r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5181
Expires: Thu, 10 Nov 2022 04:40:03 GMT
Date: Thu, 10 Nov 2022 03:13:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5996
Cache-Control: max-age=118638
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:42 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:11:00 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8350
Expires: Thu, 10 Nov 2022 05:32:52 GMT
Date: Thu, 10 Nov 2022 03:13:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 334efeUSNUoyKMvmSC3Nl2GPvdnREWXsbrwXwAbe3L2SbcRbzlijzDvUt2zZNjeMEavPCpSuEhwwUMsetChlGA==
x-amz-request-id: JKVQWPJ7GS086HX9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 02:49:13 GMT
age: 1469
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 03:13:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 19
Cache-Control: max-age=107606
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:42 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 09:07:08 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.125.72101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.125.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sK8emAP6ZVxzE90bYO966Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: O8bVbspbkTRp/XrZokPpo/pYghw=
theklaganriverson.com/xacces/De4lt/b9.php
103.6.198.170301 Moved Permanently 0 B URL HTTP/1.1 theklaganriverson.com/xacces/De4lt/b9.php
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /xacces/De4lt/b9.php HTTP/1.1
Host: theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 10 Nov 2022 03:13:42 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=f96a7f30a170e23af929432fe287ba8c; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://theklaganriverson.com/xacces/De4lt/b9.php
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14654
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 03:13:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14654
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 03:13:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kZPJ95WwFXhxoBwZIeTN2iRl3-XFPmooKSeFtLu3wIm4b8nabFY2mA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:29 GMT
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
age: 19635
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2917b487c605eb7f53d20ff3b4fbfef0
5dd8989fb1129638361c16ad2a1fde93a4c4aafd
aaf620d791f23829e15a454b3faf5b47a0f00ff37ada91d6de5c62c322fe90ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8875
x-amzn-requestid: 1374243f-4fd8-4405-8f8a-946a8f92c457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniEw2oAMFtfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-195c58a826eae13b58d21aa0;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MfDIK2PCS_o7UuNXVSNOb3YbR_P8vlF7xw75qf8WdbjRr8hzCVYu6A==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:28 GMT
age: 19636
etag: "5dd8989fb1129638361c16ad2a1fde93a4c4aafd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d68ac59950c3276cd8f92b777a004df1
94c0ee5c14e8e8cdf95883582ba8084cc5867f93
b02d6d61c1fae8260d1fc30c0a78ebbc3482a3aa0acafb58d8269942ff8e732b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7987
x-amzn-requestid: 6a465dcd-6a4e-49fb-9fa9-169678d39b5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlo7HBFIAMFSQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9f-4ffe8f2534aeaef73329a8cd;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:19 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WrcaH4gahZqvIVMBFxF5zwB7IXujbT64xDOL8WmuQajijIyEK7Or3g==
via: 1.1 637ef0a7bc474e9a314fa064b65e8082.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:47:28 GMT
age: 19576
etag: "94c0ee5c14e8e8cdf95883582ba8084cc5867f93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y5MD-207EEHTD7hC8z0SzYCHA0JdOpYRrUhYDwo0cQ9ITGRbtQ-McA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:28 GMT
age: 19636
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61e58563ce83ab22c1604920db81f8e5
71dc8a32634a72c2092ef90a4f46250599b523f6
ddbb9d12368a95d38b94398274524862a28da41f22062d0096ac0c7052e2ca3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9360
x-amzn-requestid: ab27926c-6cd1-4817-a5ff-aa47f666f337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpOGmjoAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca1-5835f3a814659500346d44e8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kr6uTOkWhcF7u0oUSM4SJSomIPdx6cnVNYQrGqcui8c65fr-soPOuQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:45:34 GMT
age: 19690
etag: "71dc8a32634a72c2092ef90a4f46250599b523f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7af9a4c649c9ff2f48006dffde7fe73
a19bc4b970a451dc7fe45dd7e72a5640ee6c4cae
1ccf9503c2ecaeb6f64a8e4194575908ca8746c69bf2b6fb1a6a59cf2408dc2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11722
x-amzn-requestid: bdba30aa-7c54-4163-8c09-e2c8948bba5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlomHKfoAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9d-0497f5bc1d5c2fab268fb451;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GK6WMqg_ip9Lcv1UYCQMfdXqRsoxYKhv2fIaqz5tUx_HHw0Cv99Hcg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:50:11 GMT
age: 19413
etag: "a19bc4b970a451dc7fe45dd7e72a5640ee6c4cae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.css?ver=5.3.14
216.58.207.202200 OK 8.1 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.css?ver=5.3.14
IP 216.58.207.202:0
File type ASCII text, with very long lines (2363)
Hash 1930141d1ccd3409ebbe8c2db4c43fcf
8d6b59aa365bf686ab7408353fd232d7ca7feab5
f2094ee57e84b8403b58f45dbe68411e3b02fe3f0cb465fdec48b206ab66d48f
GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.css?ver=5.3.14 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 8060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 08:54:27 GMT
expires: Thu, 09 Nov 2023 08:54:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
age: 65960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7739204660998307aa628cc283d498d1
00de67cdebcf05b9494a16fdb4aa4ff911edf266
7c6d344b2ef93c89612d572641a1badf3e409ce0273ea09e653f249326d62bac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C6D344B2EF93C89612D572641A1BADF3E409CE0273EA09E653F249326D62BAC"
Last-Modified: Wed, 09 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7575
Expires: Thu, 10 Nov 2022 05:20:02 GMT
Date: Thu, 10 Nov 2022 03:13:47 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 952f908d8283855a70460d2f6bbcaf22
be97447f1f50f0ad67d15aa07425979da1a12694
6337d6ace429d0bc53cfebab8592c92c449ae969d92545d87f432321b4b494c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/css/supersized.css?ver=2.0.1
103.6.198.170200 OK 1.4 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/css/supersized.css?ver=2.0.1
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Hash d72b4bbd02a925c62a435aa4197e555d
7c4d5db4e2c1731a57d294c18a8747d6633edd1c
d09763235b438f4ae7c0c0d40f1c6952da712513325a7e6bf3203b374125efba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/easy-fullscreen-slider/assets/css/supersized.css?ver=2.0.1 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2017 07:16:37 GMT
accept-ranges: bytes
content-length: 1437
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
counter.websiteout.net/js/17/6/5000/0
37.59.42.71200 OK 216 B URL HTTP/1.1 counter.websiteout.net/js/17/6/5000/0
IP 37.59.42.71:0
File type HTML document, ASCII text, with no line terminators
Hash 13b353222c2cfe272c1571014f93df65
8226c4b0d016299dd5bc6dc53815602ff1cd815e
ca1532ead9657cfda8d0938cb608593425a32197330a47bc5f39b294b97056f0
GET /js/17/6/5000/0 HTTP/1.1
Host: counter.websiteout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 03:13:47 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="DSP COR NID CURa"
Content-Length: 216
Keep-Alive: timeout=1, max=50
Connection: Keep-Alive
Content-Type: application/x-javascript
www.google.com/jsapi?key=AIzaSyCyFBVWZKyHFsv4Q8KCo2KCVm450JMlJ3k&ver=3.7
142.250.74.132301 Moved Permanently 293 B URL HTTP/2 www.google.com/jsapi?key=AIzaSyCyFBVWZKyHFsv4Q8KCo2KCVm450JMlJ3k&ver=3.7
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f2d5226326757228916d2c56668e07aa
3c1dfbff436af62a81ab3f864d6aeeb8edbf1211
76b876991bee3f177c4aadac09e28582d7293addd2ace1795e980a140d061ff8
GET /jsapi?key=AIzaSyCyFBVWZKyHFsv4Q8KCo2KCVm450JMlJ3k&ver=3.7 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.gstatic.com/charts/loader.js?key=AIzaSyCyFBVWZKyHFsv4Q8KCo2KCVm450JMlJ3k&ver=3.7
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 03:13:47 GMT
expires: Thu, 10 Nov 2022 03:43:47 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash bc576df12b61c9f920027c2aceb222eb
5f0dae8bff170339152888be7c8f15bc5a12a300
ec659bea707181e6f6527bd6e52e8f434fe6df7b2c22e8b75b8dcf37c764361f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/charts/loader.js?key=AIzaSyCyFBVWZKyHFsv4Q8KCo2KCVm450JMlJ3k&ver=3.7
142.250.74.163200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js?key=AIzaSyCyFBVWZKyHFsv4Q8KCo2KCVm450JMlJ3k&ver=3.7
IP 142.250.74.163:0
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js?key=AIzaSyCyFBVWZKyHFsv4Q8KCo2KCVm450JMlJ3k&ver=3.7 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.theklaganriverson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-type: text/javascript
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
date: Thu, 10 Nov 2022 03:13:47 GMT
expires: Thu, 10 Nov 2022 04:13:47 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/font-awesome.min.css?ver=5.3.14
103.6.198.170200 OK 22 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/font-awesome.min.css?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (21822)
Hash feda974a77ea5783b8be673f142b7c88
b71d1c7c315b67c614563382d1c2a868ac14d729
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
GET /wp-content/plugins/easy-bootstrap-shortcodes/styles/font-awesome.min.css?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 May 2017 08:25:24 GMT
accept-ranges: bytes
content-length: 21984
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/to-top/public/css/to-top-public.css?ver=2.0
103.6.198.170200 OK 978 B URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/to-top/public/css/to-top-public.css?ver=2.0
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Hash 658ed7c8d9872eb232101d85f58c8cc5
8bced14987dea1d915c41a32a667d5a37891f2ae
876822ac9010888cdd45fc9f3c4888616364d6f481f1f4caacaeff1a3192e62d
GET /wp-content/plugins/to-top/public/css/to-top-public.css?ver=2.0 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Dec 2019 01:03:13 GMT
accept-ranges: bytes
content-length: 978
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/uploads/master-slider/custom.css?ver=2.9
103.6.198.170200 OK 433 B URL HTTP/2 www.theklaganriverson.com/wp-content/uploads/master-slider/custom.css?ver=2.9
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Hash a9f9b51cb59b1dfc97d4366b596873e7
48821c46a2ff0d560898f783fe9635c81a5b5ec4
d2813dd046b540ab28bfc1de4b7b7cc2e85360873419f4589f3e6e1c39572e51
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/master-slider/custom.css?ver=2.9 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Dec 2019 01:03:26 GMT
accept-ranges: bytes
content-length: 433
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.6.0
103.6.198.170200 OK 232 B URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.6.0
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with CRLF line terminators
Hash 47f1feb5aaf7fb422aad353e698138de
8b77ee83100e8286bc80df691929aa655e21c9de
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.6.0 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 May 2017 08:27:34 GMT
accept-ranges: bytes
content-length: 232
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/themes/agentpress-pro/js/responsive-menu.js?ver=1.0.0
103.6.198.170200 OK 765 B URL HTTP/2 www.theklaganriverson.com/wp-content/themes/agentpress-pro/js/responsive-menu.js?ver=1.0.0
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Hash 4e8ddd793b4a5fffadf5e4fd6322c500
e760782c82b4ef6ed6dddd971145f22722de23dc
e6b9e2a111a02600e8e0f48610a521300d66431c4f907cdccc0b0fa162018c14
GET /wp-content/themes/agentpress-pro/js/responsive-menu.js?ver=1.0.0 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 May 2017 03:32:25 GMT
accept-ranges: bytes
content-length: 765
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/dist/dom-ready.min.js?ver=2.5.1
103.6.198.170200 OK 1.2 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/dist/dom-ready.min.js?ver=2.5.1
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (1169), with no line terminators
Hash 0d9ef672806b1357c5badde6095b5bbe
b31fc6d14197dc12648019a98d274f6dd001f604
f375aeaa275ea51a86150030cdb627cae120dc3b2d3d346821f16731fa2d1d75
GET /wp-includes/js/dist/dom-ready.min.js?ver=2.5.1 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Sep 2021 13:24:59 GMT
accept-ranges: bytes
content-length: 1169
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.0
103.6.198.170200 OK 2.3 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.0
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Hash d57ea8be4223524c97a28d4bcbe46825
b750ecd609b7245b8fcfd5f9c148b36a5dbbf2ec
4e263a75e29fff467d615ae2b7c503c4e98ea972e25ec82db02197d1f0db058a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.0 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Dec 2019 01:03:13 GMT
accept-ranges: bytes
content-length: 2288
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/css/supersized.shutter.css?ver=2.0.1
103.6.198.170200 OK 4.8 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/css/supersized.shutter.css?ver=2.0.1
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (355)
Hash 8e753ad3f6812de3fd50398fc4a63d38
521017d8cf0284dab80c152bd5a0a2a96a79c492
0f78a0b20a03db7a5a34c293a2a0c25e61c361aeccd13f85b609ba7e6ce0fd6b
GET /wp-content/plugins/easy-fullscreen-slider/assets/css/supersized.shutter.css?ver=2.0.1 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2017 07:16:37 GMT
accept-ranges: bytes
content-length: 4758
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.11.4
103.6.198.170200 OK 908 B URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (680)
Hash 880adcd48ca0fd326f23014530986704
6530e7de017d4827dc8931758fae51a5c39ca322
a0b0d9da31851f55a0be971e91c668c325b078838af5b4a306cbae1acb7c53d5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 908
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
103.6.198.170200 OK 1.1 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (899)
Hash e36fd7a0d8b7418ec9ddff4f77600c8c
89e2d38b1defefcec512086ab2681f56ed3e7ba7
3d5c5de31ad9d64a23beda3d8ec60183ca3ca1d19777d15e3ef4bf42c27924a8
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 1129
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.11.4
103.6.198.170200 OK 794 B URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (560)
Hash 9cd7fda530044a85e536effcd530fccc
aed8161e5436998ef72dcd96d561c77298ec58be
8342752af4f86e651337e9e067df248ecac71f9a2ea1c354caaf33ae8201d566
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 794
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.11.4
103.6.198.170200 OK 789 B URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (551)
Hash 9b1d4283702ba049f9d88e0a75d05f81
c618a96e7ea6de46cba133d60a5eb469aae73389
cf059121b52a5e1264b775819c2ad5a6449eb26fa1618bc6b85c8880099bb925
GET /wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 Oct 2019 19:31:04 GMT
accept-ranges: bytes
content-length: 789
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.11.4
103.6.198.170200 OK 1.2 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (1010)
Hash add6542db50a3d3ec13c0a8cd6bee6dd
e9a4ce67acf1713cffefa7ee80a45000b8824df6
3bc0360d3c8667fa0f9489b0910550f12cb3b1c79fe7bd41191b649e2f371b5b
GET /wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 1242
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.11.4
103.6.198.170200 OK 1.0 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (797)
Hash 1e3331f2e2bb06e352835f8a1957a7c3
92e5d7294c4013c224cc62874877aeb2b5fc824d
9025a09743d7756dfca719884ab0c26cba79114b49b6f865c166876db0e0c57d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 1025
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.11.4
103.6.198.170200 OK 991 B URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (763)
Hash 0168ce283eee1a9c82a7cb377de13afc
2d07b077d1cc10c4ea434be14e84f3bcb0ce20c0
a6b733ac446743853f938caa85bf7d978f3d168b4099b90dc3657c5de69a57de
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 991
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/xacces/De4lt/b9.php
103.6.198.170404 Not Found 41 kB URL HTTP/2 www.theklaganriverson.com/xacces/De4lt/b9.php
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1902), with CRLF, LF line terminators
Hash cd29d56e787950b8e4be0c8d9e30307f
486ebde47448bed782520bc27077111cec415d4e
44c5616d5bf74af0c7c74627938e6411a10c35330acbe4ca84500e6f43fcb05a
Analyzer Verdict Alert fortinet Malware
GET /xacces/De4lt/b9.php HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.theklaganriverson.com/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384; path=/
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 03:13:45 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.11.4
103.6.198.170200 OK 1.1 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (879)
Hash 99dd1a11f49db0bc9b8a6ad749ac1be8
976e7c5c4af5a0970a1aa16168036dd7ebc19aa6
981273245f40043b454460f0f3bc7686ca73c05246ac7ac924f491086431e361
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 1109
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.11.4
103.6.198.170200 OK 857 B URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (621)
Hash e81b0a5f159ddd53d9304015ed097366
18eb17bd3c34275f779694808bc73cc75dabbc90
9e20a504411a4d12e6a44c59cb44d87bcf2ee78a8c73397eb68b24d3a9b8512d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 857
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.11.4
103.6.198.170200 OK 515 B URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Hash 8a30f21e345577b420a78c5aba2b3156
cfb158c44beb76328bf092a9a1ae3e5e22881425
e1618154fbb42d1eac52d4e9a1438f1fcac0ba61dc613f9acf05cefb3c17d30f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 Oct 2019 19:31:04 GMT
accept-ranges: bytes
content-length: 515
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.11.4
103.6.198.170200 OK 1.1 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (871)
Hash 135cd16b6964aa75eed598f33997be7d
b02471c7165887f0a44c504496ccf9243de7a608
18e2b418fef1f7399ca3e58b26e440a2be4af59c32aa82c28db587744fcaf558
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 1101
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/js/jquery.easing.min.js?ver=5.3.14
103.6.198.170200 OK 7.0 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/js/jquery.easing.min.js?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ISO-8859 text, with very long lines (3601)
Hash ec64dc8377266f617caf00ebc5067a14
fb6ebf42d2da04eee38b8fabc0c09dd9e433a9e4
a7c016be6c9693535e2a8abce5814c71290f76bb8259e907dfa092f3c3633447
GET /wp-content/plugins/easy-fullscreen-slider/assets/js/jquery.easing.min.js?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2017 07:16:48 GMT
accept-ranges: bytes
content-length: 7046
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.11.4
103.6.198.170200 OK 959 B URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (729)
Hash a0077303ca9ea5bd6da34ee026a418de
ac58e0ac80296a2736a1298ec10152c5b6ffe63a
5670e5f8a3ebd1c6a99db1d2d20ae73d1c498c45e200bbf505f6e6278cde5dd5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 959
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/js/supersized.shutter.min.js?ver=5.3.14
103.6.198.170200 OK 7.3 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/js/supersized.shutter.min.js?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (7015)
Hash d9c13311b3930f2de79f7588418ea38d
8c96679964281555f310c99ad1e0bc4f0dbf49a9
0fad9c3f587cfe632783eeef018e55a5316967a924181ab7715d1ce4b2f245b4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/easy-fullscreen-slider/assets/js/supersized.shutter.min.js?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2017 07:16:48 GMT
accept-ranges: bytes
content-length: 7266
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.11.4
103.6.198.170200 OK 1.2 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (935)
Hash 2f68b680e67f09ced628d98b2bb456ff
640aa4cf0905a4a13e31937aba00ac09c2bef703
23a26cf5689c7598d73e6ef9c0ff8f0fd1b4e9f0c751e354a5a40c30e03215ae
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 Oct 2019 19:31:04 GMT
accept-ranges: bytes
content-length: 1169
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4
103.6.198.170200 OK 2.5 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (2241)
Hash 34c78c33e7c97e65a369bb0137d93d05
cacc3f34a1d55aa06284d107c4b2c240a179df0c
32e3e9f84b34b2f8a432a8e6383f3c909ca4d1fa9d980d81713c0d991972a424
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 Oct 2019 19:31:04 GMT
accept-ranges: bytes
content-length: 2468
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
103.6.198.170200 OK 10 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 May 2016 03:41:28 GMT
accept-ranges: bytes
content-length: 10056
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/dist/a11y.min.js?ver=2.5.1
103.6.198.170200 OK 2.2 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/dist/a11y.min.js?ver=2.5.1
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type Unicode text, UTF-8 text, with very long lines (2235), with no line terminators
Hash 77ade69b82132d8900e4912616e521d2
21fc5d16211397753e08867611cacdeb948b2ea5
35d465a38a7c5a084e7fd7888a450d96ed5cefd82291b250df1a10c5782dd780
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/a11y.min.js?ver=2.5.1 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Sep 2021 13:25:00 GMT
accept-ranges: bytes
content-length: 2236
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/leaflet-maps-marker/leaflet-dist/leaflet.css?ver=3.12.2
103.6.198.170200 OK 14 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/leaflet-maps-marker/leaflet-dist/leaflet.css?ver=3.12.2
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with CRLF line terminators
Hash 692227961c7909e4bbf67552519b8ad2
f365f6d1cfa500b7a77fb8b9a9e6de178f17667c
8e4965bb8f670bcbd0cd85e348a79c9689f731a5a1b09e5764ccb0adfeee2f21
GET /wp-content/plugins/leaflet-maps-marker/leaflet-dist/leaflet.css?ver=3.12.2 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Dec 2019 01:13:26 GMT
accept-ranges: bytes
content-length: 13523
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/wp-embed.min.js?ver=5.3.14
103.6.198.170200 OK 1.4 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/wp-embed.min.js?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
GET /wp-includes/js/wp-embed.min.js?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 1391
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
103.6.198.170200 OK 41 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (41045), with no line terminators
Hash 612b7ab9f699e968f5b3206ca16ee834
12685fd0b83dabb9a2004dd4c74de4515fea3013
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Jun 2020 15:32:41 GMT
accept-ranges: bytes
content-length: 41045
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/js/supersized.3.2.7.min.js?ver=5.3.14
103.6.198.170200 OK 18 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/js/supersized.3.2.7.min.js?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (17672)
Hash 4866e39cd6a51a5a844677a134bf5ff4
8e84f21819d6f3e83496fa7293cad16f0eb985dd
ca1aa8fade0fbc33f0243432599ad8f427e65aaefe03a16f328f0330aa14cee7
GET /wp-content/plugins/easy-fullscreen-slider/assets/js/supersized.3.2.7.min.js?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2017 07:16:48 GMT
accept-ranges: bytes
content-length: 17902
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/themes/agentpress-pro/style.css?ver=3.1.1
103.6.198.170200 OK 66 kB URL HTTP/2 www.theklaganriverson.com/wp-content/themes/agentpress-pro/style.css?ver=3.1.1
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (1798), with CRLF line terminators
Hash 73a4eac30d88c820e4c39d873c948293
f68218fb1d523d25bec80ef02e78eb947bb4f8ad
ab6c64f674edd9b337dbdbce1eddfaae7f34770bbaa05aeaca40afb12e807d49
GET /wp-content/themes/agentpress-pro/style.css?ver=3.1.1 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Jun 2017 09:08:52 GMT
accept-ranges: bytes
content-length: 66430
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.11.4
103.6.198.170200 OK 3.3 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (3023)
Hash fbdf6877e2b8559fccad7a591d58663e
707dc9862ae2333f003c1c2b9387625bdbbbf331
99f47f1084db599d55bf70957f9a033eee6012a660c74009aea8bee651ddc3d0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-size.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 3251
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
103.6.198.170200 OK 3.1 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (2927)
Hash 412416b5df69805b1e084e50d4283c2f
b8c47463c0793854638a8981cfad35503f393297
7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 3142
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/js/bootstrap.min.js?ver=5.3.14
103.6.198.170200 OK 28 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/js/bootstrap.min.js?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (27674)
Hash 353240ad37d1b084a53b1575f8ce57da
b3182f99be238cc41164df8615005fad53282b4e
fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/easy-bootstrap-shortcodes/js/bootstrap.min.js?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 May 2017 08:25:24 GMT
accept-ranges: bytes
content-length: 27822
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
103.6.198.170200 OK 3.9 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (3704)
Hash e6784d91bf2c668bc4093063c5b15113
687e1d2e957a821280dbd205ae66182f16dfdc30
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 3929
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/selectable.min.js?ver=1.11.4
103.6.198.170200 OK 4.3 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/selectable.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (4033)
Hash 91167a07312f0c7cf9eadbb6211fa2d5
c6a554c0b01d1b3a6e4f873491f5b4744f64d47b
05ce3f549ff9e4aadaa6542643b0f72b9c39fcde428d65514774b143b5347f9e
GET /wp-includes/js/jquery/ui/selectable.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 Oct 2019 19:31:04 GMT
accept-ranges: bytes
content-length: 4258
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
103.6.198.170200 OK 6.4 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (6217)
Hash d1c2e97eeca08ca067ccf2c5736f0390
5281985542fcc8c5a651d1991296e12c39bfcb82
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 6438
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/droppable.min.js?ver=1.11.4
103.6.198.170200 OK 6.2 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/droppable.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (6007)
Hash 5da4ea3eb5435fce036e80bd58718da2
3d11dddfa3b97ad1e8cf3a844d9f59d81f8b6837
cb578ed9307a8912ee5bbd79f91b80fec2abe28042e6bd03a83c679f33005411
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/droppable.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 6230
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.11.4
103.6.198.170200 OK 5.7 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (5431)
Hash 011521c4cb26175134847bc005c736fa
aab10f7d07a220841b1f29ea764d5b2c0c0fdcb9
4205086e08c34625efc0d72df59715ed8ec9cfd271e3eb51c6a37aa0a7daec2b
GET /wp-includes/js/jquery/ui/tooltip.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 5650
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/css/dashicons.min.css?ver=5.3.14
103.6.198.170200 OK 48 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/css/dashicons.min.css?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (47529)
Hash d54a4192cc3e4d54677c8091c1dae73b
7e3e8e30c66c5751bb5477b4e9939969f4e2aa5e
de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353
GET /wp-includes/css/dashicons.min.css?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:23 GMT
accept-ranges: bytes
content-length: 47564
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
103.6.198.170200 OK 6.8 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (6603)
Hash 2fb11e1fba920ce6191aaf65473894ff
858e35ea212ce2c331f6f2b4980b55fa5bac29f5
1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 6827
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
103.6.198.170200 OK 7.2 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (6998)
Hash 96bebe37b0494fd593d242b0ab500197
c76a024864596ff36e8a3c494e81f0cdb0f8af7e
409c16852a61e50980a17fed11c6434aa362731291b49f9923f5a9bbc8c030b4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/button.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 7215
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4
103.6.198.170200 OK 7.1 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (6839)
Hash 6010817c2bd9b93461e335d0cbc6d6be
25ca4371a64aa39bcbc3c6953da002848405f37c
6b2562f3ed29e898a7d502a212c30516dec520856ee92093090934553cd99e51
GET /wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 7058
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
103.6.198.170200 OK 8.2 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (7998)
Hash cd39cd96dff0888fabd40c2c7c75e064
542a73251ba957bcac5b75d948fa9bfaa85e90a1
67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 8227
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
103.6.198.170200 OK 8.6 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (8339)
Hash a0b8589edef2f5b85ccf152816269a7d
93173c4b95691e08075a54531891463cc1fb7b5d
96b656700f9b4784f69af925f46ecc91caa7f444b3168ecbb64afe06f8fc4c99
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 8562
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/selectmenu.min.js?ver=1.11.4
103.6.198.170200 OK 8.4 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/selectmenu.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (8135)
Hash fba28019d0b30ba893e89de5949e0342
227f362fd8e5858a1858b392e7836db9f48354b0
a294032baabd17deebf624872dbfab8cf7acbc68c6c9878bfaf7067477eff785
GET /wp-includes/js/jquery/ui/selectmenu.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 8359
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
103.6.198.170200 OK 9.5 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (9330)
Hash b4b9458fcbfa3ff33fda9d1fe6a33dc5
d9dafac2c525a0b33039cb2e26d8bd80902d3ada
11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9
GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 9543
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
103.6.198.170200 OK 97 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 May 2019 01:55:54 GMT
accept-ranges: bytes
content-length: 96873
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4
103.6.198.170200 OK 11 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (10694)
Hash aa205fbfb232b9cb5f104142e7183b36
d73fef1ae7c9fc260dba69e57658793f01590eea
bf9d214a2ec4f01d57a72fa4417e1cd8f895800b277b6040eb98c77e4b49e668
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 10911
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4
103.6.198.170200 OK 12 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (11876)
Hash 8fa9e3f9c636c43c52bb7a861839376e
8f86d768f4fb5a5081f9266700448dcb7f7a16d1
72a1a8339a4ef21db997f17cac76cfe78938a1e755e37bdbe5dbc249bc6947d1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 12093
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
103.6.198.170200 OK 12 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (11799)
Hash f2c8bed453ea6a55cad903c5e367bc4f
96323cb37f985657f8133dfbc452c189e277c2f1
b91aab00697781a1fb184945cd6e7602db0d45458fa58a53156110945f2b71be
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 12012
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14
103.6.198.170200 OK 14 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (10927)
Hash d6aeffd9e0126160ff89d369c05a5fbe
8480b15ad38e8e1d67960e72b513fa4f463e2cc1
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 13849
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
103.6.198.170200 OK 13 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (11225)
Hash 50e725a9b1e53dd2231151e7dd8ee629
8b3182f2113ed7845f65b6b5983f20c753ee9505
c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 13223
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A300%2C700%7CRoboto%3A700%2C300%2C400&ver=3.1.1
142.250.74.10200 OK 19 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A300%2C700%7CRoboto%3A700%2C300%2C400&ver=3.1.1
IP 142.250.74.10:0
Hash 8be22e5be42584ebd8d3e83be47af66e
42af9bac6b7cee48542bd40d336767cc9c4cb18c
a125a3512144107fecef61937364d6a1c5988f5401d967b2b306819db7c31017
GET /css?family=Lato%3A300%2C700%7CRoboto%3A700%2C300%2C400&ver=3.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 03:13:47 GMT
date: Thu, 10 Nov 2022 03:13:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4
103.6.198.170200 OK 19 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (18586)
Hash 005186c73d00e12af11c4a5ff2b77dd0
871eaa6d4d6be51b141ffac9aaead6509bac8ea1
24539433fce4b27fc6c4a4c471eb078a394d562681dc15f3b7f1fc1550ab41f2
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 18809
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
103.6.198.170200 OK 25 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type HTML document, ASCII text, with very long lines (24607)
Hash ea712686ca9d325fddb57ce9be2b52c1
beccce00da22a7994cd0e09c1fe90b43df56bcf3
9af25ef0d99c5ef2c6f3b595b1716009858fc4bc71838ffcd61706bda396d261
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 24828
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
103.6.198.170200 OK 36 kB URL HTTP/2 www.theklaganriverson.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type ASCII text, with very long lines (35947)
Hash a236bd4097fcbfb009f64238dc4443a1
ddbeeaa10749e4a74fe624ced0531b9243235dd2
2c3f3b95a692312d9b75815ecb949a40c2a701ff148fe865fde55556c810a22c
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 36172
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
platform-api.sharethis.com/js/sharethis.js
54.230.111.65200 OK 176 kB URL HTTP/2 platform-api.sharethis.com/js/sharethis.js
IP 54.230.111.65:0
Size 176 kB (176111 bytes)
Hash 4a67f8e03fffca4ad953c3f168a5d12d
47e39d87b9a4ec0017b0a8be7578c4224bbfe14c
d64f3e1c0af7188e5a35d0905f22130abe4bb43a9dbee77062b5bc9454c2bed5
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
cache-control: max-age=600, public
date: Thu, 10 Nov 2022 03:11:45 GMT
etag: W/"302c5-xv+434/YRClN3FoC1ia4zCamsAQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VjqpgvEtHARTknAgL6kX-3YtfXVAGehj-YR1TXyuWZpNEI3_ZSA0ig==
age: 122
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:21 GMT
expires: Thu, 09 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 27567
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 17:10:21 GMT
expires: Wed, 08 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 122607
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Hash 716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
content-type: font/woff2
age: 29999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 29999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
counter.websiteout.net/compte.php?S=www.theklaganriverson.com&C=17&D=6&N=5000&M=0
37.59.42.71200 OK 3.7 kB URL HTTP/1.1 counter.websiteout.net/compte.php?S=www.theklaganriverson.com&C=17&D=6&N=5000&M=0
IP 37.59.42.71:0
File type PNG image data, 60 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash 4ce3bf6f4025889c7a512feb63c7e7e8
bfd0ac9ded3892beb8e7f653149faf687304f07d
1696f9c819f3bae17bf31be656f3180cae1c059c6bf184e18348bd5a105f5f84
GET /compte.php?S=www.theklaganriverson.com&C=17&D=6&N=5000&M=0 HTTP/1.1
Host: counter.websiteout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 03:13:48 GMT
Server: Apache
P3P: CP="DSP COR NID CURa"
Set-Cookie: CookieLastTime=1668050028; expires=Sat, 09-Nov-2024 03:13:48 GMT
Content-Length: 3688
Keep-Alive: timeout=1, max=50
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.theklaganriverson.com/wp-content/uploads/2017/05/cropped-theklagan@riverson-1.png
103.6.198.170200 OK 13 kB URL HTTP/2 www.theklaganriverson.com/wp-content/uploads/2017/05/cropped-theklagan@riverson-1.png
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type PNG image data, 320 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d1703021c835ed39f40cfcf2afa6774
5824111749f31dae671fb8ee5e730b3c065d6ead
b0829c73c13025c09573eeda2369a5b6eb17812dc8ad6f2bef21edea34f9fb6f
GET /wp-content/uploads/2017/05/cropped-theklagan@riverson-1.png HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 27 May 2017 03:36:20 GMT
accept-ranges: bytes
content-length: 12718
content-type: image/png
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/fonts/fontawesome-webfont.woff?v=4.2.0
103.6.198.170200 OK 66 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/fonts/fontawesome-webfont.woff?v=4.2.0
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type Web Open Font Format, TrueType, length 65452, version 1.0\012- data
Hash d95d6f5d5ab7cfefd09651800b69bd54
7d65e0227d0d7cdc1718119cd2a7dce0638f151c
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
GET /wp-content/plugins/easy-bootstrap-shortcodes/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/font-awesome.min.css?ver=5.3.14
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 May 2017 08:25:24 GMT
accept-ranges: bytes
content-length: 65452
content-type: font/woff
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/leaflet-maps-marker/leaflet-dist/images/marker-shadow.png
103.6.198.170200 OK 1.6 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/leaflet-maps-marker/leaflet-dist/images/marker-shadow.png
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type PNG image data, 51 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 068bc9a5bfadc9d1d61a0fd1f6d0e19b
0313f1f868ef969d628a32fd2330697ca8723383
90a4689ec744325f419642e397f96083218c0b33c592aaf76b4ea09e7e4a77bc
GET /wp-content/plugins/leaflet-maps-marker/leaflet-dist/images/marker-shadow.png HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Dec 2019 01:13:26 GMT
accept-ranges: bytes
content-length: 1621
content-type: image/png
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/leaflet-maps-marker/leaflet-dist/images/marker.png
103.6.198.170200 OK 931 B URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/leaflet-maps-marker/leaflet-dist/images/marker.png
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type PNG image data, 32 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash bc11d9b074fcc84f58ce1b1ca1c977a4
dab182f41bb8f49b22cc0cb840128fdc8b9f9165
3d6680dd5a6c5e9a2ffdb86671d9397bfdc0019741084301385bbecf57646c3e
GET /wp-content/plugins/leaflet-maps-marker/leaflet-dist/images/marker.png HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Dec 2019 01:13:26 GMT
accept-ranges: bytes
content-length: 931
content-type: image/png
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/uploads/2017/06/Gleneagles_06.jpg
103.6.198.170200 OK 325 kB URL HTTP/2 www.theklaganriverson.com/wp-content/uploads/2017/06/Gleneagles_06.jpg
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, xresolution=286, yresolution=294, resolutionunit=2, software=DxO ViewPoint 3, datetime=2017:01:17 13:02:01, GPS-Data], baseline, precision 8, 1600x1060, components 3\012- data
Size 325 kB (324953 bytes)
Hash 91973f664f652da4608cc8254a49b25b
7ffda480aa8540bf0c8a255e4cd175dbff175e42
94780a42be15c8ca8a791b12b2718ddfddc3606bdd18cedf9845aedd630069d5
GET /wp-content/uploads/2017/06/Gleneagles_06.jpg HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2017 07:56:36 GMT
accept-ranges: bytes
content-length: 324953
content-type: image/jpeg
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/uploads/2017/05/SOHO_30.jpg
103.6.198.170200 OK 332 kB URL HTTP/2 www.theklaganriverson.com/wp-content/uploads/2017/05/SOHO_30.jpg
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, xresolution=286, yresolution=294, resolutionunit=2, software=Adobe Photoshop CS5 Macintosh, datetime=2017:01:17 16:46:44, GPS-Data], baseline, precision 8, 1600x1060, components 3\012- data
Size 332 kB (332251 bytes)
Hash fa92e933be5e514c929b8116dbe543f1
faa928932a14c765548fdd086cc34eb55178f356
501c98cbded913b18fce71251addc2733aaf2b96b1876a10ad49abac1f697b1d
GET /wp-content/uploads/2017/05/SOHO_30.jpg HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 May 2017 06:06:42 GMT
accept-ranges: bytes
content-length: 332251
content-type: image/jpeg
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/uploads/2017/06/Kanawi_22.jpg
103.6.198.170200 OK 130 kB URL HTTP/2 www.theklaganriverson.com/wp-content/uploads/2017/06/Kanawi_22.jpg
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, xresolution=286, yresolution=294, resolutionunit=2, software=Adobe Photoshop CS5 Macintosh, datetime=2017:01:18 11:27:45, GPS-Data], baseline, precision 8, 1600x1059, components 3\012- data
Size 130 kB (129896 bytes)
Hash 684da8dd210a3a27bf0fa9b74f1aa15a
dd921ec77cda2ad124eada582bcf5180344f31d2
28788f176d52950368d411b9edbb93f150e544195ffc8969f81be9af350e3f54
GET /wp-content/uploads/2017/06/Kanawi_22.jpg HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2017 07:56:31 GMT
accept-ranges: bytes
content-length: 129896
content-type: image/jpeg
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/img/progress.gif
103.6.198.170200 OK 2.6 kB URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/img/progress.gif
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type GIF image data, version 89a, 31 x 31\012- data
Hash db34c77121e2269e4fc8d35e6883ea53
e80104eb3e6ced8d80b955f9826389b34e2d7845
bcfc4de3a54e646b8fd90b6869593d1150cbddafb1bc4e50f79297d81ea4473b
GET /wp-content/plugins/easy-fullscreen-slider/assets/img/progress.gif HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/css/supersized.css?ver=2.0.1
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2017 07:16:48 GMT
accept-ranges: bytes
content-length: 2608
content-type: image/gif
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
103.6.198.170200 OK 23 B URL HTTP/2 www.theklaganriverson.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type gzip compressed data, max compression\012- data
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 19 Sep 2019 12:49:18 GMT
accept-ranges: bytes
content-length: 99133
content-type: application/javascript
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 0f784728dbb4971eb8dd8eea895a9790
7b7847e0ba521a63c9e3af46f88e56ee159e2f80
88e9b80657543537b36e64ec6331a4f3b46f2e3295e1c94c292aa1dcd4f2bf56
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146887
Date: Thu, 10 Nov 2022 03:13:49 GMT
Etag: "636bedb2-1d7"
Expires: Fri, 11 Nov 2022 20:01:56 GMT
Last-Modified: Wed, 09 Nov 2022 18:13:06 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: f-fB5KJ75-bHcVVQOy5CGWT9xs8Ej_V0kRFEiXjqB8d3Tjn0dX1w4Q==
Age: 6530
l.sharethis.com/pview?event=pview&hostname=www.theklaganriverson.com&location=%2Fxacces%2FDe4lt%2Fb9.php&product=ga&url=https%3A%2F%2Fwww.theklaganriverson.com%2Fxacces%2FDe4lt%2Fb9.php&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Page%20not%20found&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en
18.193.4.227204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&hostname=www.theklaganriverson.com&location=%2Fxacces%2FDe4lt%2Fb9.php&product=ga&url=https%3A%2F%2Fwww.theklaganriverson.com%2Fxacces%2FDe4lt%2Fb9.php&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Page%20not%20found&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en
IP 18.193.4.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=www.theklaganriverson.com&location=%2Fxacces%2FDe4lt%2Fb9.php&product=ga&url=https%3A%2F%2Fwww.theklaganriverson.com%2Fxacces%2FDe4lt%2Fb9.php&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Page%20not%20found&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://www.theklaganriverson.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 10 Nov 2022 03:13:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
www.theklaganriverson.com/wp-content/uploads/2017/06/Asset-6@512x-100-150x150.jpg
103.6.198.170200 OK 6.1 kB URL HTTP/2 www.theklaganriverson.com/wp-content/uploads/2017/06/Asset-6@512x-100-150x150.jpg
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 0c5cab1e583b4f935f73ea29f55f3dd5
dae3364f10b4c802ff1a81021a6f25d2ffb96f3e
7e9c96b51863c844a21aec81f60a77873715703ba61867ef43f78a3f59a7b00e
GET /wp-content/uploads/2017/06/Asset-6@512x-100-150x150.jpg HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2017 08:15:39 GMT
accept-ranges: bytes
content-length: 6128
content-type: image/jpeg
date: Thu, 10 Nov 2022 03:13:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/uploads/2017/06/Asset-6@512x-100.jpg
103.6.198.170200 OK 96 kB URL HTTP/2 www.theklaganriverson.com/wp-content/uploads/2017/06/Asset-6@512x-100.jpg
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 509x509, segment length 16, baseline, precision 8, 492x513, components 3\012- data
Hash a41b99dff387eccfff12882f0d942493
d887eeec2f8a0b7504cf960400bf8188ba13a235
61d4fee270a3f3ea9f4e94a8d219a20cec37a29be6d36625cd3017b9b29a2e43
GET /wp-content/uploads/2017/06/Asset-6@512x-100.jpg HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2017 08:15:39 GMT
accept-ranges: bytes
content-length: 95765
content-type: image/jpeg
date: Thu, 10 Nov 2022 03:13:49 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.theklaganriverson.com/?ga_action=googleanalytics_get_script
103.6.198.170200 OK 20 kB URL HTTP/2 www.theklaganriverson.com/?ga_action=googleanalytics_get_script
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Hash 3adce5e08dfd73381f4a891796879180
91b6bd59e51ef2bd269b0998b9c1e39e15509643
9341566bbbd5d628e32d69657464f2f91aea2e210773712ebcc952de9b1a3ed5
POST /?ga_action=googleanalytics_get_script HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 33
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=2136698418&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theklaganriverson.com%2Fxacces%2FDe4lt%2Fb9.php&ul=en-us&de=UTF-8&dt=Page%20not%20found&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1164687811&gjid=1595510191&cid=1041043835.1668050027&tid=UA-61858120-40&_gid=1199667291.1668050027&_r=1&_slc=1&z=1130851755
142.250.74.174200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=2136698418&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theklaganriverson.com%2Fxacces%2FDe4lt%2Fb9.php&ul=en-us&de=UTF-8&dt=Page%20not%20found&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1164687811&gjid=1595510191&cid=1041043835.1668050027&tid=UA-61858120-40&_gid=1199667291.1668050027&_r=1&_slc=1&z=1130851755
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=2136698418&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theklaganriverson.com%2Fxacces%2FDe4lt%2Fb9.php&ul=en-us&de=UTF-8&dt=Page%20not%20found&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1164687811&gjid=1595510191&cid=1041043835.1668050027&tid=UA-61858120-40&_gid=1199667291.1668050027&_r=1&_slc=1&z=1130851755 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.theklaganriverson.com
date: Thu, 10 Nov 2022 03:13:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7c89768eee117880b59f8644d2138e52
49a829a38293c8f1eb86dbbccc82017f1d5d86bb
c512960cca090441f3c7e9ffea25448965eb4068d1506b8afa6d391b3c3a07be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61858120-40&cid=1041043835.1668050027&jid=1164687811&gjid=1595510191&_gid=1199667291.1668050027&_u=IEBAAEAAAAAAACAAI~&z=2020048957
64.233.165.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61858120-40&cid=1041043835.1668050027&jid=1164687811&gjid=1595510191&_gid=1199667291.1668050027&_u=IEBAAEAAAAAAACAAI~&z=2020048957
IP 64.233.165.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61858120-40&cid=1041043835.1668050027&jid=1164687811&gjid=1595510191&_gid=1199667291.1668050027&_u=IEBAAEAAAAAAACAAI~&z=2020048957 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.theklaganriverson.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Nov 2022 03:13:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 82c95295023c4cedd687b9796d0bf912
87e16cfd5b5e0cc4944001914579e4312f9158d4
3339bdad2df7c661a441e902f5bc4c2a94ae6676099a64901a85b50800a6b982
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/bootstrap.min.css?ver=5.3.14
103.6.198.170200 OK 0 B URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/bootstrap.min.css?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
GET /wp-content/plugins/easy-bootstrap-shortcodes/styles/bootstrap.min.css?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 May 2017 08:25:24 GMT
accept-ranges: bytes
content-length: 118202
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
theklaganriverson.com/xacces/De4lt/b9.php
103.6.198.170301 Moved Permanently 0 B URL HTTP/2 theklaganriverson.com/xacces/De4lt/b9.php
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Analyzer Verdict Alert fortinet Malware
GET /xacces/De4lt/b9.php HTTP/1.1
Host: theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
set-cookie: PHPSESSID=6b1020e6e993f86a29911bfc7ff868ab; path=/
location: https://www.theklaganriverson.com/xacces/De4lt/b9.php
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 03:13:44 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php?ver=5.3.14
103.6.198.170200 OK 0 B URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php?ver=5.3.14
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php?ver=5.3.14 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/css;charset=UTF-8
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2
www.theklaganriverson.com/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.5.3
103.6.198.170200 OK 0 B URL HTTP/2 www.theklaganriverson.com/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.5.3
IP 103.6.198.170:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
GET /wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.5.3 HTTP/1.1
Host: www.theklaganriverson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Dec 2019 01:03:08 GMT
accept-ranges: bytes
content-length: 67158
content-type: text/css
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2