detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 29 Nov 2022 06:32:39 GMT
Age: 22209
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9571
Expires: Tue, 29 Nov 2022 15:22:19 GMT
Date: Tue, 29 Nov 2022 12:42:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6dbde5135631a9ce7600246d12133c66
5bfadab889eaf60d64569cb43cbdfe515217b7d4
369d74c6b81c1f06de0be7ed6cee2971e6ba96ea36e5b96fcdcf80c483896aab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "369D74C6B81C1F06DE0BE7ED6CEE2971E6BA96EA36E5B96FCDCF80C483896AAB"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Tue, 29 Nov 2022 14:12:33 GMT
Date: Tue, 29 Nov 2022 12:42:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11983
Expires: Tue, 29 Nov 2022 16:02:31 GMT
Date: Tue, 29 Nov 2022 12:42:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HEIiHPjviZwB+JurWjAg968D0+Dv/gULjdrq9v5qYrN4PcuDxAYcMngjaybLSJ/wOJyrRaB/lyrD2ey+B3i8jw==
x-amz-request-id: QEKFJTQ89B3904V6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 12:32:53 GMT
age: 595
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 12:42:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5792
Cache-Control: max-age=170694
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 12:42:49 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 12:07:43 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 12:19:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1393
alt-svc: clear
X-Firefox-Spdy: h2
raviangroupllc.com/
192.124.249.130200 OK 13 kB IP 192.124.249.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 1cd153d2fe4b4a05c9508b53e4032eea
0067298f78719c5ef3ff6f02236ece2ca84ea897
8e7394ab892e929585ce14b7bbf68e8ceb46f5716331afe4467cefc1fc731555
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 13030
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Link: <http://raviangroupllc.com/index.php/wp-json/>; rel="https://api.w.org/", <http://raviangroupllc.com/index.php/wp-json/wp/v2/pages/118>; rel="alternate"; type="application/json", <http://raviangroupllc.com/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Sucuri-Cache: EXPIRED
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bca29dd8ae6f0e760391dc69065b57c9
e91f74748fd7f5105fd98543e8f1b7b1374343f4
32bcc36e4a29bb4fb29dd0f5055615a7409a87286350cbb603cacca461d45c32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6063
Cache-Control: max-age=111211
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 12:42:49 GMT
Etag: "6384f605-1d7"
Expires: Wed, 30 Nov 2022 19:36:20 GMT
Last-Modified: Mon, 28 Nov 2022 17:55:17 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Condensed%3A400%2C700&ver=1.0.7
142.250.74.10200 OK 876 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Condensed%3A400%2C700&ver=1.0.7
IP 142.250.74.10:0
Hash cc658aabaa802fe04c702d0ec3d4366d
f721696a9a93ba0dfb31c5099a52458bf4cb6f0a
9355563be3c436af4fa2a29360fc572653b2cafb308b9f98f2f4f76f6c45adeb
GET /css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Condensed%3A400%2C700&ver=1.0.7 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 29 Nov 2022 12:42:49 GMT
Date: Tue, 29 Nov 2022 12:42:49 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 12:42:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?key&ver=6.1.1
142.250.74.106200 OK 53 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key&ver=6.1.1
IP 142.250.74.106:0
File type ASCII text, with very long lines (2413)
Hash 6bba2719a66f3d4147ae747fcdc44df9
649f22f5b0af997d7180b4f0c59e7581ce6a1e0c
e6f12bb3aa50acc003c48197e7c1c182f0a8ae60c36a307ccfdd6fe99165e06e
GET /maps/api/js?key&ver=6.1.1 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://raviangroupllc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Tue, 29 Nov 2022 12:42:49 GMT
expires: Tue, 29 Nov 2022 13:12:49 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53313
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
raviangroupllc.com/wp-includes/css/classic-themes.min.css?ver=1
192.124.249.130200 OK 189 B URL HTTP/1.1 raviangroupllc.com/wp-includes/css/classic-themes.min.css?ver=1
IP 192.124.249.130:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 189
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 05:58:36 GMT
ETag: "de0003-d9-5ec7688133152-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
192.124.249.130200 OK 12 kB URL HTTP/1.1 raviangroupllc.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 12518
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 21:40:39 GMT
ETag: "de2cdf-172a9-5ed893501c104-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.12.5
192.124.249.130200 OK 351 B URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.12.5
IP 192.124.249.130:0
File type ASCII text, with very long lines (815), with no line terminators
Hash a13956f69577ca337f027c988424cfed
13fd1d4c866969bce2032e04997819f869b646fd
2b035611bb4e8f78229b53d6ee08081a3e264549778c39c4c153deb74c98a794
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/menu-icons/css/extra.min.css?ver=0.12.5 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 351
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Aug 2020 18:15:47 GMT
ETag: "e60e19-32f-5ad2ae0519869-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-includes/css/dashicons.min.css?ver=6.1.1
192.124.249.130200 OK 36 kB URL HTTP/1.1 raviangroupllc.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (58981)
Hash 00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Mar 2021 21:16:22 GMT
ETag: "de2db0-e688-5bca85cdbf580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4
192.124.249.130200 OK 932 B URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4
IP 192.124.249.130:0
Hash d423d422e354bb92d8590be50609489e
22d963017b1bcc74fe6effbfa4ab6d567e0d3b8d
39de3fd0aabe4e42509a229315fd784f227a085d8e77f1c191b99c0599c16c68
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 932
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Mar 2021 18:43:17 GMT
ETag: "e602eb-a46-5bd1eec77f20a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1
192.124.249.130200 OK 7.1 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (29701), with CRLF line terminators
Hash a257be9f66c34683a50838f0d1f8ce3b
4d1ebcf9bd72f436d25981dd4cc5dbc2a58d2bd6
98d2083b0945bffa1ca9a3b7a53d9f9b52d59be7949380b5a30e1bc2757446c9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 7127
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Apr 2018 10:43:58 GMT
ETag: "ec1104-7578-56aa9f2bc5780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
52.35.225.239200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 52.35.225.239:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 29 Nov 2022 12:42:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
raviangroupllc.com/wp-content/themes/offshore/assets/css/font-awesome.min.css?ver=4.6.3
192.124.249.130200 OK 6.7 kB URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/assets/css/font-awesome.min.css?ver=4.6.3
IP 192.124.249.130:0
File type ASCII text, with very long lines (28900)
Hash 44199db135a3cf78e3cf4bf6e3170033
96a27c54fd2723ff930c3faa8cf6c600a90ff78a
80e21be34b782b126cd2908f142df631e4396099a1e62255253b6299b3e9a0aa
GET /wp-content/themes/offshore/assets/css/font-awesome.min.css?ver=4.6.3 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 6666
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Apr 2018 10:41:58 GMT
ETag: "ee0db0-7187-56aa9eb954980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/google-analytics-for-wordpress/assets/css/frontend.min.css?ver=7.16.2
192.124.249.130200 OK 832 B URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/google-analytics-for-wordpress/assets/css/frontend.min.css?ver=7.16.2
IP 192.124.249.130:0
File type ASCII text, with very long lines (7695), with no line terminators
Hash 0b1b63ad63f31842bcc1180c92ac49d7
97cfff6b31205e0f3680a6a6e5161404fb133577
66a5d8a918049405d79e714a6c8838a364809f6912b4efb185d552ec3e6b78e9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-for-wordpress/assets/css/frontend.min.css?ver=7.16.2 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 832
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Mar 2021 14:24:44 GMT
ETag: "e616a6-1e0f-5bd57a950d40f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/themes/offshore/assets/css/owl.carousel.min.css?ver=2.1.1
192.124.249.130200 OK 950 B URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/assets/css/owl.carousel.min.css?ver=2.1.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (2863)
Hash d12e74e477fdc01684f25e4329469b91
2d384957e92158801ec430d04079ff8433cd5427
3bf1daff9a4c53000eb96cb7e52f9c790348babf89e4af5e8da5775ddbe9b081
GET /wp-content/themes/offshore/assets/css/owl.carousel.min.css?ver=2.1.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 950
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Apr 2018 10:41:58 GMT
ETag: "ee0daf-bcc-56aa9eb954980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/flexslider.min.css?ver=5.1.1
192.124.249.130200 OK 1.1 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/flexslider.min.css?ver=5.1.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (3424), with no line terminators
Hash 61259ad32f64e85726b608ef2fc26cc3
05e6f2fb690c81ee8a6437776c54323e2dbeb198
6c6e9c3e426cfb377339f473b7b8bab912c178ffd8941743dc8d2a2a7814e5cc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/flexslider/flexslider.min.css?ver=5.1.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 1133
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Apr 2018 10:44:01 GMT
ETag: "ea2032-d60-56aa9f2ea1e40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 12:42:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
raviangroupllc.com/wp-content/themes/offshore/assets/css/bootstrap.min.css?ver=3.3.5
192.124.249.130200 OK 20 kB URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/assets/css/bootstrap.min.css?ver=3.3.5
IP 192.124.249.130:0
File type ASCII text, with very long lines (65371)
Hash 4ffac1b8fa084ffcc9e2ac6d742fd1fb
779044c35b1f774ac74ff11e897327dc0fd460a7
2c4156f5bdd35e59353a7f9217e72c46462f3f6a67c977cb5391c6bd1f75f834
GET /wp-content/themes/offshore/assets/css/bootstrap.min.css?ver=3.3.5 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 19883
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Apr 2018 10:41:58 GMT
ETag: "ee0dad-1deac-56aa9eb954980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/themes/offshore/style.css?a=43&ver=1.0.7
192.124.249.130200 OK 16 kB URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/style.css?a=43&ver=1.0.7
IP 192.124.249.130:0
Hash bd0bc02c6b4aab609c715cb2e595a2f4
a6547204ad5390350c1bccbec1f1596b55ed085c
7fa807ef8cde76d8868221a67ebeb02bf3c97544bda752a08a5addd09b749f7c
GET /wp-content/themes/offshore/style.css?a=43&ver=1.0.7 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:49 GMT
Content-Type: text/css
Content-Length: 15818
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sat, 19 May 2018 12:17:42 GMT
ETag: "ee0d05-17867-56c8e0e24c580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 12:08:56 GMT
cache-control: public,max-age=3600
age: 2033
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
raviangroupllc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.124.249.130200 OK 4.2 kB URL HTTP/1.1 raviangroupllc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.124.249.130:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 4169
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
ETag: "e002db-2bd8-5b45debe27b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1
192.124.249.130200 OK 18 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (64561)
Hash 1d03281d6bb71bb6ef61985e59355f23
1c89e1d81b102a2297d27407cb8647e29567c181
b690a1216016d81b766118433ab3371fa6bc5b574417cee6afc9a53b6aab0d1c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 17980
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:25 GMT
ETag: "ec10ff-fd7b-5cd3fcb98e8e0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/themes/offshore/assets/js/back-to-top.js?ver=1.0.0
192.124.249.130200 OK 1.1 kB URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/assets/js/back-to-top.js?ver=1.0.0
IP 192.124.249.130:0
Hash 615679187c00aa61ac638e2e08101973
eb5e647f62683dc6ca45aebb49d930746c550ad3
6e238ead8246abd9e3cadd877b249e80225a1e9257563bea88cf57b3c04e2b87
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/offshore/assets/js/back-to-top.js?ver=1.0.0 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 1055
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:40:26 GMT
ETag: "ee0d9b-b59-5cd3fcf38af68-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1
192.124.249.130200 OK 38 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (27287)
Hash e6296e33d8be38e7ac8f84c7ca9171e2
c2327a59fbd8fea5518f61e5e9653d5ea14b564e
af38b8fe2911ca3422cdfdbaadcdf032b54f484816840e0224643ed50ebf5031
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 38311
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:24 GMT
ETag: "ec10e6-1af53-5cd3fcb7b1be1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.124.249.130200 OK 31 kB URL HTTP/1.1 raviangroupllc.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 30995
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 05:58:42 GMT
ETag: "e002e3-15e54-5ec768863f935-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/themes/offshore/assets/js/jquery.ajaxchimp.min.js?ver=1.3.0
192.124.249.130200 OK 942 B URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/assets/js/jquery.ajaxchimp.min.js?ver=1.3.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (2381)
Hash 26670fda1611f49fbbe8da327d4ac8a2
3ecf77eeb5cf1e5d43a6d169ac5629400cf0a73a
6834b399dd2aeb163bfec8e9f8fe8098bb5c5287579dfd259c01b9fe5f657d8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/offshore/assets/js/jquery.ajaxchimp.min.js?ver=1.3.0 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 942
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:40:26 GMT
ETag: "ee0d9d-94e-5cd3fcf38e230-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.1.1
192.124.249.130200 OK 44 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.1.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 870c6d286ceb3c82f23e31b31ead20cd
8d4220c2ef4821e269c1edb35910625efdc8e017
d4b682bcea04fe60ec3652c1d348672afccd33fc15ebd970e7110ba9db7445d8
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.1.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: text/css
Content-Length: 44414
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Apr 2018 10:44:01 GMT
ETag: "ea1fb2-70240-56aa9f2ea1e40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/themes/offshore/assets/js/jquery.counterup.min.js?ver=1.0
192.124.249.130200 OK 577 B URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/assets/js/jquery.counterup.min.js?ver=1.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (917)
Hash 6d361ea121275639d771274b5d136fbf
ba919f9ac8aa99fce6b6921e703fb0cedf74e58b
4fa0522d8aa1236a78f588aed40038d0fafb39b7e026b37d647001c7d787eb39
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/offshore/assets/js/jquery.counterup.min.js?ver=1.0 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 577
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:40:27 GMT
ETag: "ee0da2-42c-5cd3fcf3ddf8c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/themes/offshore/assets/js/owl.carousel.min.js?ver=2.1.1
192.124.249.130200 OK 11 kB URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/assets/js/owl.carousel.min.js?ver=2.1.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (32045)
Hash 357616e64c62653ff73e531912c5d511
c2c80a9d7cc93c649095ec14e5c4dfabdb743baa
b0f579afffa6a61b63d4392edc67fd342119849ff148fdf95012f4491a35e0a7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/offshore/assets/js/owl.carousel.min.js?ver=2.1.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 10972
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:40:27 GMT
ETag: "ee0da1-a729-5cd3fcf3d240c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/image-carousel/css/jquery.bxslider.css?ver=1.0.0.31
192.124.249.130200 OK 1.4 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/image-carousel/css/jquery.bxslider.css?ver=1.0.0.31
IP 192.124.249.130:0
File type ASCII text, with CRLF line terminators
Hash 350e28a82385c17230c78c0a7d7ca29f
f7825873695f17b4c93e0037ecadbd28fc36e7e2
b696e250e7628c0d38d18095482f183e396dc689f63947de37ab2c8660a2a65c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/image-carousel/css/jquery.bxslider.css?ver=1.0.0.31 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: text/css
Content-Length: 1439
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 25 Dec 2020 09:49:15 GMT
ETag: "e603dc-1246-5b746d65b9f2f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
192.124.249.130200 OK 2.5 kB URL HTTP/1.1 raviangroupllc.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 192.124.249.130:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 2457
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 24 May 2022 21:45:17 GMT
ETag: "e0017d-194b-5dfc8df5d1980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
192.124.249.130200 OK 6.5 kB URL HTTP/1.1 raviangroupllc.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 287748e15cc4a588d0df39da369d9035
b02e10a775f9d6ab54d448acffbc9253e2d9bfb9
742f6e950eecbeaf0c308f5d3877e48d6d57d48b7f8bd458d81875feb4b58654
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 6532
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 05:58:58 GMT
ETag: "e00186-459f-5ec7689595652-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4919
Cache-Control: max-age=164757
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 12:42:50 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:28:47 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
raviangroupllc.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
192.124.249.130200 OK 3.9 kB URL HTTP/1.1 raviangroupllc.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 192.124.249.130:0
Hash eb22973e4f9791a1b52550f254a1022e
cfa38e2369070741641968207c1dbb8ccd0c9221
0dbbf082b664afe4556aee3cc7c3e173b1cb9ac665e127ddb0b8db2a60237d01
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 3866
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 05:58:45 GMT
ETag: "e001c1-27f6-5ec7688919cea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
192.124.249.130200 OK 1.7 kB URL HTTP/1.1 raviangroupllc.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 192.124.249.130:0
File type ASCII text, with very long lines (4875)
Hash 320b86bb1a9ce650a5e3553b2bb1c430
c56e8668b398641ed5cdcfbd8a8eba7d631cdb9c
c9ebbb8d122c6be3880d18172abfe308bb07db900689484fa765a73b8b20b3ec
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 1661
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 24 May 2022 21:45:05 GMT
ETag: "e001ba-132e-5dfc8dea12f8b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7
192.124.249.130200 OK 3.7 kB URL HTTP/1.1 raviangroupllc.com/wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (8629)
Hash e651ef394bdc457930d7d47d45b05fa6
2ed1e9ace8bcfe4ef9213e46e128a099a34d017e
621430839777691039baf6e92e095bffc529d3f742d36b4d3f8723b5648d4b5f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 3727
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 05:58:47 GMT
ETag: "e00178-23bb-5ec7688bcb05e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311
192.124.249.130200 OK 2.3 kB URL HTTP/1.1 raviangroupllc.com/wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311
IP 192.124.249.130:0
File type ASCII text, with very long lines (5290)
Hash 88175d3a94bf2d08e9abadea86684e45
0d500829e3840ce368531114bdc8fc662e648b95
9acb6212253a49d77d99f5c2a389751cf5e70953bbfc95ac48b5f11a8957b173
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 2275
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 24 May 2022 21:45:14 GMT
ETag: "e001c3-14cd-5dfc8df2dfae1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
192.124.249.130200 OK 3.2 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
IP 192.124.249.130:0
File type HTML document, ASCII text, with very long lines (10946), with no line terminators
Hash 1b73c9d21ee49da3a50a9d5e802875b4
263aae7168071538eb0749f80e20bb9b4744e242
d628007c613ad544dbee34b48925303dd7d1dfcc1e43dfdbe18f1a1cad25f7d8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 3238
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Mar 2021 18:43:17 GMT
ETag: "e602f3-2ac2-5bd1eec77f5f2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/themes/offshore/assets/js/bootstrap.min.js?ver=3.3.5
192.124.249.130200 OK 9.7 kB URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/assets/js/bootstrap.min.js?ver=3.3.5
IP 192.124.249.130:0
File type ASCII text, with very long lines (32034)
Hash 156dcd87a59daf1419a9b1208d4ba285
1d619ed2d1123eba6a860b1bdf5f6eb42c51e1b9
248109504d9197bd55878ee8e2db121edaaf0e7cb5f54911592f35a382f94898
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/offshore/assets/js/bootstrap.min.js?ver=3.3.5 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 9746
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:40:26 GMT
ETag: "ee0da3-8fd1-5cd3fcf3bc093-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://raviangroupllc.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 20:16:46 GMT
Expires: Thu, 23 Nov 2023 20:16:46 GMT
Cache-Control: public, max-age=31536000
Age: 491164
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
raviangroupllc.com/wp-content/themes/offshore/assets/js/maps.js?ver=6.1.1
192.124.249.130200 OK 1.2 kB URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/assets/js/maps.js?ver=6.1.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (1691)
Hash 98588663583809f504590f2922b75245
9a0c189d08898a3215f1e30d7b90a0a241df4d26
6e5638dd3466927d85be140ce53b1849315fa5e95bfe72918b32cfcce8db1e75
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/offshore/assets/js/maps.js?ver=6.1.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 1162
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:40:27 GMT
ETag: "ee0d9a-fae-5cd3fcf49fd25-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=5.1.1
192.124.249.130200 OK 6.3 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=5.1.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (21539)
Hash f2b131330210db06b703091b09194c4f
088190203c4f19de98ec5739c4739b74372eda62
a3fed0778ab645f41cf5f1a5c7bad9da5ca4de534ca23a16abe8d3c3b17efb92
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=5.1.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 6268
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:55 GMT
ETag: "ea2031-5487-5cd3fcd5520ed-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.1.1
192.124.249.130200 OK 2.6 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.1.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (7808)
Hash 2fe1902de5ae83a2cbbfa74650a08f6e
1048d7beaf4636fde49a6d09696979c02b214507
b3c26547cca097eefa207d5deaa12357d859387f226e8dd3fccaed11afa9301b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.1.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 2616
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:58 GMT
ETag: "ec09a6-1f6d-5cd3fcd8681b2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.6.1
192.124.249.130200 OK 720 B URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.6.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (1408)
Hash b959689c04e0347ffeb52aae013a78b4
879c1f677e138d6860adfe042e33660bb43adda3
d005aff29df18be473d8fd391e94ae7f6bef98533fc88a7f2018d42d191a3945
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.6.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 720
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:41 GMT
ETag: "ec195a-581-5cd3fcc86fae3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1
192.124.249.130200 OK 456 B URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1
IP 192.124.249.130:0
Hash bf13e8e738257f93960e837d791eb627
ab2b9ada9c9945cf029f79ccafb999c450e5d535
c9b998c6d3e1f81f3f359d8e4662054cccc9e9c9045dc435421c0118f9ed3c7e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 456
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:41 GMT
ETag: "ec1959-387-5cd3fcc862fc2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/image-carousel/js/jquery/jquery.easing.1.3.js?ver=1.0.0.31
192.124.249.130200 OK 2.0 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/image-carousel/js/jquery/jquery.easing.1.3.js?ver=1.0.0.31
IP 192.124.249.130:0
Hash 501189e4af884d31997c2e40388d7284
6ce5a08eb3a84e5153c34c97ac14d07357fc6e6d
698d4c6c9eda51725650c028d08969efd2b77780bef6b9716b19f667887734e6
GET /wp-content/plugins/image-carousel/js/jquery/jquery.easing.1.3.js?ver=1.0.0.31 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 1987
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:30 GMT
ETag: "e6043c-1fa2-5cd3fcbd8fb68-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff
192.124.249.130200 OK 14 kB URL HTTP/1.1 raviangroupllc.com/wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff
IP 192.124.249.130:0
File type Web Open Font Format, TrueType, length 14384, version 1.1\012- data
Hash c7ab406db23cf2d880297f07a0ae35d3
53c9df3243c24df8728a0dd5be3c9c82ab7a38af
a9fdbefae33b742c5c1379fabbfa02d3491a9095ef762d8e23f135b66eefd7c9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: font/woff
Content-Length: 14384
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 May 2022 19:06:14 GMT
ETag: "e600df-3830-5df4df38ad2aa"
Accept-Ranges: bytes
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/image-carousel/js/jquery/jquery.bxslider.js?ver=1.0.0.31
192.124.249.130200 OK 15 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/image-carousel/js/jquery/jquery.bxslider.js?ver=1.0.0.31
IP 192.124.249.130:0
Hash 50d3ae104141b52e6829e5def055db2d
4118a834f403423e1f4b9313519609e725b2a69b
957f0ef9131c38d8e6c10ae72776feeb35cb4bf52a3a56328f7072eb02981cd0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/image-carousel/js/jquery/jquery.bxslider.js?ver=1.0.0.31 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 14924
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:31 GMT
ETag: "e60446-10eba-5cd3fcbea935d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.1.1
192.124.249.130200 OK 5.5 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.1.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (18908)
Hash e79894627aa07312e449eb06e82a34d1
2593cdb2f630600a23e9fbae781fae9d4e8c9f19
a3c35fad91acf2a60aa22c1bb163dbc243972030ec7d1b795142de5ae84e77c1
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.1.1 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 5525
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:50 GMT
ETag: "e800f5-49dd-5cd3fcd0cf03f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/fonts/roboto-condensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYadlecyU.woff
192.124.249.130200 OK 14 kB URL HTTP/1.1 raviangroupllc.com/wp-content/fonts/roboto-condensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYadlecyU.woff
IP 192.124.249.130:0
File type Web Open Font Format, TrueType, length 14344, version 1.1\012- data
Hash 74d8fa739f1fc90d9147223d7e37c25c
ffe8c3398bf480c2f8aa8c3f0ac18cc18e31dfb1
5293ee85f4ce06c5be8e95bcfe4f153da69b063cf8a7fac9aa346c7b61ae65f0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/fonts/roboto-condensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYadlecyU.woff HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: font/woff
Content-Length: 14344
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 18:41:28 GMT
ETag: "e600f7-3808-5dda72842c4e4"
Accept-Ranges: bytes
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sOiT4kFC5K7ElKNvPCnHGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qj8f3Th4Z+BEt9TdXKckc28vswo=
raviangroupllc.com/wp-content/plugins/lazy-load/images/1x1.trans.gif
192.124.249.130200 OK 42 B URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/lazy-load/images/1x1.trans.gif
IP 192.124.249.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /wp-content/plugins/lazy-load/images/1x1.trans.gif HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jun 2018 07:38:50 GMT
ETag: "ec195d-2a-56e6cf507b680"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/themes/offshore/images/cd-top-arrow.svg
192.124.249.130200 OK 555 B URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/images/cd-top-arrow.svg
IP 192.124.249.130:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash c2bab96d57583d68d57a99dc04f16482
17f5b39cdf2f8cd02d5f3ff422372dcefd1bea53
d94bbee4b8120bf8e4937e3e9c54de44bdb866291db81088601bde90085092da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/offshore/images/cd-top-arrow.svg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/wp-content/themes/offshore/style.css?a=43&ver=1.0.7
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: image/svg+xml
Content-Length: 555
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Apr 2018 10:41:58 GMT
ETag: "ee0d55-22b-56aa9eb954980"
Accept-Ranges: bytes
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/themes/offshore/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
192.124.249.130200 OK 72 kB URL HTTP/1.1 raviangroupllc.com/wp-content/themes/offshore/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 192.124.249.130:0
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/offshore/assets/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://raviangroupllc.com/wp-content/themes/offshore/assets/css/font-awesome.min.css?ver=4.6.3
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: font/woff2
Content-Length: 71896
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Apr 2018 10:41:58 GMT
ETag: "ee0dbb-118d8-56aa9eb954980"
Accept-Ranges: bytes
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/uploads/2018/04/logoggg.png
192.124.249.130200 OK 30 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/04/logoggg.png
IP 192.124.249.130:0
File type PNG image data, 178 x 146, 8-bit/color RGBA, non-interlaced\012- data
Hash ff3c80624594a7592be3502c0b4d98f1
659c88fc906cdbef0cb333e7935c702febceaeba
c8efa417bb873e0796e5b80769d07211b32cc627142a39859e7ec37fecfaa22a
GET /wp-content/uploads/2018/04/logoggg.png HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: image/png
Content-Length: 30329
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 29 Apr 2018 08:30:52 GMT
ETag: "f0032c-7679-56af88e192700"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 29 Nov 2022 06:32:39 GMT
Age: 22211
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
raviangroupllc.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.5
192.124.249.130200 OK 7.0 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.5
IP 192.124.249.130:0
File type ASCII text, with very long lines (29149)
Hash 1f136e3b44187b5c6d39b2bd08bff23c
4af37a76c9992f1ba6d263d3078bf0491b9c9cfc
c0d861d892f17f9e2c65ff0433d3352d5a8d6b9b24d5d1569768fe89ffcc4a87
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.5 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 7017
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:24 GMT
ETag: "ec10ea-72d4-5cd3fcb81f5cf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.5
192.124.249.130200 OK 7.0 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.5
IP 192.124.249.130:0
File type ASCII text, with very long lines (25862)
Hash ed791c5b33eb37069a03a4bc94773828
3944a9d5a2507a696969bfe89ba3e8cc07a4683c
4741edb84ad5b154de2ccf4041eb65cd52ab5c0b3c5949b6d82ef915abfc3a25
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.5 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: application/javascript
Content-Length: 7036
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Oct 2021 00:39:24 GMT
ETag: "ec10f0-65f0-5cd3fcb82f3b7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221669712235947%22
34.102.187.140200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221669712235947%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash 79e5d548d5fe8f73944fd73927ab0648
78f400e7edca7513a279fd7f62c73643ab76079d
1e2717dfa6e5ba45f388753a7104b2acfc826af22d873d8c1408ae08320f5529
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221669712235947%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Tue, 29 Nov 2022 12:02:19 GMT
cache-control: public,max-age=3600
age: 2431
last-modified: Tue, 29 Nov 2022 08:57:15 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
raviangroupllc.com/wp-content/uploads/2018/05/Ravian-03-3.jpg
192.124.249.130200 OK 76 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/Ravian-03-3.jpg
IP 192.124.249.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2018:05:02 11:14:45], baseline, precision 8, 1600x500, components 3\012- data
Hash 70f9cae3c4b73a0144ddb799fe077294
31d1dd2bd01096b280bbb3d1cf84a346f1c355a6
be55757d4b3191a229aa21eaf05059fda68d843f1e5ef47d7e88d2dacafba6d6
GET /wp-content/uploads/2018/05/Ravian-03-3.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: image/jpeg
Content-Length: 76226
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2018 06:48:47 GMT
ETag: "f0043b-129c2-56b337a8b31c0"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22
34.102.187.140200 OK 6.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (6593), with no line terminators
Hash 173414a662e4d0d6c29b893819284fcc
e7823586afc7d40c1ffd732e3f0f98d22f9cb6b6
28a589a49cbca81692eb7cc6bb2725f5d56b11238143a58c97f33260a81eb750
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6593
via: 1.1 google
date: Tue, 29 Nov 2022 12:41:38 GMT
cache-control: public,max-age=3600
age: 72
last-modified: Mon, 21 Nov 2022 18:37:18 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: F3TSF83kPztikgQnXaX33GTaMi3pFjnqkhwDaWTwlcEEXLS/KAfwLd+Zg0YfEBIpG1/HYdINXbM=
x-amz-request-id: 2HWVT0K64XYWRWC8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 12:42:30 GMT
age: 20
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
raviangroupllc.com/wp-content/uploads/2018/05/r6-01.jpg
192.124.249.130200 OK 90 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/r6-01.jpg
IP 192.124.249.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2018:05:17 15:38:33], baseline, precision 8, 1600x500, components 3\012- data
Hash 2f59b245d8708905ee0ae3e73adb6402
2920e34bca5907a27d43e2a440671d043233bdb1
8bc51285adc42d91b9213eacb06db5afe6b78094f2159aa0556aa966cac72227
GET /wp-content/uploads/2018/05/r6-01.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: image/jpeg
Content-Length: 90220
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 May 2018 07:10:28 GMT
ETag: "f0045d-1606c-56c75a58ce100"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/uploads/2018/05/r3-01-1.jpg
192.124.249.130200 OK 97 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/r3-01-1.jpg
IP 192.124.249.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2018:05:17 15:38:51], baseline, precision 8, 1600x500, components 3\012- data
Hash fe6519c0412fa90f199f3b728296211c
20eb8bc10b7521c7fea6aa9e8abfd9da68cad239
3849571c7ca861ec0a5c2cd67a0999d7b274468127d51326c3a3233ceae7b467
GET /wp-content/uploads/2018/05/r3-01-1.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: image/jpeg
Content-Length: 96825
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 May 2018 06:39:45 GMT
ETag: "f00424-17a39-56c7537b2ee40"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/uploads/2018/05/about-us-section-ravian-e1526645034295.jpg
192.124.249.130200 OK 14 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/about-us-section-ravian-e1526645034295.jpg
IP 192.124.249.130:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 762x762, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 431x245, components 3\012- data
Hash b3a850a8d63203c4cab0a53acbcc2ab0
09ff08d5eb560d219501b1088ca2c1f1a40e1ce5
4935f13e2a14809070306681a43c686598a8b3c8be46da582ed9837216f046a2
GET /wp-content/uploads/2018/05/about-us-section-ravian-e1526645034295.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:51 GMT
Content-Type: image/jpeg
Content-Length: 13709
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 May 2018 12:03:54 GMT
ETag: "f00490-358d-56c79bef31e80"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669668934947&_since=%221666279968541%22
34.102.187.140200 OK 27 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669668934947&_since=%221666279968541%22
IP 34.102.187.140:0
File type ASCII text, with very long lines (27290), with no line terminators
Hash 61c6cc1388024d68d3f76b1de7a66cab
59577fca8a8018022176343c4c315dd3ab281866
12fc627ceb6c8d883656efc2c13494924287949b74704f0d8eb265fdece68240
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669668934947&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 27290
via: 1.1 google
date: Tue, 29 Nov 2022 11:49:19 GMT
cache-control: public,max-age=3600
age: 3212
last-modified: Mon, 28 Nov 2022 20:55:34 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
raviangroupllc.com/wp-content/uploads/2018/05/r9-01.jpg
192.124.249.130200 OK 90 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/r9-01.jpg
IP 192.124.249.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2018:05:17 15:42:05], baseline, precision 8, 1600x500, components 3\012- data
Hash d7662181391c83f8f53daffb5e77dc84
4ef8c6246a8267e867dae41cfcccd9ef866276e4
e6b2724b1c5e658c95704b68ab5289fd52133e184883fa822414a8522d20f458
GET /wp-content/uploads/2018/05/r9-01.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: image/jpeg
Content-Length: 90440
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 17 May 2018 12:14:16 GMT
ETag: "f00481-16148-56c65c62eb600"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/uploads/2018/05/r8.jpg
192.124.249.130200 OK 86 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/r8.jpg
IP 192.124.249.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2018:05:17 15:40:29], baseline, precision 8, 1600x500, components 3\012- data
Hash 4d6a250d8e956859e769f363894f4308
b21b89485cf33312073db1abcd41d7533b96fc34
658d9a06e40820bdabb9a2720be334101b590c5c193ad66a9ea8e962ee848729
GET /wp-content/uploads/2018/05/r8.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:51 GMT
Content-Type: image/jpeg
Content-Length: 86151
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 17 May 2018 12:34:24 GMT
ETag: "f004ab-15087-56c660e2f5400"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/uploads/2018/05/r11-01.jpg
192.124.249.130200 OK 94 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/r11-01.jpg
IP 192.124.249.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2018:05:17 15:44:22], baseline, precision 8, 1600x500, components 3\012- data
Hash b02936cd10073f7806c3e4ccde9a99fc
9af7ac3b55977a56871ec1fe8f53611b83821a94
ddb825e11e073e6d051bb0380e9a1a3cf22065b52718fb3e55effa9a71a510fe
GET /wp-content/uploads/2018/05/r11-01.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: image/jpeg
Content-Length: 94041
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 17 May 2018 12:35:34 GMT
ETag: "f0043d-16f59-56c66125b7180"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/uploads/2018/05/service2.jpg
192.124.249.130200 OK 52 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/service2.jpg
IP 192.124.249.130:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x162, components 3\012- data
Hash 626336fc6a4ec384dfd882100249017e
66d0443c0a428756e50d2b6e76045c6443d7422f
4a49d27873a681e9c711d13bf1751d0315eb5648142d17f2aee51743dc0f2178
GET /wp-content/uploads/2018/05/service2.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:51 GMT
Content-Type: image/jpeg
Content-Length: 51781
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 May 2018 12:45:41 GMT
ETag: "f00485-ca45-56c7a5460e740"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
192.124.249.130200 OK 7.5 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP 192.124.249.130:0
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://raviangroupllc.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:51 GMT
Content-Type: font/woff
Content-Length: 7536
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Apr 2018 10:43:59 GMT
ETag: "ec1657-1d70-56aa9f2cb99c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/uploads/2018/05/hospitality-bg.jpg
192.124.249.130200 OK 26 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/hospitality-bg.jpg
IP 192.124.249.130:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x162, components 3\012- data
Hash 1a53fe72746d239826a425df6011c926
68969030f7b3d70366e83dc45868063c79c0eed1
cd240ba0ea6cc1c705b6d97cb1676ecdb24989971da82a36e0cabc89e619fb03
GET /wp-content/uploads/2018/05/hospitality-bg.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:51 GMT
Content-Type: image/jpeg
Content-Length: 26036
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sat, 19 May 2018 05:49:36 GMT
ETag: "f004a9-65b4-56c88a2309c00"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
34.102.187.140200 OK 681 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash 01e6d8f0887454b033cd3d4cdb2f39f8
befee34a8f5c745b16752b061fdaa701e209ac8c
68f4889979f90605fd4fe35053efa202a5ced22b40bf321f51a2d7e97d49fbdc
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Tue, 29 Nov 2022 12:18:51 GMT
cache-control: public,max-age=3600
age: 1440
last-modified: Sun, 27 Nov 2022 16:36:54 GMT
etag: "1669567014153"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
raviangroupllc.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
192.124.249.130200 OK 2.5 kB URL HTTP/1.1 raviangroupllc.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 192.124.249.130:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:51 GMT
Content-Type: image/gif
Content-Length: 2545
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Apr 2018 10:43:58 GMT
ETag: "ec1126-9f1-56aa9f2bc5780"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/uploads/2018/06/ezgif.com-gif-maker.jpg
192.124.249.130200 OK 138 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/06/ezgif.com-gif-maker.jpg
IP 192.124.249.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x500, components 3\012- data
Size 138 kB (138506 bytes)
Hash 7bed91066a9c701be3d2ac882ebc8d76
d33121a6032640e4bab8b5f23d2ec45aedb46fb3
2bc7da1946f4295aaa9f7afdd162d373af6eb414aeaf80db95969a6b75af382e
GET /wp-content/uploads/2018/06/ezgif.com-gif-maker.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:50 GMT
Content-Type: image/jpeg
Content-Length: 138506
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jun 2018 10:52:44 GMT
ETag: "f003ca-21d0a-56e6faa787700"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
34.102.187.140200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1504), with no line terminators
Hash b480aba9ecded00911f29a626460b51a
ab390c2fdec3566f044afc6441e0bead2c854c3a
045742eee1dfc1cb13696b18f5e657dac32df0bcac9650e85d623547cda6a393
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1504
via: 1.1 google
date: Tue, 29 Nov 2022 11:43:08 GMT
cache-control: public,max-age=3600
age: 3583
last-modified: Sun, 27 Nov 2022 16:36:43 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
raviangroupllc.com/wp-content/uploads/2018/05/service7.jpg
192.124.249.130200 OK 62 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/service7.jpg
IP 192.124.249.130:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x162, components 3\012- data
Hash f8e40344f8f6587da151f6ab46a5d7bb
b2c0538bf72a63721e6cf04aada8597628589e38
a4e5c4519b3bf5364087836b1d8b8787020ce354e0445a46573e89a95d521fd3
GET /wp-content/uploads/2018/05/service7.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:51 GMT
Content-Type: image/jpeg
Content-Length: 62322
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 May 2018 13:46:08 GMT
ETag: "f00457-f372-56c7b2c908800"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669390557029&_since=%221666483264567%22
34.102.187.140200 OK 51 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669390557029&_since=%221666483264567%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (51208), with no line terminators
Hash 21b6a1c29930dd71addd901f726cce7d
fb0e9b091e6f6f41bbf72a4857653745b9f7ddba
7f75908497bee301b1803d7ec5a6ca5301de05da4c89832be9ab6e4f5e4884df
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669390557029&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 51208
via: 1.1 google
date: Tue, 29 Nov 2022 12:42:12 GMT
cache-control: public,max-age=3600
age: 39
last-modified: Fri, 25 Nov 2022 15:35:57 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
raviangroupllc.com/wp-content/uploads/2018/04/Ravain-fevicon-01.png
192.124.249.130200 OK 8.2 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/04/Ravain-fevicon-01.png
IP 192.124.249.130:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash e6221ef7a6708603e53684312fa59308
4f0a61426d9a8ffe32b0d58be9ac27d423d01452
1e415da9a7ee518d299358c870e05baee30775a94cc123e36c7554e02a5b8677
GET /wp-content/uploads/2018/04/Ravain-fevicon-01.png HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:51 GMT
Content-Type: image/png
Content-Length: 8214
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Apr 2018 09:17:31 GMT
ETag: "f002bd-2016-56b0d52c5e0c0"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
34.102.187.140200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Hash 26b3a5820cb75c442a39a3f8c56a1212
241fb08f23be561100840e18bcff0e6ed9c053df
95ee3ea4b37a3cec84225b31fc5aca4d885d816233eba2292055663714138340
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Tue, 29 Nov 2022 12:14:45 GMT
cache-control: public,max-age=3600
age: 1686
last-modified: Wed, 23 Nov 2022 16:36:44 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22
34.102.187.140200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1482), with no line terminators
Hash 9a6648141ef434591d6ed2b5598e2fa4
05473620f7d1b4f14c5c8b49f5c381f901cdd2a5
37bf328dc751deeba0ec35bcbf63fbbcf9887657b029ec4071d7a7cd75237430
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1482
via: 1.1 google
date: Tue, 29 Nov 2022 12:08:14 GMT
cache-control: public,max-age=3600
age: 2077
last-modified: Wed, 23 Nov 2022 16:36:43 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Tue, 29 Nov 2022 15:01:39 GMT
Date: Tue, 29 Nov 2022 12:42:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Tue, 29 Nov 2022 15:01:39 GMT
Date: Tue, 29 Nov 2022 12:42:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Tue, 29 Nov 2022 15:01:39 GMT
Date: Tue, 29 Nov 2022 12:42:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Tue, 29 Nov 2022 15:01:39 GMT
Date: Tue, 29 Nov 2022 12:42:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Tue, 29 Nov 2022 15:01:39 GMT
Date: Tue, 29 Nov 2022 12:42:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 28381
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 53757
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 33880
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 748366131b496e41f92e15ce7d1cd0e0
a6c7a59a6599ece2cf0e76c778c920dea94ff469
b9ea2d419742c67e2b14536379e7383524f22645b1af988d5bd72154647fc602
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4862
x-amzn-requestid: 17c6fb35-2dc8-45e4-a226-a74ba94323b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYlHXxIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d0-5a0f4f667a3747166eb2b338;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ImCYNlZ1ri4mMpJhMnoucEoQPgKly8gj7KvMPFYb6WpsoJ18WyFog==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 13:28:25 GMT
age: 83666
etag: "a6c7a59a6599ece2cf0e76c778c920dea94ff469"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73001f7390ae3a80bbbaa9d9bacbe488
f0410522b6dad8ebcbc2a64ff2193bafcfdc862e
49c02723bab596584abe2dd3dcb11c660538516587911ee033dd0e6e8ea5889f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6716
x-amzn-requestid: 51e9f59e-558e-4bb4-8db5-741e0272f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV3cHHwqIAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63856c4d-48ecac9a4da2995b41abec49;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 02:19:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1qxn5KqRfOJpUJWSblkCo1wwwAkdJrW1JJ8unESfiuDCs-EZlwRKeg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:25:43 GMT
age: 37028
etag: "f0410522b6dad8ebcbc2a64ff2193bafcfdc862e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 52856
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
raviangroupllc.com/wp-content/uploads/2018/05/r3-01-1-100x50.jpg
192.124.249.130200 OK 2.4 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/r3-01-1-100x50.jpg
IP 192.124.249.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 100x50, components 3\012- data
Hash d84314e00551cd8a031db5a725e07d51
aef65e3d9da74196a62fe4298f734b7194fb48c1
674b74e4e5380d1b503ad4d425aabb6abd6f728dc7bb11da8189636c8f738ae2
GET /wp-content/uploads/2018/05/r3-01-1-100x50.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:52 GMT
Content-Type: image/jpeg
Content-Length: 2359
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 May 2018 06:47:46 GMT
ETag: "f0043f-937-56c75545e6880"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
raviangroupllc.com/wp-content/uploads/2018/05/r8-100x50.jpg
192.124.249.130200 OK 1.7 kB URL HTTP/1.1 raviangroupllc.com/wp-content/uploads/2018/05/r8-100x50.jpg
IP 192.124.249.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 100x50, components 3\012- data
Hash a59a0da035ad7ac4d14663ba5ca06909
c66ec765f29137239821c59240dc818500eca9c3
d5e22f36aa249fd33ce66bd4cef8c0acef74fd9f60c0c694928a2ca60eb944b2
GET /wp-content/uploads/2018/05/r8-100x50.jpg HTTP/1.1
Host: raviangroupllc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://raviangroupllc.com/
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 12:42:52 GMT
Content-Type: image/jpeg
Content-Length: 1715
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 17 May 2018 12:37:22 GMT
ETag: "f00498-6b3-56c6618cb6480"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 0 B URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 12:42:48 GMT
content-type: application/json
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: LA_3hAjuvVPyVkI0DXTnbo9F0doyAOfDOBYndSyy5Fb6QgDiQM2xxQ==
age: 880
content-encoding: gzip
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2