firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 17 Sep 2022 14:11:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 68q-TGNAwThIBVM7NEkJr-vKNJuG33JqEed6YdHpKi5z-N5ZuBOBsg==
Age: 3545
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17792
Expires: Sat, 17 Sep 2022 20:07:02 GMT
Date: Sat, 17 Sep 2022 15:10:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aZrrQJNroXyrO3Xh-nvKMnuJ8GlVXZ6LFqov7xyvfwsH_nOvvxukzg==
age: 41988
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 15:10:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 17 Sep 2022 15:03:22 GMT
Cache-Control: max-age=3600
Expires: Sat, 17 Sep 2022 15:17:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hyzHtYtv7TXnIM9-U1UE3RzmihZZC0rSJYhG5S3uFr3f1_0utRE0uA==
Age: 429
kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
103.195.185.18301 Moved Permanently 0 B URL HTTP/1.1 kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso HTTP/1.1
Host: kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 15:10:30 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9bf3402af9fef57aa11ffe2943728de4
a3a443aab8226d212be9698623717dd06e46c720
54987a5417af4a99d78532e502cf4685dd3372c1e9f717a8907f3d2b7c8926eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4401
Cache-Control: max-age=151775
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 15:10:31 GMT
Etag: "63258015-1d7"
Expires: Mon, 19 Sep 2022 09:20:06 GMT
Last-Modified: Sat, 17 Sep 2022 08:06:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.240.140.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.140.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J4Nr6Ew4k0WmL3AQ+rgLMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dvrQttWCxxSzOrV002sIAsDRHzY=
www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
103.195.185.18404 Not Found 12 kB URL HTTP/1.1 www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash 7f65efa75403d65548088e328afae6ac
3de588ee4a68d1bac56e9c780e69c3876d89e948
efc5e3064c61da4b32a60f60b8900bcd58f78179758b7475a2ff34a4006cb31b
GET /verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 15:10:31 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.kraftstones.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11913
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.kraftstones.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
103.195.185.18200 OK 17 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Mon, 04 Jul 2022 17:40:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16594
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
www.kraftstones.com/wp-content/plugins/salient-social/css/style.css?ver=1.1
103.195.185.18200 OK 4.4 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/salient-social/css/style.css?ver=1.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash b7f910d44bb24d0c4cda25cd16f9eb13
f9f121a8b94122bfd1b59ce7b6a3e8ba09f6e1c0
5515ddb57372e5d6f323e21ec4df5b439ce159b5678ed2cda770c2d274d994d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/salient-social/css/style.css?ver=1.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 28 Feb 2020 07:31:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4355
Keep-Alive: timeout=5, max=75
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
103.195.185.18200 OK 11 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30343)
Hash 143b25cdc650c42cf56f6253260d71db
be5327e6a083633cf2b7b45030ecfee11a23ef78
a06cf8600dec00aa5d65154ce7e6e58a0b3cc38d4cf1ad7e410f4ee261063df7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 24 Apr 2019 04:00:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11414
Keep-Alive: timeout=5, max=75
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1
103.195.185.18200 OK 5.6 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 53dc051c7aeb5b35c1d85e8d027d673b
c03efbd4ce43ad9f889886525faa69b29e19a5d8
a3923db5815c7c93c04cfd71e0de9b130be60bdfc93ea7d5678b94f4fd73725c
GET /wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Thu, 13 Jun 2019 06:02:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5623
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/grid-system.css?ver=11.0.4
103.195.185.18200 OK 8.2 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/grid-system.css?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash c2d165121453df3dd9f1d3997dc43b73
6009f434ca31badc95ee40da6722951e36a4bc81
4537dccbd83cb2bc99371864c8bc0002c7c04571b83ac0891203d23a9853a480
GET /wp-content/themes/salient/css/grid-system.css?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 01 Oct 2019 00:05:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8194
Keep-Alive: timeout=5, max=75
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 15:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 15:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-174892953-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-174892953-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 45618fa53d0c3aa30d0ee9f5807b624e
3b64a55dea90d99cdb52ed1389d44da9c5872455
8c19461114bde15f09ddc085ec770bd13c7fc812ceda8e6908e69ad00ad055e6
GET /gtag/js?id=UA-174892953-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Sep 2022 15:10:32 GMT
expires: Sat, 17 Sep 2022 15:10:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext
IP 142.250.74.10:0
Hash 24fe4086919a9828b185039eefa9b956
265beece18bcc8aa6dccd5ae051f8179a027ed7b
3f3a0b17530b89310b45af439113d417cc96fdaf0902730f7f97b5fdf8c66cc0
GET /css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Sep 2022 15:10:32 GMT
date: Sat, 17 Sep 2022 15:10:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 15:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.kraftstones.com/wp-content/plugins/wp-whatsapp-chat/assets/frontend/css/qlwapp.min.css?ver=4.6.1
103.195.185.18200 OK 13 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/wp-whatsapp-chat/assets/frontend/css/qlwapp.min.css?ver=4.6.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (29704)
Hash e19411063d7ce0d5150256133188e56e
8911c26093876979835bbbeae163e6a1e486c7bc
59dac2bbdc9630aa10e72060f35c7ae8f460bc5b5a82dbbd8fabe5b17824825a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-whatsapp-chat/assets/frontend/css/qlwapp.min.css?ver=4.6.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Mon, 16 Mar 2020 12:09:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12614
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=94183
103.195.185.18200 OK 25 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=94183
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type assembler source, ASCII text, with CRLF line terminators
Hash 972d05db1431899bfef510e6f30f6d8e
8044ed9fef02e1bea59f689104b634edd41fda85
0a8480d5b8b23459c1c27c8a658e53d866124c0dfdfdc3f99c9b6ca6424c208e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/salient-dynamic-styles.css?ver=94183 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Fri, 03 Jul 2020 12:03:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.kraftstones.com/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.1.14
103.195.185.18200 OK 1.1 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.1.14
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 73de84e2a79655eff5662c5dd64815ab
d24f5bfcc988f263d22403c0d81816ad1cb4861a
e819c62bd813c1bc68bd85cf795835fe84b2ead23c5f3959d55e97ff78f6f5cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.1.14 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 19:26:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1110
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/responsive.css?ver=11.0.4
103.195.185.18200 OK 26 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/responsive.css?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash c849f582d59f57c489707eca9bbc763b
208ee48ac318ca1189a0d854ab52e3c6abcdd1d2
58d8d4b3c93450cedfb50396d6e1ce7d8680c71b96e5386dc9d362cd53a5e4a2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/responsive.css?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 26 Jun 2020 09:58:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/skin-material.css?ver=11.0.4
103.195.185.18200 OK 23 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/skin-material.css?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 3f45021ebd293cc35e7642ca1811a99d
c4d3d1bbedd5171cf260d491d16714429410311d
1e246483f531e8029e41df6999a80178a0f256b0bc2f2c97766ed714436944f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/skin-material.css?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Fri, 26 Jun 2020 11:03:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.kraftstones.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.195.185.18200 OK 4.6 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 14:36:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
103.195.185.18200 OK 2.7 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 17:34:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2675
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
103.195.185.18200 OK 8.3 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash e49f0561a452c9d04fb7d1510a23cc8c
9e8fc2e3129da4fe2790eee565a6478b864bea83
ab4f9f418b022ab34d617ee2f95d70afff005ed4d4d92e313ce84a56b40bce75
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 17:34:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8254
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
103.195.185.18200 OK 39 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65447)
Hash feb933ceca72e1d76b471ed9db278b0d
6179e8f9c9876a6c4df5e3138e9f8ee2ac25bcd1
9a525fa92f98fd5ac754d60ea6f3676bcaa3870dd9bf057c8c668399922c9bd0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 20:37:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.kraftstones.com/wp-content/plugins/salient-social/js/salient-social.js?ver=1.1
103.195.185.18200 OK 3.7 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/salient-social/js/salient-social.js?ver=1.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1788), with CRLF line terminators
Hash 865096d8a0c105f390afbd43be62c14c
533b4158ae4e3ac4402b9ab663c6dfb1b86dc5dc
10c5f08fce32f976ac59f0b42c5fa2e01346188e8c1a2d8506ac5dd0f09377bb
GET /wp-content/plugins/salient-social/js/salient-social.js?ver=1.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Fri, 28 Feb 2020 07:31:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3677
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3
103.195.185.18200 OK 2.9 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (1785), with CRLF line terminators
Hash 7165d1f37e28bdc45dac007af8ec735c
4bd9ad96167b255e629a265457e8c6a035826a6c
014aedc9e2de405f64f561d9a17332eacee4ea91fb139d9a75d0056db5b79720
GET /wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Thu, 20 Jun 2019 05:34:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2914
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13
103.195.185.18200 OK 2.9 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2829), with CRLF line terminators
Hash 022d5920a07d8b42d42eff881a4a6d7e
d11ab6e0d49e9850f60613e5bbe5901e5534c9eb
2f431f96be55646854462d514880437bfb6845e06e625309f2e04833514a1b97
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Tue, 21 Jun 2022 15:47:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2877
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/priority.js?ver=11.0.4
103.195.185.18200 OK 3.2 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/priority.js?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1788), with CRLF line terminators
Hash e05b819a6ec51e1f8a9881f8a9fec510
6e6c670ac3c98569e90952c23e863be5d3d887df
3657354c8d7b96021b8c62df2e1f1340a821add0d2fb0e64faf71445a6b7e4f3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/priority.js?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 00:49:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3214
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9
103.195.185.18200 OK 3.8 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7281), with CRLF line terminators
Hash 807c2da1c75eba3201cbe7c707b59938
33245a3b33fec7ec5f41a895bfc1a14845e47617
b4d70bc18245c4edf040747da8e13eb63d949576e53de8c27612a38dada01365
GET /wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 00:48:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3824
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1
103.195.185.18200 OK 4.1 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8863), with CRLF line terminators
Hash 2f5ebf8a4178493b43055f7351348fea
63ad152a9163762a38b437ca68057bb9d4f10043
c3b57b2535198f3105b482a51061c83ac99b9bfead7bb922fd843bee570a8175
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Mon, 25 Feb 2019 12:09:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4072
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/modernizr.js?ver=2.6.2
103.195.185.18200 OK 8.1 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/modernizr.js?ver=2.6.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (17267), with CRLF line terminators
Hash 219f0b5e57adf2e04dbffb23d9a1482a
62ca359b90bc1901d2d58b48a3a0026a053f7da4
4e8a941ae00d3d3011b527e3a17593d5dfb1b25b9e8686aea3609d8223f1ec97
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/modernizr.js?ver=2.6.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Wed, 25 Apr 2018 06:47:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8144
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10047
Expires: Sat, 17 Sep 2022 17:57:59 GMT
Date: Sat, 17 Sep 2022 15:10:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10047
Expires: Sat, 17 Sep 2022 17:57:59 GMT
Date: Sat, 17 Sep 2022 15:10:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10047
Expires: Sat, 17 Sep 2022 17:57:59 GMT
Date: Sat, 17 Sep 2022 15:10:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10047
Expires: Sat, 17 Sep 2022 17:57:59 GMT
Date: Sat, 17 Sep 2022 15:10:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10047
Expires: Sat, 17 Sep 2022 17:57:59 GMT
Date: Sat, 17 Sep 2022 15:10:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d46a910081eb782408f1a2fa3c6aabba
28ac45ef155c66dd79a306f14d3b38f597b6a32e
d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: e1ca6cef-c033-4887-80cf-2014ab8e620c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ykn5cEnLIAMFrzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ed09-3afc16cf66fef0e62dd6f3cc;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:39:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BaRpWB_XOMxTJPufnSjd4KSfecRwLe9U5W7uEoXy7pgAa4KSC0n7eg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:03:28 GMT
age: 61624
etag: "28ac45ef155c66dd79a306f14d3b38f597b6a32e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 65YRttsQYzjUMMZXrtAFPdgTPNQuRGnLFliXrcoc24iQgrdBCHolNQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:31:11 GMT
age: 59961
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f1583c126dab43886a89cda3f82d760
5740a5507f21449319597ef49dbb456cbf7372b5
3b8ea2490bd6d777ec64358a84a07bdb1ccd4a6dfa30969feed45cfa7725745f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12221
x-amzn-requestid: ede87d50-8626-40bf-bb1a-d3f95e252f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUrGuqIAMF7tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-2952b2ba7271a5b516295a55;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YYSEIw0DmOePLbviwIigaNWxlKzqTFrurV_maW5JaW7Ahij-HtioaA==
via: 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:54:30 GMT
age: 62162
etag: "5740a5507f21449319597ef49dbb456cbf7372b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77aee3f-a7fb-4d87-92a7-6b33dd4ebf28.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77aee3f-a7fb-4d87-92a7-6b33dd4ebf28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1b42bfa9fc6593b0444391dc260329a
b9c4cd422b818c859ac6ca928bc9e932a578ce30
89eee7200bf7a8bf100f64aee2208d7852265a85feb133fc87846b15cd96e842
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77aee3f-a7fb-4d87-92a7-6b33dd4ebf28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5983
x-amzn-requestid: ba84a9a2-3ebe-4dc9-9604-98d5cccb4f2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUqFxpoAMFrpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-55cd6d0a6e39357c226dd21d;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kWRS1NfiK9etmIoDtGu3C6uf8oqrL3r-mkM6BaTFPyNb6z4lYB38pw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:53:58 GMT
age: 62194
etag: "b9c4cd422b818c859ac6ca928bc9e932a578ce30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.kraftstones.com/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
103.195.185.18200 OK 3.0 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7262), with CRLF line terminators
Hash b4a1495aca0518739ca6de5ea67bb229
c2a90290d1232236f47e0d74b14adf02e236c119
c544b7ff13a294a9d46494053ffdaf9cda4524a5e0e3083a3e870b5b3a6f89da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Fri, 28 Feb 2020 07:31:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3018
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b772c6-a258-481b-9f13-545de0b247e7.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b772c6-a258-481b-9f13-545de0b247e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 571f174a66e87ea77b36542c6c7a29a4
5dc0ef56244f8a5ddbb7823e25c61312860b2d0f
e624e35cc734b8cacc2a8eaa80c81175a879c1195d7a4c65cdcd769836b96a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b772c6-a258-481b-9f13-545de0b247e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9280
x-amzn-requestid: acc18b78-3596-4d7d-9124-8bdb422171f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsHsVoAMFm0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-460db789669ecf5f1ad4d3c4;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3FqpHvXOa57CepJAzZ7IMViWsC5WSwTEjIqDCC58cFFewd6-xr4moA==
via: 1.1 bb568be725e8f0bfefe1fb7412e5804a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 23:32:58 GMT
age: 56254
etag: "5dc0ef56244f8a5ddbb7823e25c61312860b2d0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CIWYkrbRUTWVmy3JC5GbpBN1i30fwtYqGDyoA9ehbPANY7gw7al9ow==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 00:42:42 GMT
age: 52070
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.kraftstones.com/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9
103.195.185.18200 OK 1.9 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1933), with CRLF line terminators
Hash 0c3344c3176de33ee28f8266073c586b
0f71fea1a22b74eb0531bebfe2820a38fb9c1d2f
f498cd265edb14950afbf4f1c697ead5bdd06b7513e8d7ed546b761d9427cfe0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Wed, 13 Mar 2019 02:33:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1912
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8
103.195.185.18200 OK 4.4 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1785)
Hash 631bcf0a4e40db1d78b71511b276a712
1b710e731ec223c47575473e073c2353cd9eb8fe
77bb6e5c8cc3f996655717040b54f2709d7890681f3f0a0e86a9c4d9fc19d9e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Thu, 29 Aug 2019 01:13:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4416
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
103.195.185.18409 Conflict 83 B URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 409 Conflict
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.kraftstones.com/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
103.195.185.18200 OK 4.5 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11142), with CRLF line terminators
Hash d66285e39e36642078175573691a3a81
1c486f02f537dc60c75c8efd33e85f4da627cc2b
dec33c9e623f9b9726d13088bb1896545130d66d3f4e796a0cbc071e00b67c8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:33 GMT
Server: Apache
Last-Modified: Fri, 28 Feb 2020 07:30:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4547
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1
103.195.185.18200 OK 30 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (31972)
Hash 793997ff526b6310ddec521325fc1505
829153df5fc5ae1a93f1e430d3d7603dced8c21b
27d6b29d36c77a4c8afda7f5f18a82c13724ac15c995c0bbb406a01e6d8cb475
GET /wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Last-Modified: Fri, 23 Aug 2019 01:33:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.kraftstones.com/wp-content/plugins/wp-whatsapp-chat/assets/frontend/js/qlwapp.min.js?ver=4.6.1
103.195.185.18200 OK 2.8 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/wp-whatsapp-chat/assets/frontend/js/qlwapp.min.js?ver=4.6.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6904), with no line terminators
Hash b0b539e6aab4c20224e6db5b581a2aa7
4435276f7d7614a01273d132d02c7f7ac89da7ad
43d69d1d01f004a4a985d32404cc08bffae41061a1ab640562eafe6ed7fd8366
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-whatsapp-chat/assets/frontend/js/qlwapp.min.js?ver=4.6.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:33 GMT
Server: Apache
Last-Modified: Mon, 16 Mar 2020 12:09:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2827
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
103.195.185.18200 OK 5.3 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:33 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 11:26:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5321
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/init.js?ver=11.0.4
103.195.185.18200 OK 158 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/init.js?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (348), with CRLF line terminators
Size 158 kB (157714 bytes)
Hash a407dc54dbe6b5625ff24a02ff2126d9
c4593e4f8c1e258d1c14628618defe40f544e42e
50fc9fcb2db12eecbf5852528680e8b7d50fa3034718d4478b9f7e89f43d6323
GET /wp-content/themes/salient/js/init.js?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:33 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 01:58:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/css/style.css?ver=11.0.4
103.195.185.18200 OK 127 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/style.css?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Size 127 kB (127360 bytes)
Hash ed1dc02a08e6253df887c2141764c404
d6764ac7383a20dc7ccc7be8fd492efc30de2012
fffa40251fc43a0807c45c26f838da7951cacb3738a0d3c70a0186b840b53be2
GET /wp-content/themes/salient/css/style.css?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:33 GMT
Server: Apache
Last-Modified: Fri, 26 Jun 2020 09:53:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b4a24f9aebdfdb06d10cd53e92a70bb8
c4532479dbd9636d8f5206faa085c520651eb5f2
1d330af2b423e351355f710f14cb771fa9918e8b6638c5076aba7bcda6c30936
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 15:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 15:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 15:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 15:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.kraftstones.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 369572
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 15:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.kraftstones.com/wp-content/themes/salient/css/fonts/icomoon.woff
103.195.185.18200 OK 21 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/fonts/icomoon.woff
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 20916, version 0.0\012- data
Hash 503f4c3606b29a5069449a7fe94693cc
95159c43989b040739102f0d63f4d8dcd88ad067
4bdcd4f2bcb9d40a6f557e5d84ed60c74502ce09bd349f3bdfe67d5aee917018
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/fonts/icomoon.woff HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.kraftstones.com/wp-content/themes/salient/css/style.css?ver=11.0.4
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:33 GMT
Server: Apache
Last-Modified: Sat, 18 May 2019 05:35:36 GMT
Accept-Ranges: bytes
Content-Length: 20916
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: font/woff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f32199734e5b53c3ab5828a97490055
5759b8b995bff9850d45446f2c957b1a6a4b2dd5
634a3e5fc7177428aecaa99414e9132a0b6124a2d5ba36127c67b3d319e366f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "634A3E5FC7177428AECAA99414E9132A0B6124A2D5BA36127C67B3D319E366F5"
Last-Modified: Fri, 16 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16998
Expires: Sat, 17 Sep 2022 19:53:51 GMT
Date: Sat, 17 Sep 2022 15:10:33 GMT
Connection: keep-alive
www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d7139.293516143583!2d74.865988!3d26.531483!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x7ec0fb8b901d745f!2sKraft%20Stones!5e0!3m2!1sen!2sin!4v1584183680535!5m2!1sen!2sin
142.250.74.164200 OK 1.3 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d7139.293516143583!2d74.865988!3d26.531483!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x7ec0fb8b901d745f!2sKraft%20Stones!5e0!3m2!1sen!2sin!4v1584183680535!5m2!1sen!2sin
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2451)
Hash fbb0ddf311c56b33f49922e0742b080a
c376843668c7fb37df51ddb66881ed8813c1471f
e571a47f55323ab3e3cb08bb7d51b0e805ab233d98de107e608666cc659c1375
GET /maps/embed?pb=!1m14!1m8!1m3!1d7139.293516143583!2d74.865988!3d26.531483!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x7ec0fb8b901d745f!2sKraft%20Stones!5e0!3m2!1sen!2sin!4v1584183680535!5m2!1sen!2sin HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 17 Sep 2022 15:10:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-rBXVTN99tsA4P9uVfJj8fg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1253
x-xss-protection: 0
server-timing: gfet4t7; dur=138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9730b7d7d5f0481f65712991a899f4b8
facb4df5e4a4ac98b9bdd126c7dbb531cf0fe1e7
15d7d8acbcd94d9ca8579cc31a9ec621e76408663bc4b047e5e127acb14334a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 15:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad
216.58.211.10200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad
IP 216.58.211.10:0
File type ASCII text, with very long lines (2578)
Hash 501239aad74991d3994fc936898743c7
3ef3be562b275d649fcdd698ba0945539046767e
7f7d5fff6099ce8837973d481f3fafeff0d6e67a25c1c908261be59343f875e2
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56937
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=15
date: Sat, 17 Sep 2022 14:51:59 GMT
expires: Sat, 17 Sep 2022 15:21:59 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 1114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.kraftstones.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
103.195.185.18200 OK 98 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
GET /wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.kraftstones.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 15:10:33 GMT
Server: Apache
Last-Modified: Thu, 22 Dec 2016 11:20:34 GMT
Accept-Ranges: bytes
Content-Length: 98024
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: font/woff
www.kraftstones.com/wp-content/uploads/2020/02/fevicon.png
103.195.185.18200 OK 43 kB URL HTTP/2 www.kraftstones.com/wp-content/uploads/2020/02/fevicon.png
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 140 x 139, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f920895d3ad7c34308eb28f069ab608
d49a571213ced5e680f929671351028186ea79ac
178645358a4bdff5de056cfcb911de1f61982fb4e23ff14bd6e6d609ff56b494
GET /wp-content/uploads/2020/02/fevicon.png HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 28 Feb 2020 10:23:22 GMT
accept-ranges: bytes
content-length: 42872
content-type: image/png
date: Sat, 17 Sep 2022 15:10:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.kraftstones.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
103.195.185.18409 Conflict 83 B URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/verify/m&t/login.php?online_id=69d002b1b9d89d08350571527&country&iso
HTTP/1.1 409 Conflict
Date: Sat, 17 Sep 2022 15:10:32 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 17 Sep 2022 14:41:12 GMT
expires: Sat, 17 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 1762
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=722850827&t=pageview&_s=1&dl=http%3A%2F%2Fwww.kraftstones.com%2Fverify%2Fm%26t%2Flogin.php%3Fonline_id%3D69d002b1b9d89d08350571527%26country%26iso&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Kraft%20Stones&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=228687905&gjid=1752116436&cid=993404713.1663427417&tid=UA-174892953-1&_gid=74762157.1663427417&_r=1>m=2ou9e0&z=453564981
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=722850827&t=pageview&_s=1&dl=http%3A%2F%2Fwww.kraftstones.com%2Fverify%2Fm%26t%2Flogin.php%3Fonline_id%3D69d002b1b9d89d08350571527%26country%26iso&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Kraft%20Stones&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=228687905&gjid=1752116436&cid=993404713.1663427417&tid=UA-174892953-1&_gid=74762157.1663427417&_r=1>m=2ou9e0&z=453564981
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=722850827&t=pageview&_s=1&dl=http%3A%2F%2Fwww.kraftstones.com%2Fverify%2Fm%26t%2Flogin.php%3Fonline_id%3D69d002b1b9d89d08350571527%26country%26iso&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Kraft%20Stones&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=228687905&gjid=1752116436&cid=993404713.1663427417&tid=UA-174892953-1&_gid=74762157.1663427417&_r=1>m=2ou9e0&z=453564981 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.kraftstones.com
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://www.kraftstones.com
date: Sat, 17 Sep 2022 15:10:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.kraftstones.com/wp-content/uploads/2020/02/cropped-fevicon-192x192.png
103.195.185.18200 OK 59 kB URL HTTP/2 www.kraftstones.com/wp-content/uploads/2020/02/cropped-fevicon-192x192.png
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a5a09b2851a3446b23263bc6b188719
520e3d9df2e3dcdef2288d83f54c9d3577d20a47
8234924c1e7695f0744cd245917f97077971dfedb39d8793e2cbfb8497ca2192
GET /wp-content/uploads/2020/02/cropped-fevicon-192x192.png HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 28 Feb 2020 10:23:48 GMT
accept-ranges: bytes
content-length: 58551
content-type: image/png
date: Sat, 17 Sep 2022 15:10:34 GMT
server: Apache
X-Firefox-Spdy: h2
www.kraftstones.com/wp-content/uploads/2020/02/cropped-fevicon-32x32.png
103.195.185.18200 OK 3.2 kB URL HTTP/2 www.kraftstones.com/wp-content/uploads/2020/02/cropped-fevicon-32x32.png
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash c22954b59d86cf9c1a0e8cd16d5ca172
d671b465a0fc3ea1483da487a329131c84528572
d878d226f41b07cbb3a43c4e790ff3e315b75f34b54dce2cb53c3ce8bd3c5ef2
GET /wp-content/uploads/2020/02/cropped-fevicon-32x32.png HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 28 Feb 2020 10:23:48 GMT
accept-ranges: bytes
content-length: 3174
content-type: image/png
date: Sat, 17 Sep 2022 15:10:34 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 65f67a8218fde91f27c078c7d667fa99
fb1040a99568bcdea5ee7dcc401ecd64efe75dbe
beb7efa7a523341ec727d9ab52bb5ed18f4b62e6921247b5831e7c887ea084f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEB7EFA7A523341EC727D9AB52BB5ED18F4B62E6921247B5831E7C887EA084F5"
Last-Modified: Thu, 15 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Sat, 17 Sep 2022 21:10:29 GMT
Date: Sat, 17 Sep 2022 15:10:34 GMT
Connection: keep-alive
collect.greengoplatform.com/flag.js?v=7.1.3
91.211.91.112200 OK 573 B URL HTTP/1.1 collect.greengoplatform.com/flag.js?v=7.1.3
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (2348), with no line terminators
Hash 2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef
GET /flag.js?v=7.1.3 HTTP/1.1
Host: collect.greengoplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Sep 2022 15:10:35 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
khms1.googleapis.com/kh?v=930&hl=en&gl=IN&x=2899&y=1734&z=12
216.58.207.234200 OK 14 kB URL HTTP/2 khms1.googleapis.com/kh?v=930&hl=en&gl=IN&x=2899&y=1734&z=12
IP 216.58.207.234:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash d06df42c9b71b105c7825d1cd7a9cfa7
dd2fa602f21ad87b9f85e8ffac3ac57b0104f2e5
5909417ae5c70e2901a26ca7febeb16d020274c867e17a97cb15b009c3d8a800
GET /kh?v=930&hl=en&gl=IN&x=2899&y=1734&z=12 HTTP/1.1
Host: khms1.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=31536000
date: Sat, 17 Sep 2022 15:10:35 GMT
expires: Sun, 17 Sep 2023 15:10:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
access-control-allow-credentials: true
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 14424
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
away.bettershitecolumn.com/away.php?id=98&kid=3467-23&sid=884578-34-76987-11
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/away.php?id=98&kid=3467-23&sid=884578-34-76987-11
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /away.php?id=98&kid=3467-23&sid=884578-34-76987-11 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 17 Sep 2022 15:10:37 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track.php?aid=98823&uid=46536-433-636474-23 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.kraftstones.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 17 Sep 2022 15:10:37 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
91.211.91.104200 OK 816 B URL HTTP/2 away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d1df58c1cfe00c5e163e3046be91f523
b77fdd2125b0e067590af48d83162f32b008d621
9211b86bb4aea045e56861d6f0564d64da418587a46dcd714c652c529d26ca6f
GET /track.php?tid=54889&lid=9554-66-457679-29 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.kraftstones.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 15:10:38 GMT
content-type: text/html; charset=UTF-8
content-length: 816
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 20252ddba29b284ea0c62627040012ea
e09cbf2b28c39ce2a2a07e548e487757e8950cdf
7ba20b0d90d7056f34cd0faca7def66e76cae5d486e9b139b58808f13146ec83
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BA20B0D90D7056F34CD0FACA7DEF66E76CAE5D486E9B139B58808F13146EC83"
Last-Modified: Sat, 17 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7587
Expires: Sat, 17 Sep 2022 17:17:05 GMT
Date: Sat, 17 Sep 2022 15:10:38 GMT
Connection: keep-alive
silverlinetogther.net/b81698fd2.js
185.177.94.152200 OK 54 B URL HTTP/2 silverlinetogther.net/b81698fd2.js
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 30c1fd0f847f40d79960103f317ec07d
a0d13efcd4192c63adc1eabfb05717ad1cebd931
556ec061bb60ac3e9a1769e325fa43e4e6c1351216161560bdd37356956dbd1f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /b81698fd2.js HTTP/1.1
Host: silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=cde32f7a-0061-4c8c-8ecd-bbd5b67630fe
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 15:10:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 54
last-modified: Sat, 02 Jul 2022 04:59:02 GMT
etag: "62bfd096-36"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
silverlinetogther.net/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 silverlinetogther.net/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverlinetogther.net/go/he2tszrzmq5dcmbugayq?sub2=slicer4
Cookie: uuid=cde32f7a-0061-4c8c-8ecd-bbd5b67630fe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Sep 2022 15:10:38 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6f5094e3eae78da22d8cb8a44da6b8a
d4893451891646710759d4922dd21ad870a2cc8f
61f382d68d17993b2d412e4f5d4bcc652582626626e9606d92f460e1cb3d7267
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61F382D68D17993B2D412E4F5D4BCC652582626626E9606D92F460E1CB3D7267"
Last-Modified: Sat, 17 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5356
Expires: Sat, 17 Sep 2022 16:39:54 GMT
Date: Sat, 17 Sep 2022 15:10:38 GMT
Connection: keep-alive
0.silverlinetogther.net/b81698fd2.js
185.177.94.152200 OK 54 B URL HTTP/2 0.silverlinetogther.net/b81698fd2.js
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 30c1fd0f847f40d79960103f317ec07d
a0d13efcd4192c63adc1eabfb05717ad1cebd931
556ec061bb60ac3e9a1769e325fa43e4e6c1351216161560bdd37356956dbd1f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /b81698fd2.js HTTP/1.1
Host: 0.silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=cde32f7a-0061-4c8c-8ecd-bbd5b67630fe; uuid=cde32f7a-0061-4c8c-8ecd-bbd5b67630fe
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 15:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 54
last-modified: Sat, 02 Jul 2022 04:59:02 GMT
etag: "62bfd096-36"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
0.silverlinetogther.net/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 0.silverlinetogther.net/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 0.silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.silverlinetogther.net/index.php?p=he2tszrzmq5dcmbugayq&sub2=slicer4
Cookie: uuid=cde32f7a-0061-4c8c-8ecd-bbd5b67630fe; uuid=cde32f7a-0061-4c8c-8ecd-bbd5b67630fe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Sep 2022 15:10:39 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce29d7b075cac722dd714eb4a2324803
4ac9e18935a24434d6ba52081f3442f67d4a0964
3ed8abb0077ce115f6cbd1d2a6f4bf52e969c0a6adbd87ad22e5d337b71556cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3ED8ABB0077CE115F6CBD1D2A6F4BF52E969C0A6ADBD87AD22E5D337B71556CD"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11374
Expires: Sat, 17 Sep 2022 18:20:13 GMT
Date: Sat, 17 Sep 2022 15:10:39 GMT
Connection: keep-alive
load.bettershitecolumn.com/slash.js?v=0.9.7
91.211.91.104200 OK 0 B URL HTTP/2 load.bettershitecolumn.com/slash.js?v=0.9.7
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
GET /slash.js?v=0.9.7 HTTP/1.1
Host: load.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 15:10:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 02 Sep 2022 10:59:21 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6311e209-18e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
silverlinetogther.net/go/he2tszrzmq5dcmbugayq?sub2=slicer4
185.177.94.152200 OK 0 B URL HTTP/2 silverlinetogther.net/go/he2tszrzmq5dcmbugayq?sub2=slicer4
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /go/he2tszrzmq5dcmbugayq?sub2=slicer4 HTTP/1.1
Host: silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 15:10:38 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=cde32f7a-0061-4c8c-8ecd-bbd5b67630fe; expires=Mon, 17-Oct-2022 15:10:38 GMT; Max-Age=2592000; path=/; domain=silverlinetogther.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
browork3er.cc/sw/bro.js
212.129.16.248200 OK 0 B IP 212.129.16.248:0
GET /sw/bro.js HTTP/1.1
Host: browork3er.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverlinetogther.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 15:10:38 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 17 Sep 2023 15:10:38 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
0.silverlinetogther.net/index.php?p=he2tszrzmq5dcmbugayq&sub2=slicer4
185.177.94.152200 OK 0 B URL HTTP/2 0.silverlinetogther.net/index.php?p=he2tszrzmq5dcmbugayq&sub2=slicer4
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /index.php?p=he2tszrzmq5dcmbugayq&sub2=slicer4 HTTP/1.1
Host: 0.silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverlinetogther.net/
Cookie: uuid=cde32f7a-0061-4c8c-8ecd-bbd5b67630fe
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 15:10:39 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=cde32f7a-0061-4c8c-8ecd-bbd5b67630fe; expires=Mon, 17-Oct-2022 15:10:39 GMT; Max-Age=2592000; path=/; domain=0.silverlinetogther.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2