Report - www.metricbolt.com/

Report Overview

Submitted URL
www.metricbolt.com/
IP
192.124.249.15
ASN
#30148 SUCURI-SEC
Submitted
2022-10-25 16:27:30
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
246

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.7 kB	62 kB	34.120.237.76
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	321 B	229 B	34.117.237.239
ocsp.starfieldtech.com	6616	2012-06-22T20:08:50Z	2023-03-10T12:38:13Z	334 B	2.4 kB	192.124.249.22
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T13:37:03Z	962 B	65 kB	216.58.207.195
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	401 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.3 kB	4.9 kB	142.250.74.35
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	594 B	127 B	52.43.58.150
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	557 B	2.8 kB	142.250.74.10
www.metricbolt.com	unknown	2014-05-28T00:50:48Z	2023-02-01T21:29:38Z	24 kB	591 kB	192.124.249.15
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.3 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	658 B	1.6 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-25	medium	www.metricbolt.com/	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/uploads/elementor/css/post-441.css?ver=1665886949	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/uploads/elementor/css/post-432.css?ver=1665886949	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/cache/min/1/wp-content/uploads/jet-menu/jet-menu-general.css?ver=1666055533	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-tabs/assets/css/jet-tabs-frontend.css?ver=1666055533	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1666055533	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/uploads/elementor/css/post-427.css?ver=1665959444	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1666055533	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=1666055533	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.7	Malware
2022-10-25	medium	www.metricbolt.com/	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/uploads/2021/12/specialty-metric-fasteners.jpeg	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/uploads/2022/06/specialty-metric-fasteners.jpeg	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js	Malware
2022-10-25	medium	www.metricbolt.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/uploads/2022/06/metric-fasteners-suppliers.jpeg	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/uploads/2022/06/metric-aircraft-hardware.jpeg	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.ttf?5.15.0	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.ttf	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0	Malware
2022-10-25	medium	www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed
2022-10-25	medium	metricbolt.com	Sinkholed

JavaScript (20)

	URL	Size	First Seen	Last Seen
	www.metricbolt.com/	247 B	2023-03-07	2024-05-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:25 Last Seen2024-05-10 23:12:44 Times Seen769 Hash 721db0c902b41926ff7853591c2722a7 c2e7aa6e24d126125130016d0dcc0f104465e907 ca865894eae44e75b652b5d4c8cfb4dd9c1a7987302057f6b10d1e98e012e6bf Loading...

	www.metricbolt.com/	8.7 kB	2023-03-07	2024-05-08
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2024-05-08 22:28:16 Times Seen1114 Hash cd9680743225d3fd4c1b85a731dd2ec8 32741541072b130bfa55f22a4e738c5f0338f54e cdd6551cd2b3236957745d4eae454072cd51cea1fb31885069a31a34fe6c3735 Loading...

	www.metricbolt.com/	237 B	2023-03-10	2023-03-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:54:11 Last Seen2023-03-10 14:54:11 Times Seen1 Hash 62d5bc6cb6f2a62c0f138425ed2ea1d0 0b01a16c586a47aeadb47687b2f45f3245d84798 05453530d79dc78e853f92064b4b1d1a66682633f0dab4f95bea8790b76b99b6 Loading...

	www.metricbolt.com/	775 B	2023-03-10	2023-03-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:24:53 Last Seen2023-03-10 14:54:11 Times Seen1 Hash d3df564e78fef716d3e9e08bc311774c 40ecf2ce9ff49e64f53b7187df5e217303769356 1a613109b6d8387e6debdb3b15da8aa13183d0f00d34a071cdb3353f495a86c9 Loading...

	www.metricbolt.com/	667 B	2023-03-07	2024-05-11
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:47 Last Seen2024-05-11 00:26:02 Times Seen842 Hash ab289618d2289f69c082674b0f4ad302 e44dc3fa532b452160ea77fa8ea1eb5070fb8755 ce9f2d25ee23020b635302973bc7670b9e651a99488605740128303dcf7f3d3b Loading...

	www.metricbolt.com/	1.7 kB	2023-03-07	2024-05-08
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2024-05-08 13:24:01 Times Seen662 Hash cbccce433394bb6248cf2e793ab3d06b 1e2e8499792a950d13ec3775d54721273d5620ea 8c83298380e02c8e679cd80c52788ad833ec05a3e4b7f0a754b71e30c557dd09 Loading...

	www.metricbolt.com/	2.1 kB	2023-03-07	2024-05-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-10 19:47:17 Times Seen6434 Hash 9cd47ac5a0389a37b4d8e7d194e17c9a 9121da7907e37462c10ce8616f06b5c22f640744 ae37d2523200d80db4a789404c079f2cb1bb172ed526cb27909f929c9d935cda Loading...

	www.metricbolt.com/	284 B	2023-03-10	2023-03-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:01:20 Last Seen2023-03-10 16:46:34 Times Seen1 Hash 2964aa96ca26cb41ee0168765a0bf1dd a63995cac17a6a691593634ee31d9c050aa83e38 9a32e3ba8ddb18ba951f593704a60227310c34a17f8ef740445fd76a7da6126a Loading...

	www.metricbolt.com/	225 B	2023-03-10	2023-03-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:01:21 Last Seen2023-03-10 16:46:34 Times Seen1 Hash e207dcaa366329988206e1309caa7fc0 5969d7126acbe053a704a2b62f95d0178d829090 3088d5b456c9c590f1f5e3a7ddf63de744598f0223ee4174d22b5aaae8577a8c Loading...

	www.metricbolt.com/	1.2 kB	2023-03-07	2024-05-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2024-05-10 08:27:31 Times Seen1926 Hash 54c76949376f478f54c57e967eaebc1b 2f63cb8b3b29b65452a31ed0710ee99986a2a73f c4ffc4c8c721af22615995bfc01a1c144763c14f7aead0f28cad9c164a7e639b Loading...

	www.metricbolt.com/	720 B	2023-03-10	2023-03-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:54:11 Last Seen2023-03-10 14:54:11 Times Seen1 Hash 565f3299a41ce64bbf9188a85399b353 2556e270a43cd39ac95ed20272e4be79b14d9ff4 02196c27d102f2435e9d7aa7451deea4d6180ba2ee98a23d38ad19660cccc6f9 Loading...

	www.metricbolt.com/	1.8 kB	2023-03-07	2024-05-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:48 Last Seen2024-05-10 17:23:37 Times Seen15131 Hash d8c8affb8db50a19f545450d49ec3509 c3b2998aff813284ea71334180093b95f53d5d5d 7cf5deb705b1e36e7c8cbdb9e8eacdb50432bc5551e3f068b647992ad7e4e784 Loading...

	www.metricbolt.com/	1.4 kB	2023-03-07	2024-05-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:53 Last Seen2024-05-10 12:22:28 Times Seen723 Hash 4c08d8c2ce8faf62e5d66e8364a6d881 ab090a0c6e7ce35c8da2a1c82ff36d0f8a2572d5 f7f5f6e9cf00e218439b997c3e68cd435dfa97bae7c751a7f715ecdb3dddba9f Loading...

	www.metricbolt.com/	3.4 kB	2023-03-07	2024-05-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-10 19:47:17 Times Seen6244 Hash a94b76e45c11675df9f26fd25a8e4359 1cd29363bb1b514e6f7ef031f1831008df181f17 4569f5c3704a88394335b0fabccd6460ba5e582c3058f9286f42cc589da02899 Loading...

	www.metricbolt.com/	476 B	2023-03-07	2024-05-11
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-11 00:26:02 Times Seen15793 Hash ce71388c2d441cfb9ef0985bc4e5bb71 1e74c490ed76f671eb45ab0b45c9c9f5b9b89f0f efb5a648656ae8f944fbf74e5644126464160ab50197a288c8b587e74edd575a Loading...

	www.metricbolt.com/	766 B	2023-03-10	2023-03-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:54:11 Last Seen2023-03-10 14:54:11 Times Seen1 Hash ba62360d85940425683040e9282b5bb9 9d07bd66b07cc6586ee48cbc641903d803a3630e 60b0a881268b643c578e44fb21070d8f4299774fcbb40dd1d1558563854f9914 Loading...

	www.metricbolt.com/	449 B	2023-03-10	2023-03-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:54:11 Last Seen2023-03-10 14:54:11 Times Seen1 Hash e6b3dd99eafb39708b2ff407f7f1446f b5c8c66e533afebdaeff42c963e86a8ad2344ce0 1c614f71aa638048a12c5edd88f5fd7eca813f8443b5830cdcaf49a493dbfc08 Loading...

	www.metricbolt.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js	8.3 kB	2023-03-07	2024-05-10
Pretty URL www.metricbolt.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:43 Last Seen2024-05-10 10:26:20 Times Seen3102 Hash b00219cb958052cb557115d55f0c8d48 3c55bbf5a8082db61decff924aaf787f4337df86 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6 Loading...

	www.metricbolt.com/	166 B	2023-03-10	2023-03-10
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:01:21 Last Seen2023-03-10 16:46:34 Times Seen1 Hash a05a214920a5edb6bba8eab2b031f3c1 fd0dc64ddd293650e2c8e5ac8f8debfabc3d4156 67f2680a43ed65dab289ad1f721495a27048a4bfeb85531aa6bb9b3614a9bdf8 Loading...

	www.metricbolt.com/	560 B	2023-03-08	2024-05-08
Pretty URL www.metricbolt.com/ IP 192.124.249.15 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2024-05-08 03:54:28 Times Seen425 Hash 1710e39bbb0e1b02b82520dc42f4c10d ee803134e28f77cff359a3e5400d97fc0c15fab5 d28a1232f9bda425e800419e3a68a8571766d7fe19140267e65c23fbadc47ce2 Loading...

HTTP Transactions (81)

URL IP Response Size

www.metricbolt.com/

192.124.249.15

301 Moved Permanently

162 B

URL HTTP/1.1
www.metricbolt.com/
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Tue, 25 Oct 2022 16:27:19 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
X-Sucuri-ID: 19015
Location: https://www.metricbolt.com/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5952
Expires: Tue, 25 Oct 2022 18:06:31 GMT
Date: Tue, 25 Oct 2022 16:27:19 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6393
Cache-Control: max-age=154225
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 16:27:19 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 11:17:44 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9082
Expires: Tue, 25 Oct 2022 18:58:41 GMT
Date: Tue, 25 Oct 2022 16:27:19 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: DRw1xKEUfyfRApsxzG9fw3Zc91SJysT9NO2QTuOw8e3pJUIp3P/FhIUBCVdwMok33jWP/nxLF+Q=
x-amz-request-id: AJD5RX741XWP4405
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 25 Oct 2022 15:38:51 GMT
age: 2908
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
2f0ee3ae20af63312b24977396771aac
e400c86b0be24f84cb20556f08168f610ceac142
74b5ee0765603d37a757b4994bb5c11659bb6b9f993b8044040969a35e98fd02

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 25 Oct 2022 16:27:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 25 Oct 2022 00:46:48 GMT
Expires: Wed, 26 Oct 2022 00:46:48 GMT
ETag: "e400c86b0be24f84cb20556f08168f610ceac142"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5196
Cache-Control: max-age=147965
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 16:27:19 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 09:33:24 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 16:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.43.58.150

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.58.150:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gFdiItUDUlY3odcLOQOClw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s8BJ1FSk+CzlKAO7JGtwE2Irh1Y=

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 16:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.metricbolt.com/wp-content/uploads/2021/12/metric-bolt-military-fasteners.png

192.124.249.15

200 OK

1.2 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2021/12/metric-bolt-military-fasteners.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 1911 x 137, 4-bit colormap, non-interlaced\012- data
Size
1.2 kB (1207 bytes)
Hash
41719b7e20ba3dc55cba6838391b3b3a
6ae2fe43ecebb67947de2424370f4c06e9efec48
051246fef526253a96eaa1e970ecbb855e8eb2b890f8348d5cc53fdd6ac1ca84

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/12/metric-bolt-military-fasteners.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:20 GMT
content-type: image/png
content-length: 1207
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 04 Oct 2022 22:14:24 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 16:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 16:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 16:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 16:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.metricbolt.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 16:40:18 GMT
expires: Fri, 20 Oct 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 431222
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

216.58.207.195

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.metricbolt.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 22:19:11 GMT
expires: Tue, 24 Oct 2023 22:19:11 GMT
cache-control: public, max-age=31536000
age: 65289
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 16:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.metricbolt.com/wp-content/uploads/elementor/css/post-441.css?ver=1665886949

192.124.249.15

200 OK

531 B

URL HTTP/2
www.metricbolt.com/wp-content/uploads/elementor/css/post-441.css?ver=1665886949
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (789), with CRLF line terminators
Size
531 B (531 bytes)
Hash
a19af1fb464c995f40b0e05716959995
69209e3aa8dd7eca4ebc85b099bbcfd752cbcdb3
da0009079841aa583c9f65955c30452e1c97c727423848a88e872edb1cd5c099

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-441.css?ver=1665886949 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:20 GMT
content-type: text/css; charset=utf-8
content-length: 531
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Sun, 16 Oct 2022 02:22:29 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1

192.124.249.15

200 OK

3.7 kB

URL HTTP/2
www.metricbolt.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (15672), with no line terminators
Size
3.7 kB (3725 bytes)
Hash
607799bfa5d48117a95cd9dda8a17c2b
9a969f06c70600b753b160db19a5d37c9d249d10
78f67e192604e0dca624c2dcc8ea7cd6c54e14fe15918e7c9586ec1a22775876

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 3725
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Wed, 03 Aug 2022 03:39:47 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-menu/integration/themes/hello-elementor/assets/css/style.css?ver=1666055533

192.124.249.15

200 OK

103 B

URL HTTP/2
www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-menu/integration/themes/hello-elementor/assets/css/style.css?ver=1666055533
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
36cb5e0b5dde1c343275b9b30673cb7f
228b1840d676e796d8099f5fa6f47a29dcb4e62e
8d76d36026f982ad7823ce9eeb96c78071a5d7ac64b09ec52c28e18cda4bbe5a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/jet-menu/integration/themes/hello-elementor/assets/css/style.css?ver=1666055533 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 103
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 18 Oct 2022 01:12:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=5.187

192.124.249.15

200 OK

335 B

URL HTTP/2
www.metricbolt.com/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=5.187
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (591), with no line terminators
Size
335 B (335 bytes)
Hash
17aa5d3c0558879a93af1aa2fc964bbe
c3f17a02f000847914be8e5b5b6dbb2e2c7a902f
868c3a5984362a329ef60998295427c32710a7d11c4f2d8d1cdffbd5196a4b41

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=5.187 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 335
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 20 Oct 2022 11:09:16 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1

192.124.249.15

200 OK

2.3 kB

URL HTTP/2
www.metricbolt.com/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (6051), with no line terminators
Size
2.3 kB (2332 bytes)
Hash
c0a774e614f840a7f380a9aa68f16ac3
d42d9e9c586feba86b3accaf869ca2a365469b54
294b8486de91d8403977d27d636c158fe64ed0c93ce11902ed2f2b10f31d113f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 2332
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Wed, 03 Aug 2022 03:39:47 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

142.250.74.10

200 OK

2.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5125)
Size
2.1 kB (2054 bytes)
Hash
dc7684932323459a03b960f165141505
9fdf6c7d4c699678a4ec291cbdf18a8bc532266b
1b7a9f62cb163a3cd72c29721dccd7ac62cc44b09b82075de63cde51452519ba

HTTP Headers

GET /css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 25 Oct 2022 16:27:20 GMT
date: Tue, 25 Oct 2022 16:27:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0

192.124.249.15

200 OK

4.4 kB

URL HTTP/2
www.metricbolt.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (26516)
Size
4.4 kB (4436 bytes)
Hash
a1f6dbc278f1e8065888665c6f5401fa
a4773b7404f51ff32c42f5690e0d7d3c5b17081f
54c0e3379aa4f5aa469fbc17e0e3bab1df35cfe73ff6fdd901429ccecd18c863

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 4436
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Mon, 15 Aug 2022 22:54:05 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1666055533

192.124.249.15

200 OK

4.1 kB

URL HTTP/2
www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1666055533
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (19629)
Size
4.1 kB (4053 bytes)
Hash
b8678fb6a5777c9f95a6d6af841de013
7842d6618d8d0a8d8b8d4d7c27389960e84ebc6a
4cbe9e7d4061a95977d055fe040554bd3c88e1f40825f45a0778e1fbed77fb1f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1666055533 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 4053
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 18 Oct 2022 01:12:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/elementor/css/global.css?ver=1665886948

192.124.249.15

200 OK

16 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/elementor/css/global.css?ver=1665886948
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
16 kB (15949 bytes)
Hash
9c0bb91adbba5db0a5eb29bdf670c4c1
60548294adbb5fbd5fa960dd5a575ab5871d3f42
4081af8bd2282c7acbe62995d6ae39a366c991f44d6b6ddbfc520d3cb81a33e3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1665886948 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 15949
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Sun, 16 Oct 2022 02:22:28 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/elementor/css/post-432.css?ver=1665886949

192.124.249.15

200 OK

2.9 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/elementor/css/post-432.css?ver=1665886949
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (11787), with CRLF, LF line terminators
Size
2.9 kB (2945 bytes)
Hash
cdcaabd47800665580b505bb23c3405e
7ac537f70d44046d37b05ef3927daaac2de8b60b
7a0812b9fec2e1e3ffc4704b59ba7f162e5efb199b97669eb8b3fcd8ca9b5265

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-432.css?ver=1665886949 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 2945
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Sun, 16 Oct 2022 02:22:29 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/cache/min/1/wp-content/uploads/jet-menu/jet-menu-general.css?ver=1666055533

192.124.249.15

200 OK

171 B

URL HTTP/2
www.metricbolt.com/wp-content/cache/min/1/wp-content/uploads/jet-menu/jet-menu-general.css?ver=1666055533
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (336), with no line terminators
Size
171 B (171 bytes)
Hash
f54f578b5db0d32e1d07cc5cd8703664
e13f8322867ece893231a0cbda16982ecd2cc69f
b5069f2f643c9bb7446b44718f59005eb2d3b48a0576b9d5b6f985bbc5269fe8

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/min/1/wp-content/uploads/jet-menu/jet-menu-general.css?ver=1666055533 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 171
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 18 Oct 2022 01:12:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-tabs/assets/css/jet-tabs-frontend.css?ver=1666055533

192.124.249.15

200 OK

6.6 kB

URL HTTP/2
www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-tabs/assets/css/jet-tabs-frontend.css?ver=1666055533
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (33539), with no line terminators
Size
6.6 kB (6592 bytes)
Hash
b33f1016f2dda5a10700f2e1ac0152fe
82cf16c3fdd51ed165a5bcfd9596d2371fcd8de1
794bd90d47ecd7422a4464e76192a97f24eacca26408d92af42a8fe5d87df1fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/jet-tabs/assets/css/jet-tabs-frontend.css?ver=1666055533 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 6592
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 18 Oct 2022 01:12:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1666055533

192.124.249.15

200 OK

360 B

URL HTTP/2
www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1666055533
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (896)
Size
360 B (360 bytes)
Hash
d2bfc53854ba982c3fac734ddc991acf
25ce4c0c5b9e1736e7ec1211b1ca8dda71aa4429
0885f3f0b6d1293587b5d22020f2bf5ddf8031e744d604c6d0998933ebf528af

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1666055533 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 360
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 18 Oct 2022 01:12:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/elementor/css/post-427.css?ver=1665959444

192.124.249.15

200 OK

1.7 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/elementor/css/post-427.css?ver=1665959444
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (7398), with no line terminators
Size
1.7 kB (1687 bytes)
Hash
ea5e8c5c6d4d30f6509fb959eb939d9a
d2824c14f6e566c5cc654d8c002ff068ea5166ea
95757231031dca41eada9217922b2f43ba0ad07ef6e87f55a96b519ea2155da9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-427.css?ver=1665959444 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 1687
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Sun, 16 Oct 2022 22:30:44 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1666055533

192.124.249.15

200 OK

357 B

URL HTTP/2
www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1666055533
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (904)
Size
357 B (357 bytes)
Hash
3b755cf88098f9e62502971079c92875
7c5ad9fa5efe69b0821c1c2cc60d10383943881c
a154fb4623adb75dcedb3b23f852d8c3e6a52d72accbe990378ab5a6441231ff

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1666055533 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 357
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 18 Oct 2022 01:12:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2

192.124.249.15

200 OK

13 kB

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Size
13 kB (13306 bytes)
Hash
c4d3f698e2397e4b9395afddbac34990
19209fe78c3081556863a41e19be583dd94b8916
e935f223236d5704ef9374885e77a0637ddd50688411f5824723a7b1b3016d26

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: font/woff2
content-length: 13306
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 17 Jun 2021 15:07:24 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=1666055533

192.124.249.15

200 OK

3.9 kB

URL HTTP/2
www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=1666055533
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (17707), with no line terminators
Size
3.9 kB (3903 bytes)
Hash
ed698d3e1a427b502727eeb6f0152c18
3d4e6d6d1ac1e8fffa95f1ec0bb39cf8ad4c26bc
f7a5e74fc7c583fee088fc6683c2cb8b58a25124776e58850f0c8362e87833bf

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=1666055533 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 3903
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 18 Oct 2022 01:12:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

192.124.249.15

200 OK

13 kB

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (57726)
Size
13 kB (12577 bytes)
Hash
dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 12577
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 17 Jun 2021 15:07:24 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff

192.124.249.15

200 OK

16 kB

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
Web Open Font Format, TrueType, length 16276, version 331.-31261\012- data
Size
16 kB (16253 bytes)
Hash
7907c0e61893a90e25be1c5269e2b19f
82cc89607f40fb49d1634ff524612825c44c2121
799d9dbe7e25e043c72def99590e5cc5644615510a110545e5bed9833e15c3ab

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: font/woff
content-length: 16253
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 17 Jun 2021 15:07:24 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/elementor/css/post-7.css?ver=1665886948

192.124.249.15

200 OK

4.5 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/elementor/css/post-7.css?ver=1665886948
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (24446), with no line terminators
Size
4.5 kB (4475 bytes)
Hash
9c5fd7a1f7bd6d62b7a743259995e8ce
0d1e97332cddcbcebba942984fb200a8cd8466a5
203cf2128e3a85e51df786b8c135b905205e0bbeca1bd28f018733f941ea519d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-7.css?ver=1665886948 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 4475
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Sun, 16 Oct 2022 02:22:28 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.7

192.124.249.15

200 OK

1.9 kB

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.7
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (11487)
Size
1.9 kB (1885 bytes)
Hash
9538d7786a3e96598030c9da70f42a61
20970723e8d958016a8e78ed6f52721c1bd41b40
ee90c0e33ee7275e3349e97b3f74589de1618f969b7fff4094d883d9cd0935e5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.7 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 1885
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 20 Sep 2022 20:03:00 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/

192.124.249.15

200 OK

55 kB

URL HTTP/2
www.metricbolt.com/
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20933)
Size
55 kB (54585 bytes)
Hash
97aa080cf6ccb1592fad9cf7b6b6b513
6a21a37b292425874604133e0d5e7c1eb42c4099
9865cf7f3cb82d28df9378dea22fa94f07283e50b61899a7e06db3c5c015b59c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:20 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 25 Oct 2022 11:03:45 GMT
cache-control: max-age=0
expires: Tue, 25 Oct 2022 16:27:19 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2021/12/specialty-metric-fasteners.jpeg

192.124.249.15

200 OK

18 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2021/12/specialty-metric-fasteners.jpeg
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x481, components 3\012- data
Size
18 kB (18168 bytes)
Hash
f289feb43f490bb14872865d5404ba28
f488c0538a5194748b65c4e9ecf1588c72df9859
18fc696a53fbeca570564a956064b41c1a95a631783b01ce953c0cb4b9d0b5b2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/12/specialty-metric-fasteners.jpeg HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/wp-content/uploads/elementor/css/post-432.css?ver=1665886949
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/jpeg
content-length: 18168
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Sat, 11 Jun 2022 02:31:45 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2022/06/specialty-metric-fasteners.jpeg

192.124.249.15

200 OK

18 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2022/06/specialty-metric-fasteners.jpeg
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x481, components 3\012- data
Size
18 kB (18168 bytes)
Hash
f289feb43f490bb14872865d5404ba28
f488c0538a5194748b65c4e9ecf1588c72df9859
18fc696a53fbeca570564a956064b41c1a95a631783b01ce953c0cb4b9d0b5b2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/06/specialty-metric-fasteners.jpeg HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/wp-content/uploads/elementor/css/post-432.css?ver=1665886949
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/jpeg
content-length: 18168
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 09 Jun 2022 02:06:36 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js

192.124.249.15

200 OK

3.3 kB

URL HTTP/2
www.metricbolt.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (8290)
Size
3.3 kB (3270 bytes)
Hash
2449a77badee23a0201f15cf944a9c19
ef49f2c5417427fadfcf2576b2abb36d95219cf6
16e6ae5c7a55506aef550837228b621a5f5a791a3af0ac6ded4a2e41a3fee0f3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 3270
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Mon, 26 Sep 2022 18:57:22 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

192.124.249.15

200 OK

17 kB

URL HTTP/2
www.metricbolt.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (43771)
Size
17 kB (16594 bytes)
Hash
2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 16594
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 20 Oct 2022 08:53:45 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=1666055533

192.124.249.15

200 OK

12 kB

URL HTTP/2
www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=1666055533
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
12 kB (12360 bytes)
Hash
55560260e16446ab793cebb1ddb71c89
3078440bf09ce5dac410ebee5e52b7e55df9681f
34f416b7112283c62ed64546b0af583019d2d77845e50c77e9dd9d51a1a6b4b9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=1666055533 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 12360
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 18 Oct 2022 01:12:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=1666055533

192.124.249.15

200 OK

13 kB

URL HTTP/2
www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=1666055533
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (58395)
Size
13 kB (12653 bytes)
Hash
fdb763f223a927f396f6885fac322d3c
1d740afd409e10bc3c5bad14111a518178295158
05b26dc5971739296aa0490722fecc93d56eb61c4b777c4a89a9b619be8db05e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=1666055533 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
content-length: 12653
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 18 Oct 2022 01:12:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0

192.124.249.15

200 OK

93 kB

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Size
93 kB (93372 bytes)
Hash
aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1666055533
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: font/woff2
content-length: 93372
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Mon, 01 Aug 2022 05:11:38 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2021/12/2.png

192.124.249.15

200 OK

8.5 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2021/12/2.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 280 x 280, 8-bit/color RGB, non-interlaced\012- data
Size
8.5 kB (8530 bytes)
Hash
8fd54d99119e03b5d090b8e0482c1843
ceb3aefbb5e584f3e8dd1f768fd60038c496ad81
899609702c4920d031d061f5939bdc50619caef28cfdc445d48c59787ba2b09c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/12/2.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/png
content-length: 8530
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 20 Jan 2022 19:57:14 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2021/12/3.png

192.124.249.15

200 OK

9.5 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2021/12/3.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 280 x 280, 8-bit/color RGB, non-interlaced\012- data
Size
9.5 kB (9501 bytes)
Hash
70b67297486111e06bc3f99227200db1
768695290d615ed094c81a824b2d63b8bb011d01
9f76afcee35edffa69f4f25ed48980f19b1aacc7f34f800376fc4bbf043d1591

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/12/3.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/png
content-length: 9501
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 20 Jan 2022 19:57:15 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2021/12/4.png

192.124.249.15

200 OK

10 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2021/12/4.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 280 x 280, 8-bit/color RGB, non-interlaced\012- data
Size
10 kB (10040 bytes)
Hash
9722f201b3e310b6838fecd4489168a0
e95fe6c5a14052578b2b583f3dc02f1202781889
ce9709a6ebc4e7c1b044dc3fedd9bd2b9aa57a9a7b40b2f2f4ce9e1f8a1cd1ee

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/12/4.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/png
content-length: 10040
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 20 Jan 2022 19:57:15 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2021/12/5.png

192.124.249.15

200 OK

12 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2021/12/5.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 280 x 280, 8-bit/color RGB, non-interlaced\012- data
Size
12 kB (12380 bytes)
Hash
568e3eedd75c6353439904887be505d1
96aec098f7773e4b76adf4c376658d1b0dfc9008
a578c44274029fd89f8afeee39154ecbdea15339b9d5a4d6fb4c807c1ead1549

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/12/5.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/png
content-length: 12380
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 20 Jan 2022 19:57:15 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2021/12/6.png

192.124.249.15

200 OK

7.5 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2021/12/6.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 280 x 280, 8-bit/color RGB, non-interlaced\012- data
Size
7.5 kB (7522 bytes)
Hash
056d0c279199af14b0edc6a10b3eccd3
d6d8e4d34144e1d65b54a1371339266044670eee
d2e6c150839a163d2db93a47d6c38104da452d01004ea447afa871827648db43

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/12/6.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/png
content-length: 7522
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 20 Jan 2022 19:57:16 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2021/12/7.png

192.124.249.15

200 OK

9.2 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2021/12/7.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 280 x 280, 8-bit/color RGB, non-interlaced\012- data
Size
9.2 kB (9199 bytes)
Hash
cb947f0c6aaef78d1e9e5e922dacb87e
0b574eca8ff924deafd0bab6058c42521dd61b87
f459a5a2508cca487d5ac689700c9e724caf2e54bdc8d6fc23af1024351eea5a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/12/7.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/png
content-length: 9199
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 20 Jan 2022 19:57:16 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2021/11/metric-bolt-logo-blue.png

192.124.249.15

200 OK

12 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2021/11/metric-bolt-logo-blue.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 350 x 116, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12274 bytes)
Hash
bc94ad6abed567bf100c05ac63d0fe0a
cf78da4f625f48901621cd0889f21dc6efe16591
59a1988d85f2d01bb6c156a53e12f0916944ede597c7067da5b4c485352c00a8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/11/metric-bolt-logo-blue.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/png
content-length: 12274
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 20 Jan 2022 19:56:48 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2022/06/metric-fasteners-suppliers.jpeg

192.124.249.15

200 OK

9.0 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2022/06/metric-fasteners-suppliers.jpeg
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1000, components 3\012- data
Size
9.0 kB (8980 bytes)
Hash
c2653842c5ea87ddb168e8723395f123
0cc62dd36023f3c010cde5f4ca2a3341db713de9
f28de1d5008cf78e0bfd17c5e4f9e3886f9c9812fe2fb3e4045733df166f6fdc

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/06/metric-fasteners-suppliers.jpeg HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/wp-content/uploads/elementor/css/post-7.css?ver=1665886948
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/jpeg
content-length: 8980
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 09 Jun 2022 01:19:26 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2022/06/metric-aircraft-hardware.jpeg

192.124.249.15

200 OK

9.8 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2022/06/metric-aircraft-hardware.jpeg
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1000, components 3\012- data
Size
9.8 kB (9754 bytes)
Hash
0d00b0c107cf02546d861e3abcbbcc44
accbd6e023668b6c9b77ddaabf44b9e571daba5f
07d8b5836fb6881ca0641030be1ceee18f9329614ca8176f33e7d550e4c44a64

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/06/metric-aircraft-hardware.jpeg HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/wp-content/uploads/elementor/css/post-7.css?ver=1665886948
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/jpeg
content-length: 9754
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 09 Jun 2022 01:32:38 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

192.124.249.15

200 OK

78 kB

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1666055533
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: font/woff2
content-length: 78196
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 17 Jun 2021 15:07:24 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10719
Expires: Tue, 25 Oct 2022 19:26:00 GMT
Date: Tue, 25 Oct 2022 16:27:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10719
Expires: Tue, 25 Oct 2022 19:26:00 GMT
Date: Tue, 25 Oct 2022 16:27:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10719
Expires: Tue, 25 Oct 2022 19:26:00 GMT
Date: Tue, 25 Oct 2022 16:27:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10719
Expires: Tue, 25 Oct 2022 19:26:00 GMT
Date: Tue, 25 Oct 2022 16:27:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10719
Expires: Tue, 25 Oct 2022 19:26:00 GMT
Date: Tue, 25 Oct 2022 16:27:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8090 bytes)
Hash
531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TkdgdFp1dXipnGokyVpkamtD5qLRUC7aNYJrX_OKkEujnQsplMsgXA==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 04:35:17 GMT
age: 42724
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9209 bytes)
Hash
89448f1a52030b28e9ecfcdc190787d4
5080ba75c230fd2b303f29a9b64868c6e8771df8
10a736997d441e274a54e9689c349d407087fef7aa7c0f4d0a7a603e446fdabd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: 94dad7b4-9c12-4bda-9202-3b7427185182
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aLiElGzEIAMFnOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e16e9-3c79cd392d5bc4312a730cda;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 03:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c5_B2RXKJx7FHrQvHdCG50zcDFWUqaaZu0GYuCxEI8fpK019dSlD3Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:32:19 GMT
age: 64502
etag: "5080ba75c230fd2b303f29a9b64868c6e8771df8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5662 bytes)
Hash
d0215d09b407ecfd690d63aee6a30add
d2e9a4cba5fc07d90f30a5bfc7efa91eea784f94
6147a16325e6c63e7e3acfde58a4cfcd04564ddd6df61835e6e563ec6e67aa3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5662
x-amzn-requestid: cb169868-462c-4083-af25-ca65cb2df563
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3EhH7SoAMFdeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054f-1635cae5575eed4a43607a11;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3AVj0cWeDVgo3DVqvDiofHw2sXlQVGFhijv3QOzs0vNruMXzx8pl2Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:57:04 GMT
etag: "d2e9a4cba5fc07d90f30a5bfc7efa91eea784f94"
content-type: image/jpeg
age: 66617
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4206 bytes)
Hash
3cf322f19151bcfa374c2e32b9ac986f
e8e69ac951def18bc1e03ecd4fe8a21d3b825b27
54ddfd1876f65e264b9b3209a0e805a3796013b4aacc8e9fd20b49754b4917a0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4206
x-amzn-requestid: 6b02f96a-ea03-4eff-acde-c73925260102
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3E3GPQoAMFpIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63570552-77cf762d0e54f1f60efe52c3;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:18 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jcuTYNKiYp8BkDnzo34tidRVmcFlE_xDfPGGgrUKfR67IfwGjFxceA==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:42:36 GMT
age: 67485
etag: "e8e69ac951def18bc1e03ecd4fe8a21d3b825b27"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8031 bytes)
Hash
6977b5f01197ed4e914157b59ce56c2a
0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2
98ed9be1f79f4d1ff9acd3dc22aa64f7e0218d7c4854fc7cb71e70dd341dd7ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8031
x-amzn-requestid: 39e6cba4-dc3b-4fe8-9f00-f9042b3dfb3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3D7E2SoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054c-541d3ed176c9176913844804;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: j3sV_Wswao5mW-vx2uno8kuZE0qTvTaJYVB8MeVi1dolnHblN_uYwQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:45:49 GMT
etag: "0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2"
content-type: image/jpeg
age: 67292
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8239 bytes)
Hash
b3e41dda631c7f2ee5e664d43e48af31
5a8579a70d8791a19e0192995c46594e242e864d
c26bec6c4527220272777fe7b3209d8726c94105955ef15f05a584bae50ae719

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: c37a1abe-9823-4181-a64f-5cc074cfdf2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3OeGxOoAMFtJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357058f-10c7cfed331c043e00a600e0;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:37:19 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: W3FmIxKlIU9N0kCfbiIqszSpbnmBk5gVmAOZ_w5e7a116zrKEeUpMw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:45:49 GMT
etag: "5a8579a70d8791a19e0192995c46594e242e864d"
content-type: image/jpeg
age: 67292
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2022/10/iso-fasteners.png

192.124.249.15

200 OK

20 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2022/10/iso-fasteners.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 362 x 362, 8-bit colormap, non-interlaced\012- data
Size
20 kB (19681 bytes)
Hash
870a20a4eef8e32fdf9847d8b51a89db
f41d8aaa2556171a8433de41253a194cd0e64454
b6968d8fe64136c72b487da85fa031f7124cb38dfdffaa6bd8b9e480c6d22ab3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/iso-fasteners.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/png
content-length: 19681
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 04 Oct 2022 21:58:54 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2022/10/dfars-compliant-fasteners.png

192.124.249.15

200 OK

34 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2022/10/dfars-compliant-fasteners.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 432 x 432, 8-bit colormap, non-interlaced\012- data
Size
34 kB (33823 bytes)
Hash
fcfeb9781619dfea9a6119c4176bbe17
7d61b894536b39c3275c78da229bfc8397a62ab3
d985a8cc44a103461b0afd9e1047d2143690c73cccc90e757076372e7dc7d5cd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/dfars-compliant-fasteners.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: image/png
content-length: 33823
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 04 Oct 2022 22:01:40 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2022/01/cropped-military-fasteners-florida-32x32.png

192.124.249.15

200 OK

1.3 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2022/01/cropped-military-fasteners-florida-32x32.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1338 bytes)
Hash
10970ebcc4f9e33593167fb0024dcf04
fd6729dd54a9702c080f71aa2abd49da426e9343
802df064d87ce6d979919fa524485c300d120f26bbbec8d800ee2792377c0ca5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/01/cropped-military-fasteners-florida-32x32.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:22 GMT
content-type: image/png
content-length: 1338
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Mon, 24 Jan 2022 20:16:49 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/uploads/2022/01/cropped-military-fasteners-florida-192x192.png

192.124.249.15

200 OK

12 kB

URL HTTP/2
www.metricbolt.com/wp-content/uploads/2022/01/cropped-military-fasteners-florida-192x192.png
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11985 bytes)
Hash
44a025ccad7458877da8d4aeb67506b7
dac47945ef751d30b9933bb23504d4aa0d190a73
f4e33db5a328b9037b7dc4325d5db9bcbcd63cc2af2b65f1ff96dee448785b2a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/01/cropped-military-fasteners-florida-192x192.png HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:22 GMT
content-type: image/png
content-length: 11985
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Mon, 24 Jan 2022 20:16:49 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11051 bytes)
Hash
1970a25715283fecf7a05a199bf4cae6
3a3005e722d2e89c9218c34ba283bbcde72e4bbc
624f6f86abe8c7cb8b24669851103baf152802c3ea915dcdea88ce984d468361

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11051
x-amzn-requestid: 2eef9564-c660-421d-aff6-40644b72ffa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFfupETyoAMF3qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634bacc3-48a6442d4ec030f50e8f8f13;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:03:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HgK4QTgdR6OSGV86ooPEJ0_jtGehzs1DHgeynAoCthtKlAAohrKVSg==
via: 1.1 912d83c7c9b4676eb19f09c9bfabda24.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:18:45 GMT
age: 65323
etag: "3a3005e722d2e89c9218c34ba283bbcde72e4bbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8

192.124.249.15

200 OK

0 B

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Sun, 02 Oct 2022 20:12:12 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.ttf?5.15.0

192.124.249.15

200 OK

0 B

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.ttf?5.15.0
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.ttf?5.15.0 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: font/ttf
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Mon, 01 Aug 2022 05:11:38 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.ttf

192.124.249.15

200 OK

0 B

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.ttf
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.ttf HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: font/ttf
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 17 Jun 2021 15:07:24 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0

192.124.249.15

200 OK

0 B

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: font/woff2
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Mon, 01 Aug 2022 05:11:38 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf

192.124.249.15

200 OK

0 B

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: font/ttf
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Thu, 17 Jun 2021 15:07:24 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=1666055533

192.124.249.15

200 OK

0 B

URL HTTP/2
www.metricbolt.com/wp-content/cache/min/1/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=1666055533
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=1666055533 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: text/css; charset=utf-8
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Tue, 18 Oct 2022 01:12:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff?5.15.0

192.124.249.15

200 OK

0 B

URL HTTP/2
www.metricbolt.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff?5.15.0
IP
192.124.249.15:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff?5.15.0 HTTP/1.1
Host: www.metricbolt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.metricbolt.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 16:27:21 GMT
content-type: font/woff
x-sucuri-id: 19015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests ;
last-modified: Mon, 01 Aug 2022 05:11:38 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations