Overview

URLtheklaganriverson.com/xacces/De4lt/b9.php
IP 103.6.198.170 (Malaysia)
ASN#46015 Exa Bytes Network Sdn.Bhd.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-10 03:13:53 UTC
StatusLoading report..
IDS alerts0
Blocklist alert39
urlquery alerts No alerts detected
Tags None

Domain Summary (20)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
theklaganriverson.com (2) 0 2017-08-08 11:42:32 UTC 2022-11-09 02:34:21 UTC 103.6.198.170 Unknown ranking
www.theklaganriverson.com (73) 0 2017-09-02 13:32:04 UTC 2022-10-27 18:03:36 UTC 103.6.198.170 Unknown ranking
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-09 14:11:53 UTC 142.250.74.132
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
l.sharethis.com (1) 4794 2012-05-21 21:59:04 UTC 2019-11-04 03:55:33 UTC 18.193.4.227
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ocsp.pki.goog (17) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
counter.websiteout.net (2) 514262 2017-02-18 12:50:24 UTC 2022-11-09 22:45:05 UTC 37.59.42.71
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-09 23:07:48 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
fonts.gstatic.com (4) 0 2014-09-09 00:40:21 UTC 2022-11-10 00:18:03 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-09 05:26:04 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.162.125.72
ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-11-09 23:42:40 UTC 216.58.207.202
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-09 21:20:30 UTC 142.250.74.10
r3.o.lencr.org (5) 344 No data No data 23.36.76.226
platform-api.sharethis.com (1) 5118 2021-08-11 10:47:11 UTC 2022-11-09 07:01:17 UTC 54.230.111.65
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-09 18:55:02 UTC 142.250.74.174
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-09 21:15:56 UTC 64.233.165.156
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-10 2 theklaganriverson.com/xacces/De4lt/b9.php Malware
2022-11-10 2 www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/ (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-content/uploads/master-slider/custom.css?ver=2.9 Malware
2022-11-10 2 www.theklaganriverson.com/wp-content/plugins/simple-lightbox/client/css/app (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-content/plugins/to-top/public/js/to-top-public (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver= (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ve (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/xacces/De4lt/b9.php Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver= (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-transfer.min.js?v (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver= (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver= (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/ (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-explode.min.js?ve (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/dist/a11y.min.js?ver=2.5.1 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/js/b (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/droppable.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver= (...) Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4 Malware
2022-11-10 2 www.theklaganriverson.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 Malware
2022-11-10 2 theklaganriverson.com/xacces/De4lt/b9.php Malware
2022-11-10 2 www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/styl (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 103.6.198.170
Date UQ / IDS / BL URL IP
2023-01-04 00:39:04 +0000 0 - 0 - 2 iau-asia.edu.my/.well-known/e4s/live/login.php 103.6.198.170
2022-12-27 03:26:33 +0000 0 - 0 - 1 bmmmservices.com/pish/One-Drive-Arab/oneddriv (...) 103.6.198.170
2022-12-27 02:26:08 +0000 0 - 0 - 1 mkcoating.com/log/office365/login.php 103.6.198.170
2022-12-14 16:46:53 +0000 0 - 0 - 26 mylivinghope.com.my/efax/login.php 103.6.198.170
2022-12-14 03:09:05 +0000 0 - 0 - 26 mylivinghope.com.my/efax/login.php 103.6.198.170


Last 5 reports on ASN: Exa Bytes Network Sdn.Bhd.
Date UQ / IDS / BL URL IP
2023-02-04 05:31:13 +0000 0 - 2 - 0 nightfame.com/style/researcher-earns-120k-in- (...) 103.6.196.236
2023-02-04 05:11:10 +0000 0 - 0 - 2 edutapps.my/Chose-Information-com/dhl%20scam% (...) 137.59.109.162
2023-02-02 04:46:56 +0000 0 - 0 - 1 aimsmotion.com.my/images/slider/index.php 103.6.198.132
2023-02-01 13:13:38 +0000 0 - 0 - 1 wgresourcesmm2h.com/en/el/BOTW/login.php 103.6.196.163
2023-02-01 02:43:53 +0000 0 - 0 - 31 sahc.edu.my/ 43.252.214.219


Last 1 reports on domain: theklaganriverson.com
Date UQ / IDS / BL URL IP
2022-11-10 03:13:53 +0000 0 - 0 - 39 theklaganriverson.com/xacces/De4lt/b9.php 103.6.198.170


No other reports with similar screenshot

JavaScript

Executed Scripts (66)

Executed Evals (1)
#1 JavaScript::Eval (size: 494) - SHA256: 8df240eccde291f30af71a22f6e3bb111031c5034f367e8c4c9a0406fb2e817b
(function() {
    (function(i, s, o, g, r, a, m) {
        i['GoogleAnalyticsObject'] = r;
        i[r] = i[r] || function() {
            (i[r].q = i[r].q || []).push(arguments)
        }, i[r].l = 1 * new Date();
        a = s.createElement(o),
            m = s.getElementsByTagName(o)[0];
        a.async = 1;
        a.src = g;
        m.parentNode.insertBefore(a, m)
    })(window, document, 'script', 'https://google-analytics.com/analytics.js', 'ga');

    ga('create', 'UA-61858120-40', 'auto');
    ga('send', 'pageview');
})();

Executed Writes (1)
#1 JavaScript::Write (size: 183) - SHA256: d849c36d8bd2023805a78bff3ed59e83b2883b3c9865af88c20cb680a52bdbee
< a href = "https://www.websiteout.net/counter.php" > < img src = "//counter.websiteout.net/compte.php?S=www.theklaganriverson.com&C=17&D=6&N=5000&M=0"
alt = "web hit counter"
border = "0" / > < /a>


HTTP Transactions (123)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5181
Expires: Thu, 10 Nov 2022 04:40:03 GMT
Date: Thu, 10 Nov 2022 03:13:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5996
Cache-Control: max-age=118638
Date: Thu, 10 Nov 2022 03:13:42 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:11:00 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8350
Expires: Thu, 10 Nov 2022 05:32:52 GMT
Date: Thu, 10 Nov 2022 03:13:42 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 334efeUSNUoyKMvmSC3Nl2GPvdnREWXsbrwXwAbe3L2SbcRbzlijzDvUt2zZNjeMEavPCpSuEhwwUMsetChlGA==
x-amz-request-id: JKVQWPJ7GS086HX9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 02:49:13 GMT
age: 1469
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 10 Nov 2022 03:13:42 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 19
Cache-Control: max-age=107606
Date: Thu, 10 Nov 2022 03:13:42 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 09:07:08 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sK8emAP6ZVxzE90bYO966Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.162.125.72
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: O8bVbspbkTRp/XrZokPpo/pYghw=

                                        
                                            GET /xacces/De4lt/b9.php HTTP/1.1 
Host: theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         103.6.198.170
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 10 Nov 2022 03:13:42 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=f96a7f30a170e23af929432fe287ba8c; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://theklaganriverson.com/xacces/De4lt/b9.php
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14654
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 03:13:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14654
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 03:13:44 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kZPJ95WwFXhxoBwZIeTN2iRl3-XFPmooKSeFtLu3wIm4b8nabFY2mA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:29 GMT
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
age: 19635
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8242
Md5:    feb275cc5fa7b13e70522cb76f001bbc
Sha1:   80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
Sha256: a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8875
x-amzn-requestid: 1374243f-4fd8-4405-8f8a-946a8f92c457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniEw2oAMFtfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-195c58a826eae13b58d21aa0;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MfDIK2PCS_o7UuNXVSNOb3YbR_P8vlF7xw75qf8WdbjRr8hzCVYu6A==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:28 GMT
age: 19636
etag: "5dd8989fb1129638361c16ad2a1fde93a4c4aafd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8875
Md5:    2917b487c605eb7f53d20ff3b4fbfef0
Sha1:   5dd8989fb1129638361c16ad2a1fde93a4c4aafd
Sha256: aaf620d791f23829e15a454b3faf5b47a0f00ff37ada91d6de5c62c322fe90ff
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7987
x-amzn-requestid: 6a465dcd-6a4e-49fb-9fa9-169678d39b5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlo7HBFIAMFSQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9f-4ffe8f2534aeaef73329a8cd;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:19 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WrcaH4gahZqvIVMBFxF5zwB7IXujbT64xDOL8WmuQajijIyEK7Or3g==
via: 1.1 637ef0a7bc474e9a314fa064b65e8082.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:47:28 GMT
age: 19576
etag: "94c0ee5c14e8e8cdf95883582ba8084cc5867f93"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7987
Md5:    d68ac59950c3276cd8f92b777a004df1
Sha1:   94c0ee5c14e8e8cdf95883582ba8084cc5867f93
Sha256: b02d6d61c1fae8260d1fc30c0a78ebbc3482a3aa0acafb58d8269942ff8e732b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y5MD-207EEHTD7hC8z0SzYCHA0JdOpYRrUhYDwo0cQ9ITGRbtQ-McA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:28 GMT
age: 19636
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11316
Md5:    848af62ec10d0c297922f8600b6ad12d
Sha1:   4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
Sha256: a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9360
x-amzn-requestid: ab27926c-6cd1-4817-a5ff-aa47f666f337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpOGmjoAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca1-5835f3a814659500346d44e8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kr6uTOkWhcF7u0oUSM4SJSomIPdx6cnVNYQrGqcui8c65fr-soPOuQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:45:34 GMT
age: 19690
etag: "71dc8a32634a72c2092ef90a4f46250599b523f6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9360
Md5:    61e58563ce83ab22c1604920db81f8e5
Sha1:   71dc8a32634a72c2092ef90a4f46250599b523f6
Sha256: ddbb9d12368a95d38b94398274524862a28da41f22062d0096ac0c7052e2ca3b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11722
x-amzn-requestid: bdba30aa-7c54-4163-8c09-e2c8948bba5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlomHKfoAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9d-0497f5bc1d5c2fab268fb451;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GK6WMqg_ip9Lcv1UYCQMfdXqRsoxYKhv2fIaqz5tUx_HHw0Cv99Hcg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:50:11 GMT
age: 19413
etag: "a19bc4b970a451dc7fe45dd7e72a5640ee6c4cae"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11722
Md5:    d7af9a4c649c9ff2f48006dffde7fe73
Sha1:   a19bc4b970a451dc7fe45dd7e72a5640ee6c4cae
Sha256: 1ccf9503c2ecaeb6f64a8e4194575908ca8746c69bf2b6fb1a6a59cf2408dc2d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.css?ver=5.3.14 HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.202
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 8060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 08:54:27 GMT
expires: Thu, 09 Nov 2023 08:54:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 65960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2363)
Size:   8060
Md5:    1930141d1ccd3409ebbe8c2db4c43fcf
Sha1:   8d6b59aa365bf686ab7408353fd232d7ca7feab5
Sha256: f2094ee57e84b8403b58f45dbe68411e3b02fe3f0cb465fdec48b206ab66d48f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7C6D344B2EF93C89612D572641A1BADF3E409CE0273EA09E653F249326D62BAC"
Last-Modified: Wed, 09 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7575
Expires: Thu, 10 Nov 2022 05:20:02 GMT
Date: Thu, 10 Nov 2022 03:13:47 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/easy-fullscreen-slider/assets/css/supersized.css?ver=2.0.1 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 02 Jun 2017 07:16:37 GMT
accept-ranges: bytes
content-length: 1437
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1437
Md5:    d72b4bbd02a925c62a435aa4197e555d
Sha1:   7c4d5db4e2c1731a57d294c18a8747d6633edd1c
Sha256: d09763235b438f4ae7c0c0d40f1c6952da712513325a7e6bf3203b374125efba

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/17/6/5000/0 HTTP/1.1 
Host: counter.websiteout.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         37.59.42.71
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Thu, 10 Nov 2022 03:13:47 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="DSP COR NID CURa"
Content-Length: 216
Keep-Alive: timeout=1, max=50
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   216
Md5:    13b353222c2cfe272c1571014f93df65
Sha1:   8226c4b0d016299dd5bc6dc53815602ff1cd815e
Sha256: ca1532ead9657cfda8d0938cb608593425a32197330a47bc5f39b294b97056f0
                                        
                                            GET /jsapi?key=AIzaSyCyFBVWZKyHFsv4Q8KCo2KCVm450JMlJ3k&ver=3.7 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://www.gstatic.com/charts/loader.js?key=AIzaSyCyFBVWZKyHFsv4Q8KCo2KCVm450JMlJ3k&ver=3.7
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 03:13:47 GMT
expires: Thu, 10 Nov 2022 03:43:47 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   293
Md5:    f2d5226326757228916d2c56668e07aa
Sha1:   3c1dfbff436af62a81ab3f864d6aeeb8edbf1211
Sha256: 76b876991bee3f177c4aadac09e28582d7293addd2ace1795e980a140d061ff8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /charts/loader.js?key=AIzaSyCyFBVWZKyHFsv4Q8KCo2KCVm450JMlJ3k&ver=3.7 HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.theklaganriverson.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
date: Thu, 10 Nov 2022 03:13:47 GMT
expires: Thu, 10 Nov 2022 04:13:47 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2134)
Size:   19937
Md5:    f3341efa0432876b1697ccec98c33b01
Sha1:   55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
Sha256: 6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/easy-bootstrap-shortcodes/styles/font-awesome.min.css?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 22 May 2017 08:25:24 GMT
accept-ranges: bytes
content-length: 21984
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21822)
Size:   21984
Md5:    feda974a77ea5783b8be673f142b7c88
Sha1:   b71d1c7c315b67c614563382d1c2a868ac14d729
Sha256: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
                                        
                                            GET /wp-content/plugins/to-top/public/css/to-top-public.css?ver=2.0 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 28 Dec 2019 01:03:13 GMT
accept-ranges: bytes
content-length: 978
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   978
Md5:    658ed7c8d9872eb232101d85f58c8cc5
Sha1:   8bced14987dea1d915c41a32a667d5a37891f2ae
Sha256: 876822ac9010888cdd45fc9f3c4888616364d6f481f1f4caacaeff1a3192e62d
                                        
                                            GET /wp-content/uploads/master-slider/custom.css?ver=2.9 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 28 Dec 2019 01:03:26 GMT
accept-ranges: bytes
content-length: 433
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   433
Md5:    a9f9b51cb59b1dfc97d4366b596873e7
Sha1:   48821c46a2ff0d560898f783fe9635c81a5b5ec4
Sha256: d2813dd046b540ab28bfc1de4b7b7cc2e85360873419f4589f3e6e1c39572e51

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.6.0 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 22 May 2017 08:27:34 GMT
accept-ranges: bytes
content-length: 232
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   232
Md5:    47f1feb5aaf7fb422aad353e698138de
Sha1:   8b77ee83100e8286bc80df691929aa655e21c9de
Sha256: 570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/agentpress-pro/js/responsive-menu.js?ver=1.0.0 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 22 May 2017 03:32:25 GMT
accept-ranges: bytes
content-length: 765
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   765
Md5:    4e8ddd793b4a5fffadf5e4fd6322c500
Sha1:   e760782c82b4ef6ed6dddd971145f22722de23dc
Sha256: e6b9e2a111a02600e8e0f48610a521300d66431c4f907cdccc0b0fa162018c14
                                        
                                            GET /wp-includes/js/dist/dom-ready.min.js?ver=2.5.1 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 11 Sep 2021 13:24:59 GMT
accept-ranges: bytes
content-length: 1169
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1169), with no line terminators
Size:   1169
Md5:    0d9ef672806b1357c5badde6095b5bbe
Sha1:   b31fc6d14197dc12648019a98d274f6dd001f604
Sha256: f375aeaa275ea51a86150030cdb627cae120dc3b2d3d346821f16731fa2d1d75
                                        
                                            GET /wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.0 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Dec 2019 01:03:13 GMT
accept-ranges: bytes
content-length: 2288
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2288
Md5:    d57ea8be4223524c97a28d4bcbe46825
Sha1:   b750ecd609b7245b8fcfd5f9c148b36a5dbbf2ec
Sha256: 4e263a75e29fff467d615ae2b7c503c4e98ea972e25ec82db02197d1f0db058a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/easy-fullscreen-slider/assets/css/supersized.shutter.css?ver=2.0.1 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 02 Jun 2017 07:16:37 GMT
accept-ranges: bytes
content-length: 4758
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (355)
Size:   4758
Md5:    8e753ad3f6812de3fd50398fc4a63d38
Sha1:   521017d8cf0284dab80c152bd5a0a2a96a79c492
Sha256: 0f78a0b20a03db7a5a34c293a2a0c25e61c361aeccd13f85b609ba7e6ce0fd6b
                                        
                                            GET /wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 908
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (680)
Size:   908
Md5:    880adcd48ca0fd326f23014530986704
Sha1:   6530e7de017d4827dc8931758fae51a5c39ca322
Sha256: a0b0d9da31851f55a0be971e91c668c325b078838af5b4a306cbae1acb7c53d5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 1129
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (899)
Size:   1129
Md5:    e36fd7a0d8b7418ec9ddff4f77600c8c
Sha1:   89e2d38b1defefcec512086ab2681f56ed3e7ba7
Sha256: 3d5c5de31ad9d64a23beda3d8ec60183ca3ca1d19777d15e3ef4bf42c27924a8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 794
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (560)
Size:   794
Md5:    9cd7fda530044a85e536effcd530fccc
Sha1:   aed8161e5436998ef72dcd96d561c77298ec58be
Sha256: 8342752af4f86e651337e9e067df248ecac71f9a2ea1c354caaf33ae8201d566

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 05 Oct 2019 19:31:04 GMT
accept-ranges: bytes
content-length: 789
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (551)
Size:   789
Md5:    9b1d4283702ba049f9d88e0a75d05f81
Sha1:   c618a96e7ea6de46cba133d60a5eb469aae73389
Sha256: cf059121b52a5e1264b775819c2ad5a6449eb26fa1618bc6b85c8880099bb925
                                        
                                            GET /wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 1242
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1010)
Size:   1242
Md5:    add6542db50a3d3ec13c0a8cd6bee6dd
Sha1:   e9a4ce67acf1713cffefa7ee80a45000b8824df6
Sha256: 3bc0360d3c8667fa0f9489b0910550f12cb3b1c79fe7bd41191b649e2f371b5b
                                        
                                            GET /wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 1025
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (797)
Size:   1025
Md5:    1e3331f2e2bb06e352835f8a1957a7c3
Sha1:   92e5d7294c4013c224cc62874877aeb2b5fc824d
Sha256: 9025a09743d7756dfca719884ab0c26cba79114b49b6f865c166876db0e0c57d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 991
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (763)
Size:   991
Md5:    0168ce283eee1a9c82a7cb377de13afc
Sha1:   2d07b077d1cc10c4ea434be14e84f3bcb0ce20c0
Sha256: a6b733ac446743853f938caa85bf7d978f3d168b4099b90dc3657c5de69a57de

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /xacces/De4lt/b9.php HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         103.6.198.170
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.theklaganriverson.com/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384; path=/
date: Thu, 10 Nov 2022 03:13:45 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1902), with CRLF, LF line terminators
Size:   40807
Md5:    cd29d56e787950b8e4be0c8d9e30307f
Sha1:   486ebde47448bed782520bc27077111cec415d4e
Sha256: 44c5616d5bf74af0c7c74627938e6411a10c35330acbe4ca84500e6f43fcb05a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 1109
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (879)
Size:   1109
Md5:    99dd1a11f49db0bc9b8a6ad749ac1be8
Sha1:   976e7c5c4af5a0970a1aa16168036dd7ebc19aa6
Sha256: 981273245f40043b454460f0f3bc7686ca73c05246ac7ac924f491086431e361

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 857
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (621)
Size:   857
Md5:    e81b0a5f159ddd53d9304015ed097366
Sha1:   18eb17bd3c34275f779694808bc73cc75dabbc90
Sha256: 9e20a504411a4d12e6a44c59cb44d87bcf2ee78a8c73397eb68b24d3a9b8512d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 05 Oct 2019 19:31:04 GMT
accept-ranges: bytes
content-length: 515
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   515
Md5:    8a30f21e345577b420a78c5aba2b3156
Sha1:   cfb158c44beb76328bf092a9a1ae3e5e22881425
Sha256: e1618154fbb42d1eac52d4e9a1438f1fcac0ba61dc613f9acf05cefb3c17d30f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 1101
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (871)
Size:   1101
Md5:    135cd16b6964aa75eed598f33997be7d
Sha1:   b02471c7165887f0a44c504496ccf9243de7a608
Sha256: 18e2b418fef1f7399ca3e58b26e440a2be4af59c32aa82c28db587744fcaf558

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/easy-fullscreen-slider/assets/js/jquery.easing.min.js?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 02 Jun 2017 07:16:48 GMT
accept-ranges: bytes
content-length: 7046
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO-8859 text, with very long lines (3601)
Size:   7046
Md5:    ec64dc8377266f617caf00ebc5067a14
Sha1:   fb6ebf42d2da04eee38b8fabc0c09dd9e433a9e4
Sha256: a7c016be6c9693535e2a8abce5814c71290f76bb8259e907dfa092f3c3633447
                                        
                                            GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 959
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (729)
Size:   959
Md5:    a0077303ca9ea5bd6da34ee026a418de
Sha1:   ac58e0ac80296a2736a1298ec10152c5b6ffe63a
Sha256: 5670e5f8a3ebd1c6a99db1d2d20ae73d1c498c45e200bbf505f6e6278cde5dd5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/easy-fullscreen-slider/assets/js/supersized.shutter.min.js?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 02 Jun 2017 07:16:48 GMT
accept-ranges: bytes
content-length: 7266
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7015)
Size:   7266
Md5:    d9c13311b3930f2de79f7588418ea38d
Sha1:   8c96679964281555f310c99ad1e0bc4f0dbf49a9
Sha256: 0fad9c3f587cfe632783eeef018e55a5316967a924181ab7715d1ce4b2f245b4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 05 Oct 2019 19:31:04 GMT
accept-ranges: bytes
content-length: 1169
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (935)
Size:   1169
Md5:    2f68b680e67f09ced628d98b2bb456ff
Sha1:   640aa4cf0905a4a13e31937aba00ac09c2bef703
Sha256: 23a26cf5689c7598d73e6ef9c0ff8f0fd1b4e9f0c751e354a5a40c30e03215ae

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 05 Oct 2019 19:31:04 GMT
accept-ranges: bytes
content-length: 2468
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2241)
Size:   2468
Md5:    34c78c33e7c97e65a369bb0137d93d05
Sha1:   cacc3f34a1d55aa06284d107c4b2c240a179df0c
Sha256: 32e3e9f84b34b2f8a432a8e6383f3c909ca4d1fa9d980d81713c0d991972a424

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 20 May 2016 03:41:28 GMT
accept-ranges: bytes
content-length: 10056
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959)
Size:   10056
Md5:    7121994eec5320fbe6586463bf9651c2
Sha1:   90532aff6d4121954254cdf04994d834f7ec169b
Sha256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/dist/a11y.min.js?ver=2.5.1 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 11 Sep 2021 13:25:00 GMT
accept-ranges: bytes
content-length: 2236
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2235), with no line terminators
Size:   2236
Md5:    77ade69b82132d8900e4912616e521d2
Sha1:   21fc5d16211397753e08867611cacdeb948b2ea5
Sha256: 35d465a38a7c5a084e7fd7888a450d96ed5cefd82291b250df1a10c5782dd780

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/leaflet-maps-marker/leaflet-dist/leaflet.css?ver=3.12.2 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 28 Dec 2019 01:13:26 GMT
accept-ranges: bytes
content-length: 13523
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   13523
Md5:    692227961c7909e4bbf67552519b8ad2
Sha1:   f365f6d1cfa500b7a77fb8b9a9e6de178f17667c
Sha256: 8e4965bb8f670bcbd0cd85e348a79c9689f731a5a1b09e5764ccb0adfeee2f21
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 1391
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391), with no line terminators
Size:   1391
Md5:    570ae0f3c201604926ea599d3d1f6c04
Sha1:   2c29243a73660964d4712b969d2a15e27777bc14
Sha256: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 11 Jun 2020 15:32:41 GMT
accept-ranges: bytes
content-length: 41045
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (41045), with no line terminators
Size:   41045
Md5:    612b7ab9f699e968f5b3206ca16ee834
Sha1:   12685fd0b83dabb9a2004dd4c74de4515fea3013
Sha256: dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
                                        
                                            GET /wp-content/plugins/easy-fullscreen-slider/assets/js/supersized.3.2.7.min.js?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 02 Jun 2017 07:16:48 GMT
accept-ranges: bytes
content-length: 17902
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17672)
Size:   17902
Md5:    4866e39cd6a51a5a844677a134bf5ff4
Sha1:   8e84f21819d6f3e83496fa7293cad16f0eb985dd
Sha256: ca1aa8fade0fbc33f0243432599ad8f427e65aaefe03a16f328f0330aa14cee7
                                        
                                            GET /wp-content/themes/agentpress-pro/style.css?ver=3.1.1 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 20 Jun 2017 09:08:52 GMT
accept-ranges: bytes
content-length: 66430
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1798), with CRLF line terminators
Size:   66430
Md5:    73a4eac30d88c820e4c39d873c948293
Sha1:   f68218fb1d523d25bec80ef02e78eb947bb4f8ad
Sha256: ab6c64f674edd9b337dbdbce1eddfaae7f34770bbaa05aeaca40afb12e807d49
                                        
                                            GET /wp-includes/js/jquery/ui/effect-size.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 3251
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3023)
Size:   3251
Md5:    fbdf6877e2b8559fccad7a591d58663e
Sha1:   707dc9862ae2333f003c1c2b9387625bdbbbf331
Sha256: 99f47f1084db599d55bf70957f9a033eee6012a660c74009aea8bee651ddc3d0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 3142
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2927)
Size:   3142
Md5:    412416b5df69805b1e084e50d4283c2f
Sha1:   b8c47463c0793854638a8981cfad35503f393297
Sha256: 7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/easy-bootstrap-shortcodes/js/bootstrap.min.js?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 22 May 2017 08:25:24 GMT
accept-ranges: bytes
content-length: 27822
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27674)
Size:   27822
Md5:    353240ad37d1b084a53b1575f8ce57da
Sha1:   b3182f99be238cc41164df8615005fad53282b4e
Sha256: fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 3929
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3704)
Size:   3929
Md5:    e6784d91bf2c668bc4093063c5b15113
Sha1:   687e1d2e957a821280dbd205ae66182f16dfdc30
Sha256: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
                                        
                                            GET /wp-includes/js/jquery/ui/selectable.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 05 Oct 2019 19:31:04 GMT
accept-ranges: bytes
content-length: 4258
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4033)
Size:   4258
Md5:    91167a07312f0c7cf9eadbb6211fa2d5
Sha1:   c6a554c0b01d1b3a6e4f873491f5b4744f64d47b
Sha256: 05ce3f549ff9e4aadaa6542643b0f72b9c39fcde428d65514774b143b5347f9e
                                        
                                            GET /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 6438
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6217)
Size:   6438
Md5:    d1c2e97eeca08ca067ccf2c5736f0390
Sha1:   5281985542fcc8c5a651d1991296e12c39bfcb82
Sha256: 0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/droppable.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 6230
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6007)
Size:   6230
Md5:    5da4ea3eb5435fce036e80bd58718da2
Sha1:   3d11dddfa3b97ad1e8cf3a844d9f59d81f8b6837
Sha256: cb578ed9307a8912ee5bbd79f91b80fec2abe28042e6bd03a83c679f33005411

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/tooltip.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 5650
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5431)
Size:   5650
Md5:    011521c4cb26175134847bc005c736fa
Sha1:   aab10f7d07a220841b1f29ea764d5b2c0c0fdcb9
Sha256: 4205086e08c34625efc0d72df59715ed8ec9cfd271e3eb51c6a37aa0a7daec2b
                                        
                                            GET /wp-includes/css/dashicons.min.css?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 15 Apr 2021 22:32:23 GMT
accept-ranges: bytes
content-length: 47564
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47529)
Size:   47564
Md5:    d54a4192cc3e4d54677c8091c1dae73b
Sha1:   7e3e8e30c66c5751bb5477b4e9939969f4e2aa5e
Sha256: de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353
                                        
                                            GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 6827
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6603)
Size:   6827
Md5:    2fb11e1fba920ce6191aaf65473894ff
Sha1:   858e35ea212ce2c331f6f2b4980b55fa5bac29f5
Sha256: 1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/button.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 7215
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6998)
Size:   7215
Md5:    96bebe37b0494fd593d242b0ab500197
Sha1:   c76a024864596ff36e8a3c494e81f0cdb0f8af7e
Sha256: 409c16852a61e50980a17fed11c6434aa362731291b49f9923f5a9bbc8c030b4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 7058
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6839)
Size:   7058
Md5:    6010817c2bd9b93461e335d0cbc6d6be
Sha1:   25ca4371a64aa39bcbc3c6953da002848405f37c
Sha256: 6b2562f3ed29e898a7d502a212c30516dec520856ee92093090934553cd99e51
                                        
                                            GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 8227
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7998)
Size:   8227
Md5:    cd39cd96dff0888fabd40c2c7c75e064
Sha1:   542a73251ba957bcac5b75d948fa9bfaa85e90a1
Sha256: 67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 8562
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8339)
Size:   8562
Md5:    a0b8589edef2f5b85ccf152816269a7d
Sha1:   93173c4b95691e08075a54531891463cc1fb7b5d
Sha256: 96b656700f9b4784f69af925f46ecc91caa7f444b3168ecbb64afe06f8fc4c99

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/selectmenu.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 8359
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8135)
Size:   8359
Md5:    fba28019d0b30ba893e89de5949e0342
Sha1:   227f362fd8e5858a1858b392e7836db9f48354b0
Sha256: a294032baabd17deebf624872dbfab8cf7acbc68c6c9878bfaf7067477eff785
                                        
                                            GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 9543
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9330)
Size:   9543
Md5:    b4b9458fcbfa3ff33fda9d1fe6a33dc5
Sha1:   d9dafac2c525a0b33039cb2e26d8bd80902d3ada
Sha256: 11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 17 May 2019 01:55:54 GMT
accept-ranges: bytes
content-length: 96873
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   96873
Md5:    49edccea2e7ba985cadc9ba0531cbed1
Sha1:   f8747f8ee704d9af31d0950015e01d3f9635b070
Sha256: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 10911
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10694)
Size:   10911
Md5:    aa205fbfb232b9cb5f104142e7183b36
Sha1:   d73fef1ae7c9fc260dba69e57658793f01590eea
Sha256: bf9d214a2ec4f01d57a72fa4417e1cd8f895800b277b6040eb98c77e4b49e668

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 12093
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11876)
Size:   12093
Md5:    8fa9e3f9c636c43c52bb7a861839376e
Sha1:   8f86d768f4fb5a5081f9266700448dcb7f7a16d1
Sha256: 72a1a8339a4ef21db997f17cac76cfe78938a1e755e37bdbe5dbc249bc6947d1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 12012
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11799)
Size:   12012
Md5:    f2c8bed453ea6a55cad903c5e367bc4f
Sha1:   96323cb37f985657f8133dfbc452c189e277c2f1
Sha256: b91aab00697781a1fb184945cd6e7602db0d45458fa58a53156110945f2b71be
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 13849
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10927)
Size:   13849
Md5:    d6aeffd9e0126160ff89d369c05a5fbe
Sha1:   8480b15ad38e8e1d67960e72b513fa4f463e2cc1
Sha256: 95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 13223
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11225)
Size:   13223
Md5:    50e725a9b1e53dd2231151e7dd8ee629
Sha1:   8b3182f2113ed7845f65b6b5983f20c753ee9505
Sha256: c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Lato%3A300%2C700%7CRoboto%3A700%2C300%2C400&ver=3.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 03:13:47 GMT
date: Thu, 10 Nov 2022 03:13:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   19077
Md5:    8be22e5be42584ebd8d3e83be47af66e
Sha1:   42af9bac6b7cee48542bd40d336767cc9c4cb18c
Sha256: a125a3512144107fecef61937364d6a1c5988f5401d967b2b306819db7c31017
                                        
                                            GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 18809
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18586)
Size:   18809
Md5:    005186c73d00e12af11c4a5ff2b77dd0
Sha1:   871eaa6d4d6be51b141ffac9aaead6509bac8ea1
Sha256: 24539433fce4b27fc6c4a4c471eb078a394d562681dc15f3b7f1fc1550ab41f2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:33 GMT
accept-ranges: bytes
content-length: 24828
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (24607)
Size:   24828
Md5:    ea712686ca9d325fddb57ce9be2b52c1
Sha1:   beccce00da22a7994cd0e09c1fe90b43df56bcf3
Sha256: 9af25ef0d99c5ef2c6f3b595b1716009858fc4bc71838ffcd61706bda396d261

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 22:32:31 GMT
accept-ranges: bytes
content-length: 36172
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35947)
Size:   36172
Md5:    a236bd4097fcbfb009f64238dc4443a1
Sha1:   ddbeeaa10749e4a74fe624ced0531b9243235dd2
Sha256: 2c3f3b95a692312d9b75815ecb949a40c2a701ff148fe865fde55556c810a22c
                                        
                                            GET /js/sharethis.js HTTP/1.1 
Host: platform-api.sharethis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.65
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
cache-control: max-age=600, public
date: Thu, 10 Nov 2022 03:11:45 GMT
etag: W/"302c5-xv+434/YRClN3FoC1ia4zCamsAQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VjqpgvEtHARTknAgL6kX-3YtfXVAGehj-YR1TXyuWZpNEI3_ZSA0ig==
age: 122
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   176111
Md5:    4a67f8e03fffca4ad953c3f168a5d12d
Sha1:   47e39d87b9a4ec0017b0a8be7578c4224bbfe14c
Sha256: d64f3e1c0af7188e5a35d0905f22130abe4bb43a9dbee77062b5bc9454c2bed5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:21 GMT
expires: Thu, 09 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 27567
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 17:10:21 GMT
expires: Wed, 08 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 122607
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size:   23040
Md5:    de69cf9e514df447d1b0bb16f49d2457
Sha1:   2ac78601179c3a63ba3f3f3081556b12ddcaf655
Sha256: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
age: 29999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Size:   23236
Md5:    716309aab2bca045f9627f63ad79d0bf
Sha1:   38804233a29aaf975d557fe14e762c627bef76e0
Sha256: 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
age: 29999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /compte.php?S=www.theklaganriverson.com&C=17&D=6&N=5000&M=0 HTTP/1.1 
Host: counter.websiteout.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         37.59.42.71
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 10 Nov 2022 03:13:48 GMT
Server: Apache
P3P: CP="DSP COR NID CURa"
Set-Cookie: CookieLastTime=1668050028; expires=Sat, 09-Nov-2024 03:13:48 GMT
Content-Length: 3688
Keep-Alive: timeout=1, max=50
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 60 x 20, 8-bit/color RGB, non-interlaced\012- data
Size:   3688
Md5:    4ce3bf6f4025889c7a512feb63c7e7e8
Sha1:   bfd0ac9ded3892beb8e7f653149faf687304f07d
Sha256: 1696f9c819f3bae17bf31be656f3180cae1c059c6bf184e18348bd5a105f5f84
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2017/05/cropped-theklagan@riverson-1.png HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 27 May 2017 03:36:20 GMT
accept-ranges: bytes
content-length: 12718
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 320 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   12718
Md5:    9d1703021c835ed39f40cfcf2afa6774
Sha1:   5824111749f31dae671fb8ee5e730b3c065d6ead
Sha256: b0829c73c13025c09573eeda2369a5b6eb17812dc8ad6f2bef21edea34f9fb6f
                                        
                                            GET /wp-content/plugins/easy-bootstrap-shortcodes/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.theklaganriverson.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/font-awesome.min.css?ver=5.3.14
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: font/woff
                                        
last-modified: Mon, 22 May 2017 08:25:24 GMT
accept-ranges: bytes
content-length: 65452
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 65452, version 1.0\012- data
Size:   65452
Md5:    d95d6f5d5ab7cfefd09651800b69bd54
Sha1:   7d65e0227d0d7cdc1718119cd2a7dce0638f151c
Sha256: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
                                        
                                            GET /wp-content/plugins/leaflet-maps-marker/leaflet-dist/images/marker-shadow.png HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Dec 2019 01:13:26 GMT
accept-ranges: bytes
content-length: 1621
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 51 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size:   1621
Md5:    068bc9a5bfadc9d1d61a0fd1f6d0e19b
Sha1:   0313f1f868ef969d628a32fd2330697ca8723383
Sha256: 90a4689ec744325f419642e397f96083218c0b33c592aaf76b4ea09e7e4a77bc
                                        
                                            GET /wp-content/plugins/leaflet-maps-marker/leaflet-dist/images/marker.png HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Dec 2019 01:13:26 GMT
accept-ranges: bytes
content-length: 931
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size:   931
Md5:    bc11d9b074fcc84f58ce1b1ca1c977a4
Sha1:   dab182f41bb8f49b22cc0cb840128fdc8b9f9165
Sha256: 3d6680dd5a6c5e9a2ffdb86671d9397bfdc0019741084301385bbecf57646c3e
                                        
                                            GET /wp-content/uploads/2017/06/Gleneagles_06.jpg HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 02 Jun 2017 07:56:36 GMT
accept-ranges: bytes
content-length: 324953
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, xresolution=286, yresolution=294, resolutionunit=2, software=DxO ViewPoint 3, datetime=2017:01:17 13:02:01, GPS-Data], baseline, precision 8, 1600x1060, components 3\012- data
Size:   324953
Md5:    91973f664f652da4608cc8254a49b25b
Sha1:   7ffda480aa8540bf0c8a255e4cd175dbff175e42
Sha256: 94780a42be15c8ca8a791b12b2718ddfddc3606bdd18cedf9845aedd630069d5
                                        
                                            GET /wp-content/uploads/2017/05/SOHO_30.jpg HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Mon, 22 May 2017 06:06:42 GMT
accept-ranges: bytes
content-length: 332251
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, xresolution=286, yresolution=294, resolutionunit=2, software=Adobe Photoshop CS5 Macintosh, datetime=2017:01:17 16:46:44, GPS-Data], baseline, precision 8, 1600x1060, components 3\012- data
Size:   332251
Md5:    fa92e933be5e514c929b8116dbe543f1
Sha1:   faa928932a14c765548fdd086cc34eb55178f356
Sha256: 501c98cbded913b18fce71251addc2733aaf2b96b1876a10ad49abac1f697b1d
                                        
                                            GET /wp-content/uploads/2017/06/Kanawi_22.jpg HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 02 Jun 2017 07:56:31 GMT
accept-ranges: bytes
content-length: 129896
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, xresolution=286, yresolution=294, resolutionunit=2, software=Adobe Photoshop CS5 Macintosh, datetime=2017:01:18 11:27:45, GPS-Data], baseline, precision 8, 1600x1059, components 3\012- data
Size:   129896
Md5:    684da8dd210a3a27bf0fa9b74f1aa15a
Sha1:   dd921ec77cda2ad124eada582bcf5180344f31d2
Sha256: 28788f176d52950368d411b9edbb93f150e544195ffc8969f81be9af350e3f54
                                        
                                            GET /wp-content/plugins/easy-fullscreen-slider/assets/img/progress.gif HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/wp-content/plugins/easy-fullscreen-slider/assets/css/supersized.css?ver=2.0.1
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: image/gif
                                        
last-modified: Fri, 02 Jun 2017 07:16:48 GMT
accept-ranges: bytes
content-length: 2608
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 31 x 31\012- data
Size:   2608
Md5:    db34c77121e2269e4fc8d35e6883ea53
Sha1:   e80104eb3e6ced8d80b955f9826389b34e2d7845
Sha256: bcfc4de3a54e646b8fd90b6869593d1150cbddafb1bc4e50f79297d81ea4473b
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 19 Sep 2019 12:49:18 GMT
accept-ranges: bytes
content-length: 99133
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   23
Md5:    e3981ca10169a319d5aa062bf43a5fa1
Sha1:   2c6ed584767b65688ce99b1ebe1a3b7448a67421
Sha256: 8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146887
Date: Thu, 10 Nov 2022 03:13:49 GMT
Etag: "636bedb2-1d7"
Expires: Fri, 11 Nov 2022 20:01:56 GMT
Last-Modified: Wed, 09 Nov 2022 18:13:06 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: f-fB5KJ75-bHcVVQOy5CGWT9xs8Ej_V0kRFEiXjqB8d3Tjn0dX1w4Q==
Age: 6530

                                        
                                            GET /pview?event=pview&hostname=www.theklaganriverson.com&location=%2Fxacces%2FDe4lt%2Fb9.php&product=ga&url=https%3A%2F%2Fwww.theklaganriverson.com%2Fxacces%2FDe4lt%2Fb9.php&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Page%20not%20found&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en HTTP/1.1 
Host: l.sharethis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         18.193.4.227
HTTP/1.1 204 No Content
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://www.theklaganriverson.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 10 Nov 2022 03:13:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2017/06/Asset-6@512x-100-150x150.jpg HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 02 Jun 2017 08:15:39 GMT
accept-ranges: bytes
content-length: 6128
date: Thu, 10 Nov 2022 03:13:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size:   6128
Md5:    0c5cab1e583b4f935f73ea29f55f3dd5
Sha1:   dae3364f10b4c802ff1a81021a6f25d2ffb96f3e
Sha256: 7e9c96b51863c844a21aec81f60a77873715703ba61867ef43f78a3f59a7b00e
                                        
                                            GET /wp-content/uploads/2017/06/Asset-6@512x-100.jpg HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 02 Jun 2017 08:15:39 GMT
accept-ranges: bytes
content-length: 95765
date: Thu, 10 Nov 2022 03:13:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 509x509, segment length 16, baseline, precision 8, 492x513, components 3\012- data
Size:   95765
Md5:    a41b99dff387eccfff12882f0d942493
Sha1:   d887eeec2f8a0b7504cf960400bf8188ba13a235
Sha256: 61d4fee270a3f3ea9f4e94a8d219a20cec37a29be6d36625cd3017b9b29a2e43
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /?ga_action=googleanalytics_get_script HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 33
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
date: Thu, 10 Nov 2022 03:13:48 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20533
Md5:    3adce5e08dfd73381f4a891796879180
Sha1:   91b6bd59e51ef2bd269b0998b9c1e39e15509643
Sha256: 9341566bbbd5d628e32d69657464f2f91aea2e210773712ebcc952de9b1a3ed5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?v=1&_v=j98&a=2136698418&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theklaganriverson.com%2Fxacces%2FDe4lt%2Fb9.php&ul=en-us&de=UTF-8&dt=Page%20not%20found&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1164687811&gjid=1595510191&cid=1041043835.1668050027&tid=UA-61858120-40&_gid=1199667291.1668050027&_r=1&_slc=1&z=1130851755 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.theklaganriverson.com
date: Thu, 10 Nov 2022 03:13:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    9e92e190700c1af4539b40c2171320a9
Sha1:   209bcdb79e6067b51091ce8586d4b977f25b67d8
Sha256: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61858120-40&cid=1041043835.1668050027&jid=1164687811&gjid=1595510191&_gid=1199667291.1668050027&_u=IEBAAEAAAAAAACAAI~&z=2020048957 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.theklaganriverson.com
Connection: keep-alive
Referer: https://www.theklaganriverson.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         64.233.165.156
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.theklaganriverson.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Nov 2022 03:13:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 10 Nov 2022 03:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/easy-bootstrap-shortcodes/styles/bootstrap.min.css?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 22 May 2017 08:25:24 GMT
accept-ranges: bytes
content-length: 118202
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /xacces/De4lt/b9.php HTTP/1.1 
Host: theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         103.6.198.170
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
set-cookie: PHPSESSID=6b1020e6e993f86a29911bfc7ff868ab; path=/
location: https://www.theklaganriverson.com/xacces/De4lt/b9.php
date: Thu, 10 Nov 2022 03:13:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php?ver=5.3.14 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
                                        
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.5.3 HTTP/1.1 
Host: www.theklaganriverson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theklaganriverson.com/xacces/De4lt/b9.php
Cookie: PHPSESSID=a3b1de20c4c0869173f3785a9e722384
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         103.6.198.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 28 Dec 2019 01:03:08 GMT
accept-ranges: bytes
content-length: 67158
date: Thu, 10 Nov 2022 03:13:47 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---