f98ba52365481496d
751d4fdd16bd33cc9c93bcaadcd316922ca9bbd74cb6a9e1705c8bef4330dabf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6657
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/css/custom.css?ver=5.8.1
200 OK 3.4 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/css/custom.css?ver=5.8.1
IP
Hash a5765b357138544cdea98a27870f2529
4a5073d68b973f4df8af4d7eea6035071cf02c00
51232740e992a0b003db6f1a8253d4ee63a31d2668c0113b6717d02c551b05dc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dabble/assets/css/custom.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Wed, 16 Jun 2021 18:03:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3405
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0
200 OK 3.4 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0
IP
File type ASCII text, with very long lines (17633)
Hash 80f0e0e19feab011140c8ba9b08fc4ed
16aff641c49d27e541036cf59f7f58735e7ec992
97c3ccfcb1af7ff7f86d92d893b619054863f322b5687187f1366c6356bfc9d8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3386
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/style.css?ver=5.8.1
200 OK 5.2 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/style.css?ver=5.8.1
IP
Hash 1ab65140c21d69607f9c4692e6bff1a2
b60baf2f7f48a250ca98ac8e601a8814673e4677
7599106cb6955abc65717a66f85425e4f564f71d971c5d9f714ec4e112f6f354
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dabble/style.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Tue, 13 Jul 2021 22:54:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5238
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/uploads/elementor/css/post-6864.css?ver=1632081434
200 OK 2.8 kB URL HTTP/2 uppercrustng.com/wp-content/uploads/elementor/css/post-6864.css?ver=1632081434
IP
File type ASCII text, with very long lines (20331), with CRLF line terminators
Hash 33ac6a44f258b57f8f1e8b4e2916e2ec
4eab5e29daaccf21c8b9d879e452fa334a3fd426
a1686570c85eeb9f4cdaba7507c5b8e0a3f59c7f434bf33c1a24eae78227aa54
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-6864.css?ver=1632081434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 19 Sep 2021 19:57:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2795
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/uploads/elementor/css/post-6.css?ver=1631816120
200 OK 281 B URL HTTP/2 uppercrustng.com/wp-content/uploads/elementor/css/post-6.css?ver=1631816120
IP
File type ASCII text, with very long lines (946), with no line terminators
Hash 24d3d62b2eb4ce1e808b4e3853a18a66
dfcc59f92981d3abacc2c8a14732105b9fc6a0fd
94b33f19ce4550fd1a364c8688656e8683651c289793bfdd3305e0dcf60102f8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-6.css?ver=1631816120 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 18:15:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 281
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.0 kB URL HTTP/2 uppercrustng.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
200 OK 8.8 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
IP
File type HTML document, ASCII text, with very long lines (25075)
Hash 1bc242a2555501251f4581a861d273b5
8182ba41622cb62f0b476c7f0f93aa835c6c9ec2
1834970e62778a993bf85b79b67c3e9687a2721f187722bdc1dc5f45605119b4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8752
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/uploads/elementor/css/global.css?ver=1631816120
200 OK 2.2 kB URL HTTP/2 uppercrustng.com/wp-content/uploads/elementor/css/global.css?ver=1631816120
IP
File type ASCII text, with very long lines (26221)
Hash 3df436cc2f83db83f59c2d8eca513b5e
c7e888ca706fd44035d1e5a90d94065ffcdca2b9
c5c3186df3170f5ff2b98470351bc968ecb4e86aacd01e7af6f3400864fc5894
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/global.css?ver=1631816120 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 18:15:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2152
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
200 OK 12 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
IP
File type ASCII text, with very long lines (32001)
Hash e37dc9214e778f86c6dd07ca57bfe23d
2e1092d6634e370f97d3f7682e540f024fe9d80c
0c0f613b62e2faf3bdb93c389f666914323e163f757e4fed41bd9754602a7555
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12358
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.3.24
200 OK 7.4 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.3.24
IP
File type ASCII text, with very long lines (1518)
Hash 7d2b4b55e04a6146c2b720c9d0a13d67
383c540478a21bc16b9a2c717a2ed28037fc3434
5f54b010dad731bceeeaa543a4767f3ca865cdb705c9d645068d35214e49970a
GET /wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.3.24 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7419
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.4
200 OK 12 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.4
IP
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 78952971cc696c5dd9d9b2e5922c21f5
fb3db401f08bf4ecc8873720e5a556b3c24c6591
b6ef34da397d30cc268d7928b6400eadab5f19a50c1d15610d370a35b32a2dd8
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11845
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 5.8 kB URL HTTP/2 uppercrustng.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash 54751d4cd4f7fd32b25850ef8ad71fc6
47e74afa81675e761838a6eb5bc70ad9c7d47528
8f3249357e3247b7f0efc468ee2f421f5fd2ee1856af1e37f9e8dd1867753eba
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Tue, 15 Jun 2021 08:48:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5805
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.4
200 OK 2.4 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.4
IP
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
200 OK 3.8 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
IP
File type ASCII text, with very long lines (12987), with no line terminators
Hash aeed4395ecf003f676da91a15c6f480a
7fd4fe08f1fe55d0da4e60dd49384b1fa31ab0fe
f5df04123f2022862a56b4a547cf4b0bebb54a6fc1dc6313c460f927d6902919
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3837
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
200 OK 2.0 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
IP
File type Unicode text, UTF-8 text, with very long lines (5661)
Hash 02411584ba4f45db9c42a9944b4387f6
6536a6c1bd50cec302906246bfcb26796cee78c8
900005aa2f419bb5d3232695ab1fb3fd350586937dedc1ade84aeb40be6cdbff
GET /wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2017
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
200 OK 68 B URL HTTP/2 uppercrustng.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: image/png
last-modified: Sun, 15 Aug 2021 06:17:17 GMT
accept-ranges: bytes
content-length: 68
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.6.0
200 OK 970 B URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.6.0
IP
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 155d874ef60217f790dedec58e83d832
42a2698adec25b2000046cf7e3818e6478951fc3
c6801f4d5dcdd86ba3e33dc35a8765c03fd55e9f621443dd0fb7cd8c8e6707da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 970
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
200 OK 2.3 kB URL HTTP/2 uppercrustng.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP
File type ASCII text, with very long lines (6406), with no line terminators
Hash 0a5d2d9461ad0dc29cdb0fbab916277d
2705d5ae926519a3bd371ceb07d2851236331a76
46cc96bf94441771fa1b64edd72c60408c5fc863142234f1906238b363dc4325
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Wed, 23 Jun 2021 09:36:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2308
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.6.0
200 OK 934 B URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.6.0
IP
File type ASCII text, with very long lines (2938), with no line terminators
Hash ef8ddf2830341f13634a12266fa9813f
45c12d8b054261b0597ffdb97ff55f8ab7a913c4
698fbd0089cafb0659518bf2359ce5c990e71c9a543338fdc7b1595ee11ade22
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/jquery.magnific-popup.min.js?ver=201513434
200 OK 7.0 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/jquery.magnific-popup.min.js?ver=201513434
IP
File type ASCII text, with very long lines (20087)
Hash f5e275bd34668dca4972a4cceccd7907
cba188e35681cd77cfcbd026aac16315747fab12
7874f3927ffd30d189723404d3fb9699e728955b083abeccc9a988890b4b2ede
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/jquery.magnific-popup.min.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7043
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.6.0
200 OK 899 B URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.6.0
IP
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1-wc.5.6.0
200 OK 687 B URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1-wc.5.6.0
IP
File type ASCII text, with very long lines (1241)
Hash 11f0c038a08b8d6794ced3104f407d91
4950fa1e5d8b56fa88bd3f1f185edeccd3d49e98
64a0ba903b0761736ee341db4b7c960bb9fe3b700c4fcc90513a516d82afed90
GET /wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1-wc.5.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 687
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.6.0
200 OK 3.2 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.6.0
IP
File type ASCII text, with very long lines (9151)
Hash 2310bfbea6b102d98f1e6e5d2daa79cc
ce50a4b987aceea2ea381932bb41400c4909d0fb
8b34f97d2be93eb99e3316cdf266e6b4088e8e7c15d84906bb9263f8d5e3840c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3238
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.6.0
200 OK 677 B URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.6.0
IP
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/bootstrap.min.js?ver=201513434
200 OK 15 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/bootstrap.min.js?ver=201513434
IP
File type ASCII text, with very long lines (57791)
Hash 56b563ea6a4e8a1534ad78d64f535359
15330d7d7e4352d317895143e4bda406cc5929ec
11613db4d76ea4bf9d08f7888227cb833c9456b7c51c8b88ee6272f6eff88a6f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/bootstrap.min.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14764
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/waypoints.min.js?ver=201513434
200 OK 2.5 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/waypoints.min.js?ver=201513434
IP
File type ASCII text, with very long lines (7822)
Hash 76886b593d465fa57316c5c395df6e3d
5a569544a478ef91d901c9d7e0b92f603f3fd6e4
c29909ed4b299287b5b5db65cffa5a39ab19505d759a2347d058d96f8f66fb46
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/waypoints.min.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2474
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/headding-title.js?ver=201513434
200 OK 1.4 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/headding-title.js?ver=201513434
IP
Hash d6111f2202345494808771092f4e2896
6a2e0ed42e222903acd3e309d8c91839fd931ab2
5ee845bbe776a581acea1aeab5509ac8301858972061e0a94e11ddee225804c3
GET /wp-content/plugins/rselements/assets/js/headding-title.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1417
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/time-circle.js?ver=201513434
200 OK 7.7 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/time-circle.js?ver=201513434
IP
File type ASCII text, with CRLF line terminators
Hash 8aef9a18f2a902656868dcf6f3d5dad8
918676ff5346dc44bb2314c6fc18ba69c15b371f
fc3a6b489167bb75ecf3e871f2e733516409a187e551eaa421a955975a87c7ed
GET /wp-content/plugins/rselements/assets/js/time-circle.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7703
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/jquery.counterup.min.js?ver=201513434
200 OK 496 B URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/jquery.counterup.min.js?ver=201513434
IP
File type ASCII text, with very long lines (917)
Hash 2232520d40c725142b8050168dc2f6cb
7cfcb359e148c475a6bc291058376798827de022
c958cb4dad52ed8fac81b75ea4ef6e900bbbf084487470d6c95daa4a0c0b56ea
GET /wp-content/plugins/rselements/assets/js/jquery.counterup.min.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 496
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/popper.min.js?ver=201513434
200 OK 7.2 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/popper.min.js?ver=201513434
IP
File type ASCII text, with very long lines (20989)
Hash a8295d95ea77fc85f22cd2bd3df4f5db
39a74813ce4a087d0efde657d662328c059a194e
3dd62c6735e7b82cec9533c54eebcb9d37f1c9ae4d31d4bf8740da23abc3a279
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/popper.min.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7212
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/jquery.plugin.js?ver=201513434
200 OK 3.5 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/jquery.plugin.js?ver=201513434
IP
File type ASCII text, with CRLF line terminators
Hash cf27442352ef424c0588f929a86099cd
6b860b5c1ffc25e9dc511513369880713cb586c9
fb64c57330fe9451d9b96b34b69159e67663b5b2c4ffe45cdea1ad495c3b9a1c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/jquery.plugin.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3485
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/jQuery-plugin-progressbar.js?ver=201513434
200 OK 1.7 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/jQuery-plugin-progressbar.js?ver=201513434
IP
Hash 0f5b99caabcf7f5f1ecd04124ec03311
e7427ba7c333b6566b4ccdb1b705d5d465612ff4
103294bd17aa5ea92aa5f8ae4a59c93cdb2ab5b13663ec10f8855451d05ec2f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/jQuery-plugin-progressbar.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1677
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
200 OK 1.7 kB URL HTTP/2 uppercrustng.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
File type ASCII text, with very long lines (5477)
Hash fa921f07ecc438baf227765de450e215
1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1733
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/js/jquery.magnific-popup.min.js?ver=20151215
200 OK 7.1 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/js/jquery.magnific-popup.min.js?ver=20151215
IP
File type ASCII text, with very long lines (20101)
Hash b1b86d2cc9d5ea84deeec64574859d4b
41709efae50251fa328b25f05780f78178f3f54e
1076db8da15f8c3388276484921953f0376654e8021e30de222a354f34811a06
GET /wp-content/themes/dabble/assets/js/jquery.magnific-popup.min.js?ver=20151215 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Mon, 03 May 2021 12:28:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7056
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/custom.js?ver=201513434
200 OK 976 B URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/custom.js?ver=201513434
IP
Hash 5e6cbb911da674ac0c58817d8a4831ec
b25a2d1f3fe6f102865c128e3d883ac80f72fcdc
b4e0df71e3d9d582cb50d99b225d9be173df0ec7782bb4968f546e3aa271185d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/custom.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 976
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/js/classie.js?ver=201513434
200 OK 616 B URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/js/classie.js?ver=201513434
IP
Hash befe370cc5166a275182ccd05fb80810
a3533f097c950cdf30063addc5195634c3ed230c
6a17561f7c3a43c46238f3c6d689425db126b53f6444a82775b870c77c47886c
GET /wp-content/themes/dabble/assets/js/classie.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Tue, 09 Jun 2020 14:06:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 616
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/tilt.jquery.min.js?ver=201513434
200 OK 1.7 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/tilt.jquery.min.js?ver=201513434
IP
File type ASCII text, with very long lines (5640), with CRLF line terminators
Hash f24507deb77cceadd7bd0897724aa6b4
3ac40608e441bde53c85a3c9e78296a98e0d54d6
09053bc393bec9c769ee99266135fb4245cbc0511417e41a35db5d2f08b35beb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/tilt.jquery.min.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1697
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/js/waypoints-sticky.min.js?ver=20151215
200 OK 553 B URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/js/waypoints-sticky.min.js?ver=20151215
IP
File type ASCII text, with very long lines (944)
Hash 5b3548133ddaa9ccd8657af6e675e488
66682ac93602359250a8fb50391830c38cd85483
faafbf31f0b9e0caaaf7f5d1b1872c07f1173188fb3ee788e03a0420216c6998
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dabble/assets/js/waypoints-sticky.min.js?ver=20151215 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Mon, 03 May 2021 12:28:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 553
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/js/jquery.easing.min.js?ver=20151215
200 OK 789 B URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/js/jquery.easing.min.js?ver=20151215
IP
File type ASCII text, with very long lines (2532), with no line terminators
Hash db66585ad4c58e054bb031860da4e2f1
e3d7a2b8b801c5bd903d8699e51bd860f97c8fb9
24c37ab1937338487d1b6d5468aeac4053c609400433643f56cba6fcd8eb6d7b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dabble/assets/js/jquery.easing.min.js?ver=20151215 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Mon, 03 May 2021 12:28:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 789
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/js/main.js?ver=201513434
200 OK 4.7 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/js/main.js?ver=201513434
IP
Hash b6661a46d3775688a1b28198d337660f
c7a822cc25b4d687df31254ee37450d0a03687b1
495a20f1a0f180ac8c6678fe5e5a5a99a548068d39b9c1260d83897364dc7da5
GET /wp-content/themes/dabble/assets/js/main.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Tue, 14 Sep 2021 11:54:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4671
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/js/owl.carousel.min.js?ver=20151215
200 OK 11 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/js/owl.carousel.min.js?ver=20151215
IP
File type ASCII text, with very long lines (32000), with CRLF line terminators
Hash be26b2f07a169d833605ce6ed90b1844
e0b7ec790045bac6ac346d61cc5e2d0005a0ad62
2bce2ca4363721be8365f7375a4cde8f0a81fc47196bbb39c5f702ed2d84e103
GET /wp-content/themes/dabble/assets/js/owl.carousel.min.js?ver=20151215 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Mon, 03 May 2021 12:28:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10657
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.6
200 OK 2.4 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.6
IP
File type ASCII text, with very long lines (6210), with no line terminators
Hash 3ae6fc384b1793fd65b74cf0429bd599
815dfd84927b9f21d8284a42ee17868a8c901fd5
8bce0abee892785e63bfcf51d5b656e1a0345ed0c3ab34a4dcad3fa0769ab5ef
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.6 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2382
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.4
200 OK 2.0 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.4
IP
File type ASCII text, with very long lines (4840)
Hash 18d061de369b43424ef28e8a2a76cb38
d2deccbb4e39263cf0b44cb499f8d018f547e4e0
f47db7751a6e26459276d6182cb1efe00b22d92cf50b60ef59aa25b956f37e02
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2011
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
200 OK 2.9 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.0
200 OK 3.5 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.0
IP
File type ASCII text, with very long lines (7874)
Hash cd61520ca6e47a72be415a7371cd27e2
d6f8ef266d0f5eb9f8ff24119926cca2975ec165
a6d877f38d2e69a68cae07c058c660a6196c11cf3fa3ab68c3b00f02d9a19878
GET /wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3544
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.4
200 OK 10 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.4
IP
File type ASCII text, with very long lines (36518)
Hash a57746321a4afd04fe19aa299c1a49b7
875a1277028105b13bd7403f32aaba5b2142c677
63a60494a6e05de4037f64ed2e1014e77eeaa6d54d3d2565a7161eda8bc8eb36
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10286
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
200 OK 663 B URL HTTP/2 uppercrustng.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
IP
File type ASCII text, with very long lines (1391)
Hash 992198ff853eb696f88bb0ec8586d015
a6262428de1b6c68cccf617d2a503f5a3bd3aecd
ae0480bd571a7f57cccdbd08f77706edca84029f95bd90bc325224169528d21c
GET /wp-includes/js/wp-embed.min.js?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 07 Jan 2021 01:59:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 663
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
200 OK 3.3 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
IP
File type ASCII text, with very long lines (10725)
Hash 8c5a95ea30259ea6dc50f9f1357dc31a
be1fd6dc96f6ba018bbfa49a058390700ead5bf0
914c938c132cd311967ed71676397704bf8d95abf2c51c79937f43be35030a70
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3331
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.4
200 OK 1.0 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.4
IP
File type ASCII text, with very long lines (2577)
Hash f5c8273175207966436fe071db580974
643680fc9a1703cb3bc469bfbb3dbcbf6425e38a
8b0897055f6baa5de94adb95e824af4afd1dced496711c905c8b7c09738aa4de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1023
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.4
200 OK 8.7 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.4
IP
File type ASCII text, with very long lines (32055)
Hash 3f18888d57ef439d09668e7e28568255
cb733135a7aee691314f4d6024b34a21e5f9cba8
b3c383898db5bd79c6943719243380ba139dec70436ed3b3fa35adcfb4518dab
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8711
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
200 OK 4.5 kB URL HTTP/2 uppercrustng.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
IP
File type ASCII text, with very long lines (15224)
Hash 3c05cdbb96f694e86b05c7a3e5c6703f
615a7094f3210830bd5e6f08f845c101be2eefeb
371bb131cc739b177f4c90f67535f020d0bbee092e2ff1bad6ac38e978da3092
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Wed, 09 Jun 2021 07:45:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4539
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/slick.min.js?ver=201513434
200 OK 10 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/slick.min.js?ver=201513434
IP
File type ASCII text, with very long lines (42862)
Hash 09ed72c756aef05979d1c10d176eeb7a
1f3c35043f1aae481a38b40327fefb959ff63885
8638bee02f96fc15e4a3dae0ae220e31f020ee0b10c8eb5f829d9986b3fc53c4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/slick.min.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10097
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/js/modernizr-2.8.3.min.js?ver=20151215
200 OK 6.0 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/js/modernizr-2.8.3.min.js?ver=20151215
IP
File type HTML document, ASCII text, with very long lines (14856)
Hash d28a3a6cc89f8d1af1c4f354ee0013cb
457bc78a4d6fb63dfd01b69ff45c8b7afe41f356
1e6321e05015600b85c1b3c56a62e073fd2c1a56a24b8a2bdc28d7ce80df7f24
GET /wp-content/themes/dabble/assets/js/modernizr-2.8.3.min.js?ver=20151215 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Mon, 03 May 2021 12:28:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6009
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/js/isotope-dabble.js?ver=20151215
200 OK 9.6 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/js/isotope-dabble.js?ver=20151215
IP
File type ASCII text, with very long lines (32027)
Hash 8510a0169f51d2c66f7380deafe060dd
7979ac2fb6b163227b56e2967f3edcb2d5fcee13
b5574caf2ed31847a49d90af7f29cabcc3de7b9f854753c24a1dda62e7f3e7a0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dabble/assets/js/isotope-dabble.js?ver=20151215 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Mon, 03 May 2021 12:28:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9597
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
200 OK 6.6 kB URL HTTP/2 uppercrustng.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
IP
File type ASCII text, with very long lines (7973)
Hash a860333ebd586af29e6e3f2f882aaf39
8b0a322de4f2e143339a1f01cf2301f7d5191ad1
5e56e5766fb13582a2bb4c36e780771cb3c27ac8a0e02096cd9f05a55b389653
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Fri, 19 Mar 2021 03:18:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6589
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.4
200 OK 4.4 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.4
IP
File type ASCII text, with very long lines (13963)
Hash 57d16fd8f8ebfdee4e4f86c9240ba0d0
669ef732d2b54c44449a3b23e8172db7a84faa96
7ef0c20d5e55cd922188cdec6ceea896ee0684c7fc2241da7079776eebfac8b4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4371
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/css/rsaddons.css?ver=5.8.1
200 OK 24 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/css/rsaddons.css?ver=5.8.1
IP
Hash e6ddaac148f383befd69e3f61df4215b
da758675cc7021be8f20ea72fef5b63e56113b0c
313fc11b0d076e0b6c98fddf4ee6f316cc9791f36ae9cf7f168f110314de705f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/css/rsaddons.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24196
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.4
200 OK 16 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.4
IP
File type ASCII text, with very long lines (65497)
Hash ecb45c1be858c8711e2b8d54279e37a9
59242c2fa00bbaab6340de6054f5cd10f86fa6e0
f7c35e23e09a863f07a2616c86c194a4c8f053201b7403ff5c41466e2f2096bd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16492
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 30 kB URL HTTP/2 uppercrustng.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/css/responsive.css?ver=5.8.1
200 OK 21 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/css/responsive.css?ver=5.8.1
IP
Hash 865d5b3b662b008f52a9b5c89aff4bc7
03949451ca130113a9e28199011f4522fb75b084
2e1ba598fc8c2cee21aa913f53cc13a799079e60f470c0c0ede2cf2840a99ffc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dabble/assets/css/responsive.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Thu, 01 Jul 2021 19:18:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20743
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.5.83
200 OK 29 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.5.83
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash edc48fe938dc17a686ace8c58e4a6e8c
b6748063655e41b30ba68b9158f0f4f33b6ec849
229dc7973268f9e1a2dd77b077b54c64db068c09d181d2f31a43a34385df563b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.5.83 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29093
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/datatables.min.js?ver=201513434
200 OK 28 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/datatables.min.js?ver=201513434
IP
File type Unicode text, UTF-8 text, with very long lines (624)
Hash 34a6cefa88a55b209ebcc37acbc66981
f7df6e8625dc7535f154c4462bf5ff47501c99ee
8587c36c516f8cb5b2af2eb89ab1bd36caa744b042567dd40806c05a039af7ba
GET /wp-content/plugins/rselements/assets/js/datatables.min.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 28259
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
200 OK 34 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
File type ASCII text, with very long lines (65280)
Hash 83a90323ac82b98062b4b2c8ac8c5051
d7d376677e3546b756b4fec6219be72b85c4f8f5
7fd68e9ea0ebd35958da46d7373113d1a3646a671217cf2cf471c65c3d710613
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 16:10:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34004
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.4
200 OK 46 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.4
IP
File type ASCII text, with very long lines (42889), with CRLF line terminators
Hash e5d8cef60528c185e9b3e2fa90ff4e61
80271043b90cfc7d0334891b606c4746e4c64dcf
7e5953eff4f15baaadec820630e1de8c10f39b1b12e88d16a4cfbcc0de0c03e6
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 45569
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/materialize.min.js?ver=201513434
200 OK 41 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/materialize.min.js?ver=201513434
IP
File type ASCII text, with very long lines (65357)
Hash 918155f076f6983be987f1366a5ba1d2
3a45d6e12a7cb06b3774087726794f1896c4ad59
62da0752dcc7bfe7c466ef85d9ae43f2be204dfb11117fd1903093d1ec1bb635
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/materialize.min.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 41086
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/css/default.css?ver=5.8.1
200 OK 63 kB URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/css/default.css?ver=5.8.1
IP
Hash c1017160eaeccdf3ef21159808766ec5
f2aac07d080674225422a92700a2fa32f2c4681f
d87832474dd84bb1194d2706a9aa07400a4d22149d50f09d2a0a8a8d7e1dfd59
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dabble/assets/css/default.css?ver=5.8.1 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: text/css
last-modified: Tue, 13 Jul 2021 21:46:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 62976
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 05:23:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uppercrustng.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 16:40:18 GMT
expires: Fri, 20 Oct 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 45788
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uppercrustng.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 22:19:08 GMT
expires: Tue, 17 Oct 2023 22:19:08 GMT
cache-control: public, max-age=31536000
age: 284658
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uppercrustng.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Oct 2022 01:43:59 GMT
expires: Sun, 15 Oct 2023 01:43:59 GMT
cache-control: public, max-age=31536000
age: 531567
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uppercrustng.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:30:59 GMT
expires: Thu, 19 Oct 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 121947
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uppercrustng.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 121758
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uppercrustng.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 121758
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Hash d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uppercrustng.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Oct 2022 15:39:46 GMT
expires: Sat, 14 Oct 2023 15:39:46 GMT
cache-control: public, max-age=31536000
age: 567820
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uppercrustng.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 14:07:32 GMT
expires: Thu, 19 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 141354
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 05:23:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uppercrustng.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.4
200 OK 94 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.4
IP
File type ASCII text, with very long lines (64288)
Hash 13606eecc4110ce91312639132adbb50
383ed1100a4dfb6b5f988bb29b45af13e9c6108d
358629b56f87897e0c53d6092b62346d66da32bdc627da556cbecc2b1858722b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.4 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 93728
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/rselements/assets/js/jquery-ui.js?ver=201513434
200 OK 120 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/rselements/assets/js/jquery-ui.js?ver=201513434
IP
File type ASCII text, with very long lines (1002)
Size 120 kB (120331 bytes)
Hash 88d8ea37d794e615ed5fcc303d63e1c3
28378db863d0cf5ef33bd4501fa23f66507fc264
c5713c95fe22107633e8420436e032659b0e01b69d02a6e7e24b2674f44f20f7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rselements/assets/js/jquery-ui.js?ver=201513434 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Aug 2021 06:17:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 120331
date: Fri, 21 Oct 2022 05:23:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.6.0
200 OK 1.1 kB URL HTTP/2 uppercrustng.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.6.0
IP
File type ASCII text, with very long lines (7043), with no line terminators
Hash 398489038b789364a5c83f044e11974d
d5caf5f64c45693de65b5c0a801bfbf83a325485
32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.6.0 HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:26 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 16:10:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1058
date: Fri, 21 Oct 2022 05:23:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
uppercrustng.com/
200 OK 0 B IP
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://uppercrustng.com/wp-json/>; rel="https://api.w.org/", <https://uppercrustng.com/wp-json/wp/v2/pages/6864>; rel="alternate"; type="application/json", <https://uppercrustng.com/>; rel=shortlink
etag: "4917-1666295101;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Fri, 21 Oct 2022 05:23:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&display=swap&ver=1631607352
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&display=swap&ver=1631607352
IP
GET /css?family=Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&display=swap&ver=1631607352 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uppercrustng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 05:23:20 GMT
date: Fri, 21 Oct 2022 05:23:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uppercrustng.com/wp-content/themes/dabble/assets/images/close.png
200 OK 0 B URL HTTP/2 uppercrustng.com/wp-content/themes/dabble/assets/images/close.png
IP
GET /wp-content/themes/dabble/assets/images/close.png HTTP/1.1
Host: uppercrustng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uppercrustng.com/wp-content/themes/dabble/assets/css/default.css?ver=5.8.1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Oct 2022 05:23:26 GMT
content-type: image/png
last-modified: Mon, 03 May 2021 12:28:16 GMT
accept-ranges: bytes
content-length: 1206
date: Fri, 21 Oct 2022 05:23:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.1
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.1
IP
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uppercrustng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 05:23:20 GMT
date: Fri, 21 Oct 2022 05:23:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900&ver=1.0.0
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900&ver=1.0.0
IP
GET /css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uppercrustng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 05:23:20 GMT
date: Fri, 21 Oct 2022 05:23:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400%7CPoppins:900%2C700%7CMontserrat:600
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400%7CPoppins:900%2C700%7CMontserrat:600
IP
GET /css?family=Roboto:400%7CPoppins:900%2C700%7CMontserrat:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uppercrustng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 05:23:20 GMT
date: Fri, 21 Oct 2022 05:23:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
keenitsolutions.com/products/wordpress/dabble/wp-content/uploads/2021/05/testimonials2.jpg
200 OK 0 B URL HTTP/2 keenitsolutions.com/products/wordpress/dabble/wp-content/uploads/2021/05/testimonials2.jpg
IP
GET /products/wordpress/dabble/wp-content/uploads/2021/05/testimonials2.jpg HTTP/1.1
Host: keenitsolutions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uppercrustng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 05:23:27 GMT
content-type: image/jpeg
content-length: 107556
last-modified: Wed, 26 May 2021 09:58:55 GMT
etag: "60ae1bdf-1a424"
expires: Sat, 21 Oct 2023 05:23:27 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
162.0.232.188
93.184.220.29
23.36.77.32
104.18.32.68